[Résolu] Dialer, et autres conneries
Dernière réponse : dans Sécurité
Bonsoir,
J'en viens a vous, car je suis actuellement infesté de malwares. A ce que j'ai vu j'ai:
- Un dialer espagnol qui veut me connecter a un site X
- Winantivirus
- Drivecleaner
J'ai faiit un coup de CCleaner ne sans echec, Spybot, Adaware, Hijackthis, SmitfraudFix, KillBox, VundoFix.
Ce qui semble t'il a viré le Dialer![:bounce:]( ":bounce:")
. Mais le reste s'accroche.
Donc un Hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 20:55:20, on 04/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\Fichiers communs\{AC8C291D-081A-1036-0204-040310020021}\Update.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\lclock.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\DreamMail4\DM2005.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Rossifumi46\Bureau\blbeta.exe
G:\a graver\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.winlsd.org
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O3 - Toolbar: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 - Startup: DreamMail.lnk = C:\Program Files\DreamMail4\DM2005.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5695263-EA0E-41EA-8A47-5F6C8052815B}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
Un coup de SilentRunner
"Silent Runners.vbs", revision 49, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\
"{AC8C291D-081A-1036-0204-040310020021}" = ""C:\Program Files\Fichiers communs\{AC8C291D-081A-1036-0204-040310020021}\Update.exe" mc-110-12-0000272" [null data]
"{AC8C291D-081B-1036-0204-040310020021}" = ""C:\Program Files\Fichiers communs\{AC8C291D-081B-1036-0204-040310020021}\Update.exe" mc-110-12-0000272" [null data]
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"LClock" = "lclock.exe" [null data]
"MsnMsgr" = ""C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background" [MS]
"HomeAlarm" = "C:\Program Files\Chameleon Clock\ChamClock.exe" ["Softshape Dev."]
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"nod32kui" = ""C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE" ["Eset "]
"Logitech Hardware Abstraction Layer" = ""C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"" ["Logitech Inc."]
"LWBKEYBOARD" = "C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe" [empty string]
"ATICCC" = ""C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay" [null data]
"PestPatrol Control Center" = "C:\PROGRA~1\PESTPA~1\PPControl.exe" ["Computer Associates International"]
"Kernel and Hardware Abstraction Layer" = "KHALMNPR.EXE" ["Logitech Inc."]
"NeroFilterCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"]
"PPMemCheck" = "C:\PROGRA~1\PESTPA~1\PPMemCheck.exe" [null data]
"CookiePatrol" = "C:\PROGRA~1\PESTPA~1\CookiePatrol.exe" ["Computer Associates International"]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "AcroIEHlprObj Class"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{35F7813A-AF74-4474-B1DC-7EE6FB6C43C6}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\ogkioguv.dll" [null data]
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRA~1\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll" ["Sun Microsystems, Inc."]
{9ED7632A-0B58-46E7-8CC1-AA2B1AE16D35}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\vtstu.dll" [null data]
{B9FB4A23-494F-43F5-82F2-DE92CF8D0CA8}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\vtstu.dll" [null data]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Extension Affichage Panorama du Panneau de configuration"
-> {HKLM...CLSID} = "Extension Affichage Panorama du Panneau de configuration"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{B089FE88-FB52-11D3-BDF1-0050DA34150D}" = "NOD32 Context Menu Shell Extension"
-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]
"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" = "iTunes"
-> {HKLM...CLSID} = "iTunes"
\InProcServer32\(Default) = "C:\Program Files\iTunes\iTunesMiniPlayer.dll" ["Apple Computer, Inc."]
"{DC70C4A5-2044-4c59-B806-DEFB9AE0DF7C}" = "Logitech Setpoint Extension"
-> {HKLM...CLSID} = "KbLogiExt Class"
\InProcServer32\(Default) = "C:\Program Files\Logitech\SetPoint\kbcplext.dll" ["Logitech Inc."]
"{B9B9F083-2B04-452A-8691-83694AC1037B}" = "Logitech Setpoint Extension"
-> {HKLM...CLSID} = "LogiExt Class"
\InProcServer32\(Default) = "C:\Program Files\Logitech\SetPoint\mcplext.dll" ["Logitech Inc."]
"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders"
-> {HKLM...CLSID} = "Mes dossiers de partage"
\InProcServer32\(Default) = "C:\Program Files\MSN Messenger\fsshext.8.1.0106.00.dll" [MS]
"{29e3fb5b-cf62-45b5-b8bf-1ad500385fc7}" = "Shell Context Menu Handler for Application References"
-> {HKLM...CLSID} = "Shell Context Menu Handler for Application References"
\InProcServer32\(Default) = "C:\WINDOWS\system32\dfshim.dll" [MS]
"{29e3fb5b-cf62-45b5-b8bf-1ad500385fc6}" = "Shell Context Menu Handler for Application Manifests"
-> {HKLM...CLSID} = "Shell Context Menu Handler for Application Manifests"
\InProcServer32\(Default) = "C:\WINDOWS\system32\dfshim.dll" [MS]
"{5E2121EE-0300-11D4-8D3B-444553540000}" = "Catalyst Context Menu extension"
-> {HKLM...CLSID} = "SimpleShlExt Class"
\InProcServer32\(Default) = "C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll" [empty string]
"{FED7043D-346A-414D-ACD7-550D052499A7}" = "dBpowerAMP Music Converter 1"
-> {HKLM...CLSID} = "dBpShell Class"
\InProcServer32\(Default) = "C:\Program Files\Illustrate\dBpowerAMP\dBShell.dll" [empty string]
"{2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5}" = "dBpowerAMP Music Converter"
-> {HKLM...CLSID} = "dMCIShell Class"
\InProcServer32\(Default) = "C:\Program Files\Illustrate\dBpowerAMP\dMCShell.dll" [empty string]
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"
-> {HKLM...CLSID} = "Portable Media Devices Menu"
\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
-> {HKLM...CLSID} = "RealOne Player Context Menu Class"
\InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."]
"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"
-> {HKLM...CLSID} = "Microsoft Office Outlook"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~1\OFFICE11\MLSHEXT.DLL" [MS]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Outlook File Icon Extension"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~1\OFFICE11\OLKFSTUB.DLL" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS]
"{6DEA92E9-8682-4b6a-97DE-354772FE5727}" = "Autodesk DWF Preview"
-> {HKLM...CLSID} = "ACDWFTHMBPRXY"
\InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Autodesk Shared\AcDwfThmbPrxy16.dll" ["Autodesk"]
"{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" = "TuneUp Shredder Shell Extension"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\TuneUp Utilities 2006\SDShelEx-win32.dll" ["TuneUp Software GmbH"]
"{44440D00-FF19-4AFC-B765-9A0970567D97}" = "TuneUp Theme Extension"
-> {HKLM...CLSID} = "TuneUp Theme Extension"
\InProcServer32\(Default) = "C:\WINDOWS\system32\uxtuneup.dll" ["TuneUp Software GmbH"]
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
<<!>> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]
<<!>> vtstu\DLLName = "C:\WINDOWS\system32\vtstu.dll" [null data]
HKLM\Software\Classes\PROTOCOLS\Filter\
<<!>> text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]
HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]
{FED7043D-346A-414D-ACD7-550D052499A7}\(Default) = "dBpowerAMP Column Handler"
-> {HKLM...CLSID} = "dBpShell Class"
\InProcServer32\(Default) = "C:\Program Files\Illustrate\dBpowerAMP\dBShell.dll" [empty string]
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
NOD32 Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"
-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]
TuneUp Shredder Shell Extension\(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\TuneUp Utilities 2006\SDShelEx-win32.dll" ["TuneUp Software GmbH"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
TuneUp Shredder Shell Extension\(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\TuneUp Utilities 2006\SDShelEx-win32.dll" ["TuneUp Software GmbH"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
NOD32 Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"
-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------
Note: detected settings may not have any effect.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations\
"LowRiskFileTypes" = (REG_SZ) .zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;
{unrecognized setting}
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\
"SaveZoneInformation" = (REG_DWORD) hex:0x00000001
{unrecognized setting}
"HideZoneInfoOnProperties" = (REG_DWORD) hex:0x00000001
{unrecognized setting}
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\
"NoCDBurning" = (REG_DWORD) hex:0x00000001
{unrecognized setting}
"ForceClassicControlPanel" = (REG_DWORD) hex:0x00000001
{unrecognized setting}
"NoLowDiskSpaceChecks" = (REG_DWORD) hex:0x00000001
{unrecognized setting}
"ClearRecentDocsOnExit" = (REG_DWORD) hex:0x00000040
{unrecognized setting}
"NoSMBalloonTip" = (REG_DWORD) hex:0x00000000
{unrecognized setting}
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\
"History" = (REG_DWORD) hex:0x00000001
{unrecognized setting}
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\
"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Shutdown: Allow system to be shut down without having to log on}
"undockwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Devices: Allow undock without having to log on}
Active Desktop and Wallpaper:
-----------------------------
Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"
Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\Rossifumi46\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"
Enabled Screen Saver:
---------------------
HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\MINUSC~2.SCR" (Minuscule.02.scr) [empty string]
Startup items in "Rossifumi46" & "All Users" startup folders:
-------------------------------------------------------------
C:\Documents and Settings\Rossifumi46\Menu Démarrer\Programmes\Démarrage
"DreamMail" -> shortcut to: "C:\Program Files\DreamMail4\DM2005.exe -s" ["DreamStudio"]
"Stardock ObjectDock" -> shortcut to: "C:\Program Files\Stardock\ObjectDock\ObjectDock.exe" ["Stardock"]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
"Kaspersky Anti-Hacker" -> shortcut to: "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe /silence" ["Kaspersky Lab"]
"Logitech SetPoint" -> shortcut to: "C:\Program Files\Logitech\SetPoint\SetPoint.exe" ["Logitech Inc."]
Enabled Scheduled Tasks:
------------------------
"AppleSoftwareUpdate" -> launches: "C:\Program Files\Apple Software Update\SoftwareUpdate.exe -Task" ["Apple Computer, Inc."]
"Maintenance en 1 clic" -> launches: "C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe /schedulestart" ["TuneUp Software GmbH"]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
C:\WINDOWS\system32\imon.dll ["Eset "], 01 - 05, 11
%SystemRoot%\system32\mswsock.dll [MS], 06 - 08, 12 - 21
%SystemRoot%\system32\rsvpsp.dll [MS], 09 - 10
Toolbars, Explorer Bars, Extensions:
------------------------------------
Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\
HKLM\Software\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Rechercher"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL" [MS]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Console Java (Sun)"
"CLSIDExtension" = "{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in 1.5.0_09"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.5.0_09"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll" ["Sun Microsystems, Inc."]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
"ButtonText" = "Recherche"
Miscellaneous IE Hijack Points
------------------------------
C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings")
Added lines (compared with English-language version):
[Strings]: SAFESITE_VALUE="http://home.microsoft.com/intl/fr/"
Missing lines (compared with English-language version):
[Strings]: 1 line
HKLM\Software\Microsoft\Internet Explorer\AboutURLs\
<<H>> "TuneUp" = "file://C|/Documents and Settings/All Users/Application Data/TuneUp Software/Common/base.css" [file not found]
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."]
Autodesk Licensing Service, Autodesk Licensing Service, ""C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe"" ["Autodesk"]
Extension de conception TuneUp, UxTuneUp, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\uxtuneup.dll" ["TuneUp Software GmbH"]}
Machine Debug Manager, MDM, ""C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE"" [MS]
NOD32 Kernel Service, NOD32krn, ""C:\Program Files\Eset\nod32krn.exe"" ["Eset "]
RaySat_3dsmax8 Server, mi-raysat_3dsmax8, ""C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe"" [null data]
Service Messenger Sharing Folders USN Journal Reader, usnjsvc, ""C:\Program Files\MSN Messenger\usnsvc.exe"" [MS]
Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS]
Print Monitors:
---------------
HKLM\System\CurrentControlSet\Control\Print\Monitors\
Microsoft Document Imaging Writer Monitor\Driver = "mdimon.dll" [MS]
----------
<<!>>: Suspicious data at a malware launch point.
<<H>>: Suspicious data at a browser hijack point.
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 114 seconds, including 2 seconds for message boxes)
Et Backlight
12/04/06 20:50:37 [Info]: BlackLight Engine 1.0.47 initialized
12/04/06 20:50:37 [Info]: OS: 5.1 build 2600 (Service Pack 2)
12/04/06 20:50:38 [Note]: 7019 4
12/04/06 20:50:38 [Note]: 7005 0
12/04/06 20:50:42 [Note]: 7006 0
12/04/06 20:50:42 [Note]: 7011 1668
12/04/06 20:50:42 [Note]: 7026 0
12/04/06 20:50:42 [Note]: 7026 0
12/04/06 20:50:53 [Note]: FSRAW library version 1.7.1020
12/04/06 20:56:32 [Note]: 2000 1012
12/04/06 20:56:32 [Note]: 2000 1012
12/04/06 20:56:32 [Note]: 2000 1012
12/04/06 20:56:32 [Note]: 2000 1012
12/04/06 20:56:32 [Note]: 2000 1012
12/04/06 20:56:32 [Note]: 2000 1012
12/04/06 20:57:56 [Note]: 7007 0
VOila , merci beaucoup ;-)
J'en viens a vous, car je suis actuellement infesté de malwares. A ce que j'ai vu j'ai:
- Un dialer espagnol qui veut me connecter a un site X
- Winantivirus
- Drivecleaner
J'ai faiit un coup de CCleaner ne sans echec, Spybot, Adaware, Hijackthis, SmitfraudFix, KillBox, VundoFix.
Ce qui semble t'il a viré le Dialer
. Mais le reste s'accroche.Donc un Hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 20:55:20, on 04/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\Fichiers communs\{AC8C291D-081A-1036-0204-040310020021}\Update.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\lclock.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\DreamMail4\DM2005.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Rossifumi46\Bureau\blbeta.exe
G:\a graver\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.winlsd.org
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O3 - Toolbar: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 - Startup: DreamMail.lnk = C:\Program Files\DreamMail4\DM2005.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5695263-EA0E-41EA-8A47-5F6C8052815B}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
Un coup de SilentRunner
"Silent Runners.vbs", revision 49, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\
"{AC8C291D-081A-1036-0204-040310020021}" = ""C:\Program Files\Fichiers communs\{AC8C291D-081A-1036-0204-040310020021}\Update.exe" mc-110-12-0000272" [null data]
"{AC8C291D-081B-1036-0204-040310020021}" = ""C:\Program Files\Fichiers communs\{AC8C291D-081B-1036-0204-040310020021}\Update.exe" mc-110-12-0000272" [null data]
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"LClock" = "lclock.exe" [null data]
"MsnMsgr" = ""C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background" [MS]
"HomeAlarm" = "C:\Program Files\Chameleon Clock\ChamClock.exe" ["Softshape Dev."]
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"nod32kui" = ""C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE" ["Eset "]
"Logitech Hardware Abstraction Layer" = ""C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"" ["Logitech Inc."]
"LWBKEYBOARD" = "C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe" [empty string]
"ATICCC" = ""C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay" [null data]
"PestPatrol Control Center" = "C:\PROGRA~1\PESTPA~1\PPControl.exe" ["Computer Associates International"]
"Kernel and Hardware Abstraction Layer" = "KHALMNPR.EXE" ["Logitech Inc."]
"NeroFilterCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"]
"PPMemCheck" = "C:\PROGRA~1\PESTPA~1\PPMemCheck.exe" [null data]
"CookiePatrol" = "C:\PROGRA~1\PESTPA~1\CookiePatrol.exe" ["Computer Associates International"]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "AcroIEHlprObj Class"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{35F7813A-AF74-4474-B1DC-7EE6FB6C43C6}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\ogkioguv.dll" [null data]
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRA~1\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll" ["Sun Microsystems, Inc."]
{9ED7632A-0B58-46E7-8CC1-AA2B1AE16D35}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\vtstu.dll" [null data]
{B9FB4A23-494F-43F5-82F2-DE92CF8D0CA8}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\vtstu.dll" [null data]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Extension Affichage Panorama du Panneau de configuration"
-> {HKLM...CLSID} = "Extension Affichage Panorama du Panneau de configuration"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{B089FE88-FB52-11D3-BDF1-0050DA34150D}" = "NOD32 Context Menu Shell Extension"
-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]
"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" = "iTunes"
-> {HKLM...CLSID} = "iTunes"
\InProcServer32\(Default) = "C:\Program Files\iTunes\iTunesMiniPlayer.dll" ["Apple Computer, Inc."]
"{DC70C4A5-2044-4c59-B806-DEFB9AE0DF7C}" = "Logitech Setpoint Extension"
-> {HKLM...CLSID} = "KbLogiExt Class"
\InProcServer32\(Default) = "C:\Program Files\Logitech\SetPoint\kbcplext.dll" ["Logitech Inc."]
"{B9B9F083-2B04-452A-8691-83694AC1037B}" = "Logitech Setpoint Extension"
-> {HKLM...CLSID} = "LogiExt Class"
\InProcServer32\(Default) = "C:\Program Files\Logitech\SetPoint\mcplext.dll" ["Logitech Inc."]
"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders"
-> {HKLM...CLSID} = "Mes dossiers de partage"
\InProcServer32\(Default) = "C:\Program Files\MSN Messenger\fsshext.8.1.0106.00.dll" [MS]
"{29e3fb5b-cf62-45b5-b8bf-1ad500385fc7}" = "Shell Context Menu Handler for Application References"
-> {HKLM...CLSID} = "Shell Context Menu Handler for Application References"
\InProcServer32\(Default) = "C:\WINDOWS\system32\dfshim.dll" [MS]
"{29e3fb5b-cf62-45b5-b8bf-1ad500385fc6}" = "Shell Context Menu Handler for Application Manifests"
-> {HKLM...CLSID} = "Shell Context Menu Handler for Application Manifests"
\InProcServer32\(Default) = "C:\WINDOWS\system32\dfshim.dll" [MS]
"{5E2121EE-0300-11D4-8D3B-444553540000}" = "Catalyst Context Menu extension"
-> {HKLM...CLSID} = "SimpleShlExt Class"
\InProcServer32\(Default) = "C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll" [empty string]
"{FED7043D-346A-414D-ACD7-550D052499A7}" = "dBpowerAMP Music Converter 1"
-> {HKLM...CLSID} = "dBpShell Class"
\InProcServer32\(Default) = "C:\Program Files\Illustrate\dBpowerAMP\dBShell.dll" [empty string]
"{2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5}" = "dBpowerAMP Music Converter"
-> {HKLM...CLSID} = "dMCIShell Class"
\InProcServer32\(Default) = "C:\Program Files\Illustrate\dBpowerAMP\dMCShell.dll" [empty string]
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"
-> {HKLM...CLSID} = "Portable Media Devices Menu"
\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
-> {HKLM...CLSID} = "RealOne Player Context Menu Class"
\InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."]
"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"
-> {HKLM...CLSID} = "Microsoft Office Outlook"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~1\OFFICE11\MLSHEXT.DLL" [MS]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Outlook File Icon Extension"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~1\OFFICE11\OLKFSTUB.DLL" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS]
"{6DEA92E9-8682-4b6a-97DE-354772FE5727}" = "Autodesk DWF Preview"
-> {HKLM...CLSID} = "ACDWFTHMBPRXY"
\InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Autodesk Shared\AcDwfThmbPrxy16.dll" ["Autodesk"]
"{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" = "TuneUp Shredder Shell Extension"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\TuneUp Utilities 2006\SDShelEx-win32.dll" ["TuneUp Software GmbH"]
"{44440D00-FF19-4AFC-B765-9A0970567D97}" = "TuneUp Theme Extension"
-> {HKLM...CLSID} = "TuneUp Theme Extension"
\InProcServer32\(Default) = "C:\WINDOWS\system32\uxtuneup.dll" ["TuneUp Software GmbH"]
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
<<!>> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]
<<!>> vtstu\DLLName = "C:\WINDOWS\system32\vtstu.dll" [null data]
HKLM\Software\Classes\PROTOCOLS\Filter\
<<!>> text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]
HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]
{FED7043D-346A-414D-ACD7-550D052499A7}\(Default) = "dBpowerAMP Column Handler"
-> {HKLM...CLSID} = "dBpShell Class"
\InProcServer32\(Default) = "C:\Program Files\Illustrate\dBpowerAMP\dBShell.dll" [empty string]
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
NOD32 Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"
-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]
TuneUp Shredder Shell Extension\(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\TuneUp Utilities 2006\SDShelEx-win32.dll" ["TuneUp Software GmbH"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
TuneUp Shredder Shell Extension\(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\TuneUp Utilities 2006\SDShelEx-win32.dll" ["TuneUp Software GmbH"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
NOD32 Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"
-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------
Note: detected settings may not have any effect.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations\
"LowRiskFileTypes" = (REG_SZ) .zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;
{unrecognized setting}
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\
"SaveZoneInformation" = (REG_DWORD) hex:0x00000001
{unrecognized setting}
"HideZoneInfoOnProperties" = (REG_DWORD) hex:0x00000001
{unrecognized setting}
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\
"NoCDBurning" = (REG_DWORD) hex:0x00000001
{unrecognized setting}
"ForceClassicControlPanel" = (REG_DWORD) hex:0x00000001
{unrecognized setting}
"NoLowDiskSpaceChecks" = (REG_DWORD) hex:0x00000001
{unrecognized setting}
"ClearRecentDocsOnExit" = (REG_DWORD) hex:0x00000040
{unrecognized setting}
"NoSMBalloonTip" = (REG_DWORD) hex:0x00000000
{unrecognized setting}
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\
"History" = (REG_DWORD) hex:0x00000001
{unrecognized setting}
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\
"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Shutdown: Allow system to be shut down without having to log on}
"undockwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Devices: Allow undock without having to log on}
Active Desktop and Wallpaper:
-----------------------------
Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"
Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\Rossifumi46\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"
Enabled Screen Saver:
---------------------
HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\MINUSC~2.SCR" (Minuscule.02.scr) [empty string]
Startup items in "Rossifumi46" & "All Users" startup folders:
-------------------------------------------------------------
C:\Documents and Settings\Rossifumi46\Menu Démarrer\Programmes\Démarrage
"DreamMail" -> shortcut to: "C:\Program Files\DreamMail4\DM2005.exe -s" ["DreamStudio"]
"Stardock ObjectDock" -> shortcut to: "C:\Program Files\Stardock\ObjectDock\ObjectDock.exe" ["Stardock"]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
"Kaspersky Anti-Hacker" -> shortcut to: "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe /silence" ["Kaspersky Lab"]
"Logitech SetPoint" -> shortcut to: "C:\Program Files\Logitech\SetPoint\SetPoint.exe" ["Logitech Inc."]
Enabled Scheduled Tasks:
------------------------
"AppleSoftwareUpdate" -> launches: "C:\Program Files\Apple Software Update\SoftwareUpdate.exe -Task" ["Apple Computer, Inc."]
"Maintenance en 1 clic" -> launches: "C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe /schedulestart" ["TuneUp Software GmbH"]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
C:\WINDOWS\system32\imon.dll ["Eset "], 01 - 05, 11
%SystemRoot%\system32\mswsock.dll [MS], 06 - 08, 12 - 21
%SystemRoot%\system32\rsvpsp.dll [MS], 09 - 10
Toolbars, Explorer Bars, Extensions:
------------------------------------
Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\
HKLM\Software\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Rechercher"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL" [MS]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Console Java (Sun)"
"CLSIDExtension" = "{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in 1.5.0_09"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.5.0_09"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll" ["Sun Microsystems, Inc."]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
"ButtonText" = "Recherche"
Miscellaneous IE Hijack Points
------------------------------
C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings")
Added lines (compared with English-language version):
[Strings]: SAFESITE_VALUE="http://home.microsoft.com/intl/fr/"
Missing lines (compared with English-language version):
[Strings]: 1 line
HKLM\Software\Microsoft\Internet Explorer\AboutURLs\
<<H>> "TuneUp" = "file://C|/Documents and Settings/All Users/Application Data/TuneUp Software/Common/base.css" [file not found]
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."]
Autodesk Licensing Service, Autodesk Licensing Service, ""C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe"" ["Autodesk"]
Extension de conception TuneUp, UxTuneUp, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\uxtuneup.dll" ["TuneUp Software GmbH"]}
Machine Debug Manager, MDM, ""C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE"" [MS]
NOD32 Kernel Service, NOD32krn, ""C:\Program Files\Eset\nod32krn.exe"" ["Eset "]
RaySat_3dsmax8 Server, mi-raysat_3dsmax8, ""C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe"" [null data]
Service Messenger Sharing Folders USN Journal Reader, usnjsvc, ""C:\Program Files\MSN Messenger\usnsvc.exe"" [MS]
Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS]
Print Monitors:
---------------
HKLM\System\CurrentControlSet\Control\Print\Monitors\
Microsoft Document Imaging Writer Monitor\Driver = "mdimon.dll" [MS]
----------
<<!>>: Suspicious data at a malware launch point.
<<H>>: Suspicious data at a browser hijack point.
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 114 seconds, including 2 seconds for message boxes)
Et Backlight
12/04/06 20:50:37 [Info]: BlackLight Engine 1.0.47 initialized
12/04/06 20:50:37 [Info]: OS: 5.1 build 2600 (Service Pack 2)
12/04/06 20:50:38 [Note]: 7019 4
12/04/06 20:50:38 [Note]: 7005 0
12/04/06 20:50:42 [Note]: 7006 0
12/04/06 20:50:42 [Note]: 7011 1668
12/04/06 20:50:42 [Note]: 7026 0
12/04/06 20:50:42 [Note]: 7026 0
12/04/06 20:50:53 [Note]: FSRAW library version 1.7.1020
12/04/06 20:56:32 [Note]: 2000 1012
12/04/06 20:56:32 [Note]: 2000 1012
12/04/06 20:56:32 [Note]: 2000 1012
12/04/06 20:56:32 [Note]: 2000 1012
12/04/06 20:56:32 [Note]: 2000 1012
12/04/06 20:56:32 [Note]: 2000 1012
12/04/06 20:57:56 [Note]: 7007 0
VOila , merci beaucoup ;-)
Autres pages sur : resolu dialer conneries
Lassé par la pub ? Créez un compte
Bonsoir,
Pas de ligne 02 et de ligne 020...
Ca pu le Vundo.
-- Clique Droit sur Hijackthis.exe :
-> Choisis "Renommer"
-> Tape Scanner.exe puis valide.
- Lance l'application
- Choisis l'option "Do a system scan and save a logfile"
-- Le Bloc-Notes s'ouvre :
-> Edition / Sélectionner Tout
-> Edition / Copier
- Colle le rapport ici.
AIDE : Tuto sur Hijackthis (Malekal)
Pas de ligne 02 et de ligne 020...
Ca pu le Vundo.
-- Clique Droit sur Hijackthis.exe :
-> Choisis "Renommer"
-> Tape Scanner.exe puis valide.
- Lance l'application
- Choisis l'option "Do a system scan and save a logfile"
-- Le Bloc-Notes s'ouvre :
-> Edition / Sélectionner Tout
-> Edition / Copier
- Colle le rapport ici.
AIDE : Tuto sur Hijackthis (Malekal)
Hum, tite question en passant, a quoi ca sert de renommer en scanner ?
Sinon le log:
Logfile of HijackThis v1.99.1
Scan saved at 21:27:58, on 04/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\Fichiers communs\{AC8C291D-081A-1036-0204-040310020021}\Update.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\lclock.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\DreamMail4\DM2005.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
G:\a graver\Scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.winlsd.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - C:\WINDOWS\system32\ogkioguv.dll
O2 - BHO: (no name) - {501BBD0E-75A7-430B-A05C-61AF08253A75} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {9ED7632A-0B58-46E7-8CC1-AA2B1AE16D35} - C:\WINDOWS\system32\vtstu.dll
O2 - BHO: (no name) - {B9FB4A23-494F-43F5-82F2-DE92CF8D0CA8} - C:\WINDOWS\system32\vtstu.dll
O3 - Toolbar: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 - Startup: DreamMail.lnk = C:\Program Files\DreamMail4\DM2005.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5695263-EA0E-41EA-8A47-5F6C8052815B}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: vtstu - C:\WINDOWS\system32\vtstu.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
Et le Vundo, j'ai trouvé ca sur ce forum dans un sujet identique a mon blemes ;-). Et ca m'a semble t'il viré le dialer.
Sinon le log:
Logfile of HijackThis v1.99.1
Scan saved at 21:27:58, on 04/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\Fichiers communs\{AC8C291D-081A-1036-0204-040310020021}\Update.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\lclock.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\DreamMail4\DM2005.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
G:\a graver\Scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.winlsd.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - C:\WINDOWS\system32\ogkioguv.dll
O2 - BHO: (no name) - {501BBD0E-75A7-430B-A05C-61AF08253A75} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {9ED7632A-0B58-46E7-8CC1-AA2B1AE16D35} - C:\WINDOWS\system32\vtstu.dll
O2 - BHO: (no name) - {B9FB4A23-494F-43F5-82F2-DE92CF8D0CA8} - C:\WINDOWS\system32\vtstu.dll
O3 - Toolbar: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 - Startup: DreamMail.lnk = C:\Program Files\DreamMail4\DM2005.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5695263-EA0E-41EA-8A47-5F6C8052815B}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: vtstu - C:\WINDOWS\system32\vtstu.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
Et le Vundo, j'ai trouvé ca sur ce forum dans un sujet identique a mon blemes ;-). Et ca m'a semble t'il viré le dialer.
Re,
Télécharge ce fichier Combofix.exe
et sauvegarde le sur ton bureau et pas ailleurs !
Clique sur le menu Démarrer puis executer et copie/colle ceci :
"%userprofile%\Bureau\combofix.exe" /v vtstu
puis clic sur OK.
Suis les invites.
Ne touche a rien et attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
Télécharge ce fichier Combofix.exe
et sauvegarde le sur ton bureau et pas ailleurs !
Clique sur le menu Démarrer puis executer et copie/colle ceci :
"%userprofile%\Bureau\combofix.exe" /v vtstu
puis clic sur OK.
Suis les invites.
Ne touche a rien et attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
VOila le Log:
Rossifumi46 - 06-12-04 23:55:46,93 Service Pack 2
ComboFix 06.11.27W - Running from: "C:\Documents and Settings\Rossifumi46\Bureau"
Command switches used :: /v vtstu
(((((((((((((((((((((((((((((((((((((((((((((((( Vundo Log )))))))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\vtstu.dll
C:\WINDOWS\system32\utstv.bak1
C:\WINDOWS\system32\utstv.bak2
C:\WINDOWS\system32\utstv.ini
C:\WINDOWS\system32\utstv.ini2
C:\WINDOWS\system32\utstv.tmp
* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\components
C:\Program Files\Fichiers communs\{3C8C291D-081A-1036-0204-040310020021}
C:\Program Files\Fichiers communs\{3C8C291D-081B-1036-0204-040310020021}
C:\Program Files\Fichiers communs\{AC8C291D-081B-1036-0204-040310020021}
C:\Program Files\Fichiers communs\{AC8C291D-081A-1036-0204-040310020021}
((((((((((((((((((((((((((((((( Files Created from 2006-11-04 to 2006-12-04 ))))))))))))))))))))))))))))))))))
2006-12-04 21:31 <REP> d--hs---- C:\Config.Msi
2006-12-04 20:35 <REP> dr-h----- C:\Documents and Settings\Rossifumi46\Recent
2006-12-04 19:47 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\TuneUp Software
2006-12-04 19:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2006-12-04 11:48 34,308 --a------ C:\WINDOWS\system32\BASSMOD.dll
2006-12-04 11:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2006-12-04 11:15 <REP> d-------- C:\VundoFix Backups
2006-12-04 11:07 2,672 --a------ C:\WINDOWS\system32\tmp.reg
2006-12-04 10:51 <REP> d-------- C:\Program Files\CCleaner
2006-12-04 10:29 <REP> d-------- C:\WINDOWS\system32\SoftwareDistribution
2006-12-03 21:35 <REP> d-------- C:\Program Files\iTunes
2006-12-03 21:35 <REP> d-------- C:\Program Files\iPod
2006-12-03 21:29 40,973 ---hs---- C:\WINDOWS\system32\opnlkjh.dll
2006-12-03 21:24 <REP> d-------- C:\Program Files\Apple Software Update
2006-12-03 21:08 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2006-12-03 21:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2006-12-03 21:06 <REP> d-------- C:\Program Files\Lavasoft
2006-12-03 21:06 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\Lavasoft
2006-12-03 20:52 <REP> d-------- C:\Program Files\RegCleaner
2006-12-03 12:24 42,516 --a------ C:\WINDOWS\system32\ogkioguv.dll
2006-12-03 12:23 88,340 --a------ C:\WINDOWS\system32\awdpsorw.exe
2006-12-03 12:18 40,973 ---hs---- C:\WINDOWS\system32\vtuusrr.dll
2006-12-03 12:11 <REP> d-------- C:\Program Files\Chameleon Clock
2006-12-03 10:28 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\RapidGet
2006-12-02 14:10 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2006-12-02 14:10 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
2006-12-02 14:10 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2006-12-02 14:09 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2006-12-02 14:09 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2006-12-02 14:09 51,328 --a------ C:\WINDOWS\system32\drivers\msdv.sys
2006-12-02 14:09 48,128 --a------ C:\WINDOWS\system32\drivers\61883.sys
2006-12-02 14:09 38,912 --a------ C:\WINDOWS\system32\drivers\avc.sys
2006-12-02 14:09 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2006-12-02 14:09 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2006-12-02 14:09 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
2006-12-02 14:09 <REP> d-------- C:\Program Files\Movie Maker
2006-12-01 17:15 98,304 --a------ C:\WINDOWS\system32\PSCLU113.dll
2006-12-01 17:15 53,248 --a------ C:\WINDOWS\system32\pscND113.exe
2006-12-01 17:15 49,152 --a------ C:\WINDOWS\system32\pscVSWIA.dll
2006-12-01 17:15 356,352 --a------ C:\WINDOWS\system32\pscUD113.dll
2006-12-01 17:15 <REP> d-------- C:\Program Files\Canon
2006-12-01 17:14 305,664 --a------ C:\WINDOWS\IsUn040c.exe
2006-12-01 17:14 <REP> d-------- C:\Documents and Settings\Rossifumi46\WINDOWS
2006-11-30 11:44 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2006-11-30 11:43 <REP> d-------- C:\Program Files\ASIO4ALL v2
2006-11-30 11:42 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2006-11-30 11:41 39,552 --a------ C:\WINDOWS\system32\drivers\hdjmidi.sys
2006-11-30 11:41 39,424 --a------ C:\WINDOWS\system32\HDJSAPI.dll
2006-11-30 11:41 17,408 --a------ C:\WINDOWS\system32\HDJCProp.DLL
2006-11-30 11:41 11,008 --a------ C:\WINDOWS\system32\drivers\HDJCTRL.sys
2006-11-30 11:41 106,496 --a------ C:\WINDOWS\system32\GUStrLib.dll
2006-11-30 11:41 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2006-11-30 11:41 <REP> d-------- C:\Program Files\Hercules
2006-11-30 11:41 <REP> d-------- C:\Program Files\Guillemot
2006-11-30 11:35 <REP> d-------- C:\Program Files\VirtualDJ
2006-11-30 10:54 578,599 --a------ C:\WINDOWS\Minuscule.02.scr
2006-11-30 10:54 <REP> d-------- C:\Program Files\Minuscule.02
2006-11-29 19:09 400,134 --a------ C:\WINDOWS\Minuscule.03.scr
2006-11-29 19:09 <REP> d-------- C:\WINDOWS\system32\appmgmt
2006-11-28 15:06 <REP> d-------- C:\Program Files\IrfanView
2006-11-28 15:00 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2006-11-28 15:00 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2006-11-28 15:00 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2006-11-28 00:50 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\AdobeUM
2006-11-27 18:08 <REP> d-------- C:\Program Files\eMule
2006-11-27 17:32 <REP> d--h----- C:\WINDOWS\system32\GroupPolicy
2006-11-26 22:24 <REP> d-------- C:\WINDOWS\pss
2006-11-26 13:33 <REP> d-------- C:\Documents and Settings\Rossifumi46\amsn_received
2006-11-26 13:33 <REP> d-------- C:\Documents and Settings\Rossifumi46\amsn
2006-11-26 13:27 <REP> d-------- C:\Program Files\amsn
2006-11-26 13:05 102,400 --a------ C:\WINDOWS\system32\tsccvid.dll
2006-11-26 13:05 <REP> d-------- C:\WINDOWS\system32\QuickTime
2006-11-26 13:04 <REP> d-------- C:\Program Files\TechSmith
2006-11-26 12:08 <REP> d-------- C:\Program Files\PhotoFiltre
2006-11-25 21:40 210,944 --a------ C:\WINDOWS\system32\MSVCRT10.DLL
2006-11-25 21:38 <REP> d-------- C:\WINDOWS\Sun
2006-11-25 21:38 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\Sun
2006-11-25 21:36 <REP> d-------- C:\Program Files\Java
2006-11-25 21:36 <REP> d-------- C:\Program Files\Fichiers communs\Java
2006-11-25 17:08 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\Media Player Classic
2006-11-25 14:14 <REP> d-------- C:\WINDOWS\system32\DllCache
2006-11-25 14:14 <REP> d-------- C:\Program Files\Media Player Classic
2006-11-25 13:43 60,416 --a------ C:\WINDOWS\ALCFDRTM.EXE
2006-11-25 13:41 69,632 --a------ C:\WINDOWS\Alcmtr.exe
2006-11-25 12:20 331,184 --------- C:\WINDOWS\system32\difxapi.dll
2006-11-25 12:20 203,648 --a------ C:\WINDOWS\system32\drivers\vinyl97.sys
2006-11-25 12:08 <REP> d-------- C:\Program Files\Lavalys
2006-11-24 22:51 <REP> d-------- C:\Program Files\DreamMail4
2006-11-24 22:10 <REP> d-------- C:\Program Files\Realtek AC97
2006-11-24 22:08 5,504 --------- C:\WINDOWS\system32\drivers\imagedrv.sys
2006-11-24 22:08 125,184 --------- C:\WINDOWS\system32\drivers\imagesrv.sys
2006-11-24 22:07 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2006-11-24 22:07 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2006-11-24 22:07 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2006-11-24 22:07 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2006-11-24 22:07 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2006-11-24 22:07 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2006-11-24 22:07 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
2006-11-24 22:07 <REP> d-------- C:\Program Files\Ahead
2006-11-24 21:55 <REP> d-------- C:\WINDOWS\system32\Lang
2006-11-24 20:46 <REP> d-------- C:\Program Files\SLD Codec Pack
2006-11-24 19:55 <REP> d-------- C:\Program Files\Fichiers communs\ChaosGroup
2006-11-24 19:55 <REP> d-------- C:\Program Files\Chaos Group
2006-11-24 19:51 974,848 --a------ C:\WINDOWS\system32\mfc70.dll
2006-11-24 19:51 487,424 --a------ C:\WINDOWS\system32\msvcp70.dll
2006-11-24 19:51 344,064 --a------ C:\WINDOWS\system32\msvcr70.dll
2006-11-24 19:51 <REP> d-------- C:\Program Files\Fichiers communs\Macromedia Shared
2006-11-24 19:50 <REP> d-------- C:\Program Files\Fichiers communs\Macromedia
2006-11-24 19:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Autodesk
2006-11-24 19:47 <REP> d-------- C:\Program Files\Macromedia
2006-11-24 19:45 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2006-11-24 19:45 <REP> d-------- C:\WINDOWS\system32\DirectX
2006-11-24 19:45 <REP> d-------- C:\Program Files\Fichiers communs\Autodesk Shared
2006-11-24 19:45 <REP> d-------- C:\Program Files\Autodesk
2006-11-24 19:39 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2006-11-24 19:37 <REP> d-------- C:\Program Files\Fichiers communs\DESIGNER
2006-11-24 19:36 <REP> d-------- C:\WINDOWS\SHELLNEW
2006-11-24 19:36 <REP> d-------- C:\Program Files\Microsoft.NET
2006-11-24 19:36 <REP> d-------- C:\Program Files\Microsoft Works
2006-11-24 19:36 <REP> d-------- C:\Program Files\Microsoft Visual Studio
2006-11-24 19:36 <REP> d-------- C:\Program Files\Microsoft Office
2006-11-24 19:26 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\Macromedia
2006-11-24 19:12 <REP> d-------- C:\Documents and Settings\Rossifumi46\Contacts
2006-11-24 19:01 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\Adobe
2006-11-24 18:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2006-11-24 18:53 <REP> d-------- C:\Program Files\Fichiers communs\Adobe Systems Shared
2006-11-24 18:47 <REP> d-------- C:\Program Files\Real
2006-11-24 18:47 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
2006-11-24 18:47 <REP> d-------- C:\Program Files\Fichiers communs\Real
2006-11-24 18:46 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\Real
2006-11-24 18:44 <REP> d-------- C:\Program Files\PestPatrol
2006-11-24 18:41 <REP> d--hs---- C:\RECYCLER
2006-11-24 18:40 <REP> d-------- C:\Program Files\Stardock
2006-11-24 18:40 <REP> d-------- C:\Program Files\Fichiers communs\Stardock
2006-11-24 18:37 20,640 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys
2006-11-24 18:37 <REP> d-------- C:\Program Files\Winamp
2006-11-24 18:37 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\Winamp
2006-11-24 18:35 <REP> d-------- C:\Program Files\Kaspersky Lab
2006-11-24 18:35 <REP> d-------- C:\Program Files\Fichiers communs\Kaspersky Lab
2006-11-24 18:35 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2006-11-24 18:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2006-11-24 18:34 <REP> d-------- C:\Program Files\Adobe
2006-11-24 18:30 <REP> d-------- C:\WINDOWS\RegisteredPackages
2006-11-24 18:28 <REP> d-------- C:\Program Files\Illustrate
2006-11-24 18:18 61,440 --a------ C:\WINDOWS\system32\vuins32.dll
2006-11-24 18:18 43,008 --a------ C:\WINDOWS\system32\drivers\fetnd5bv.sys
2006-11-24 18:18 <REP> d-------- C:\WINDOWS\vnDrvBas
2006-11-24 18:16 9,728 -ra------ C:\WINDOWS\system32\drivers\videX32.sys
2006-11-24 18:16 11,264 -ra------ C:\WINDOWS\system32\drivers\xfilt.sys
2006-11-24 18:15 <REP> d-------- C:\Program Files\VIA
2006-11-24 18:14 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2006-11-24 18:14 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2006-11-24 18:14 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2006-11-24 18:14 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2006-11-24 18:13 9,196,032 --------- C:\WINDOWS\system32\RTLCPL.exe
2006-11-24 18:13 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2006-11-24 18:13 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2006-11-24 18:13 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2006-11-24 18:13 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2006-11-24 18:13 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2006-11-24 18:13 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2006-11-24 18:13 208,896 --------- C:\WINDOWS\alcupd.exe
2006-11-24 18:13 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2006-11-24 18:13 2,279,424 --a------ C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2006-11-24 18:13 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2006-11-24 18:13 156,672 --------- C:\WINDOWS\system32\RtlCPAPI.dll
2006-11-24 18:13 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2006-11-24 18:13 139,264 --------- C:\WINDOWS\alcrmv.exe
2006-11-24 18:02 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\ATI
2006-11-24 13:39 <REP> dr--s---- C:\WINDOWS\Fonts
2006-11-24 13:39 <REP> d--hs---- C:\WINDOWS\..
2006-11-24 13:39 <REP> d--h----- C:\WINDOWS\inf
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\WinSxS
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Web
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\twain_32
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Temp
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\wins
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\wbem
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\usmt
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\spool
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\ShellExt
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\Setup
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\ras
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\oobe
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\npp
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\mui
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\inetsrv
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\IME
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\icsxml
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\ias
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\export
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\drivers\etc
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\drivers\disdn
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\drivers\..
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\drivers\.
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\drivers
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\dhcp
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\config
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\3com_dmi
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\3076
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\2052
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\1054
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\1042
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\1041
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\1037
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\1036
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\1033
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\1031
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\1028
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\1025
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\..
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\.
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system\..
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system\.
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\security
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Resources
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\repair
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Provisioning
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\PeerNet
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\pchealth
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\mui
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\msapps
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\msagent
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Media
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\java
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\ime
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Help
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\ehome
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Driver Cache
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Debug
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Cursors
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Connection Wizard
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Config
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\AppPatch
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\addins
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\.
2006-11-24 13:39 <REP> d-------- C:\WINDOWS
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-04 23:58 -------- d-------- C:\Program Files\Fichiers communs
2006-12-04 22:22 -------- d-------- C:\Program Files\Mozilla Firefox
2006-12-04 19:59 -------- d-------- C:\Program Files\MSN Messenger
2006-12-04 11:33 -------- d-------- C:\Program Files\Windows Media Player
2006-12-04 11:26 -------- d-------- C:\Program Files\Internet Explorer
2006-12-04 11:17 -------- d-------- C:\Program Files\Outlook Express
2006-12-04 11:17 -------- d-------- C:\Program Files\Fichiers communs\System
2006-12-03 21:33 -------- d-------- C:\Program Files\QuickTime
2006-12-03 15:22 -------- d-------- C:\Program Files\ESET
2006-11-30 11:41 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-11-29 19:39 -------- d-------- C:\Program Files\Maxthon
2006-11-25 11:06 -------- d---s---- C:\Documents and Settings\Rossifumi46\Application Data\Microsoft
2006-11-24 19:38 -------- d-------- C:\Program Files\Fichiers communs\Microsoft Shared
2006-11-24 19:17 -------- d-------- C:\Program Files\Messenger Plus! Live
2006-11-24 17:59 -------- d-------- C:\Program Files\ATI Technologies
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"LClock"="lclock.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"HomeAlarm"="C:\\Program Files\\Chameleon Clock\\ChamClock.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"nod32kui"="\"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE"
"Logitech Hardware Abstraction Layer"="\"C:\\Program Files\\Fichiers communs\\Logitech\\khalshared\\KHALMNPR.EXE\""
"LWBKEYBOARD"="C:\\Program Files\\Labtec\\Media Keyboard\\V5.0\\KbdAp32A.exe"
"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay"
"PestPatrol Control Center"="C:\\PROGRA~1\\PESTPA~1\\PPControl.exe"
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"PPMemCheck"="C:\\PROGRA~1\\PESTPA~1\\PPMemCheck.exe"
"CookiePatrol"="C:\\PROGRA~1\\PESTPA~1\\CookiePatrol.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,00,04,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,12,03,00,00,23,00,00,00,dc,00,00,00,d3,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"LSD_III"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,4c,53,44,5c,65,6e,64,\
2e,63,6d,64,00
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\runonce]
"LSD_III"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,4c,53,44,5c,65,6e,64,\
2e,63,6d,64,00
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoCDBurning"=dword:00000001
"ForceClassicControlPanel"=dword:00000001
"NoLowDiskSpaceChecks"=dword:00000001
"ClearRecentDocsOnExit"=dword:00000040
"NoSMBalloonTip"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Lancement rapide d'Adobe Reader.lnk"
"backup"="C:\\WINDOWS\\pss\\Lancement rapide d'Adobe Reader.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Reader\\READER~1.EXE "
"item"="Lancement rapide d'Adobe Reader"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Rossifumi46^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]
"path"="C:\\Documents and Settings\\Rossifumi46\\Menu Démarrer\\Programmes\\Démarrage\\Adobe Gamma.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Gamma.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\FICHIE~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE "
"item"="Adobe Gamma"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKLM"
"command"=""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ADeck"
"hkey"="HKLM"
"command"="C:\\Program Files\\VIA\\VIAudioi\\SBADeck\\ADeck.exe 1"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PestPatrolCL]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKLM"
"command"=""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Maintenance en 1 clic.job
Completion time: 06-12-04 23:59:19.67
C:\ComboFix.txt ... 06-12-04 23:59
Rossifumi46 - 06-12-04 23:55:46,93 Service Pack 2
ComboFix 06.11.27W - Running from: "C:\Documents and Settings\Rossifumi46\Bureau"
Command switches used :: /v vtstu
(((((((((((((((((((((((((((((((((((((((((((((((( Vundo Log )))))))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\vtstu.dll
C:\WINDOWS\system32\utstv.bak1
C:\WINDOWS\system32\utstv.bak2
C:\WINDOWS\system32\utstv.ini
C:\WINDOWS\system32\utstv.ini2
C:\WINDOWS\system32\utstv.tmp
* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\components
C:\Program Files\Fichiers communs\{3C8C291D-081A-1036-0204-040310020021}
C:\Program Files\Fichiers communs\{3C8C291D-081B-1036-0204-040310020021}
C:\Program Files\Fichiers communs\{AC8C291D-081B-1036-0204-040310020021}
C:\Program Files\Fichiers communs\{AC8C291D-081A-1036-0204-040310020021}
((((((((((((((((((((((((((((((( Files Created from 2006-11-04 to 2006-12-04 ))))))))))))))))))))))))))))))))))
2006-12-04 21:31 <REP> d--hs---- C:\Config.Msi
2006-12-04 20:35 <REP> dr-h----- C:\Documents and Settings\Rossifumi46\Recent
2006-12-04 19:47 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\TuneUp Software
2006-12-04 19:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2006-12-04 11:48 34,308 --a------ C:\WINDOWS\system32\BASSMOD.dll
2006-12-04 11:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2006-12-04 11:15 <REP> d-------- C:\VundoFix Backups
2006-12-04 11:07 2,672 --a------ C:\WINDOWS\system32\tmp.reg
2006-12-04 10:51 <REP> d-------- C:\Program Files\CCleaner
2006-12-04 10:29 <REP> d-------- C:\WINDOWS\system32\SoftwareDistribution
2006-12-03 21:35 <REP> d-------- C:\Program Files\iTunes
2006-12-03 21:35 <REP> d-------- C:\Program Files\iPod
2006-12-03 21:29 40,973 ---hs---- C:\WINDOWS\system32\opnlkjh.dll
2006-12-03 21:24 <REP> d-------- C:\Program Files\Apple Software Update
2006-12-03 21:08 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2006-12-03 21:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2006-12-03 21:06 <REP> d-------- C:\Program Files\Lavasoft
2006-12-03 21:06 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\Lavasoft
2006-12-03 20:52 <REP> d-------- C:\Program Files\RegCleaner
2006-12-03 12:24 42,516 --a------ C:\WINDOWS\system32\ogkioguv.dll
2006-12-03 12:23 88,340 --a------ C:\WINDOWS\system32\awdpsorw.exe
2006-12-03 12:18 40,973 ---hs---- C:\WINDOWS\system32\vtuusrr.dll
2006-12-03 12:11 <REP> d-------- C:\Program Files\Chameleon Clock
2006-12-03 10:28 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\RapidGet
2006-12-02 14:10 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2006-12-02 14:10 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
2006-12-02 14:10 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2006-12-02 14:09 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2006-12-02 14:09 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2006-12-02 14:09 51,328 --a------ C:\WINDOWS\system32\drivers\msdv.sys
2006-12-02 14:09 48,128 --a------ C:\WINDOWS\system32\drivers\61883.sys
2006-12-02 14:09 38,912 --a------ C:\WINDOWS\system32\drivers\avc.sys
2006-12-02 14:09 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2006-12-02 14:09 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2006-12-02 14:09 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
2006-12-02 14:09 <REP> d-------- C:\Program Files\Movie Maker
2006-12-01 17:15 98,304 --a------ C:\WINDOWS\system32\PSCLU113.dll
2006-12-01 17:15 53,248 --a------ C:\WINDOWS\system32\pscND113.exe
2006-12-01 17:15 49,152 --a------ C:\WINDOWS\system32\pscVSWIA.dll
2006-12-01 17:15 356,352 --a------ C:\WINDOWS\system32\pscUD113.dll
2006-12-01 17:15 <REP> d-------- C:\Program Files\Canon
2006-12-01 17:14 305,664 --a------ C:\WINDOWS\IsUn040c.exe
2006-12-01 17:14 <REP> d-------- C:\Documents and Settings\Rossifumi46\WINDOWS
2006-11-30 11:44 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2006-11-30 11:43 <REP> d-------- C:\Program Files\ASIO4ALL v2
2006-11-30 11:42 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2006-11-30 11:41 39,552 --a------ C:\WINDOWS\system32\drivers\hdjmidi.sys
2006-11-30 11:41 39,424 --a------ C:\WINDOWS\system32\HDJSAPI.dll
2006-11-30 11:41 17,408 --a------ C:\WINDOWS\system32\HDJCProp.DLL
2006-11-30 11:41 11,008 --a------ C:\WINDOWS\system32\drivers\HDJCTRL.sys
2006-11-30 11:41 106,496 --a------ C:\WINDOWS\system32\GUStrLib.dll
2006-11-30 11:41 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2006-11-30 11:41 <REP> d-------- C:\Program Files\Hercules
2006-11-30 11:41 <REP> d-------- C:\Program Files\Guillemot
2006-11-30 11:35 <REP> d-------- C:\Program Files\VirtualDJ
2006-11-30 10:54 578,599 --a------ C:\WINDOWS\Minuscule.02.scr
2006-11-30 10:54 <REP> d-------- C:\Program Files\Minuscule.02
2006-11-29 19:09 400,134 --a------ C:\WINDOWS\Minuscule.03.scr
2006-11-29 19:09 <REP> d-------- C:\WINDOWS\system32\appmgmt
2006-11-28 15:06 <REP> d-------- C:\Program Files\IrfanView
2006-11-28 15:00 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2006-11-28 15:00 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2006-11-28 15:00 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2006-11-28 00:50 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\AdobeUM
2006-11-27 18:08 <REP> d-------- C:\Program Files\eMule
2006-11-27 17:32 <REP> d--h----- C:\WINDOWS\system32\GroupPolicy
2006-11-26 22:24 <REP> d-------- C:\WINDOWS\pss
2006-11-26 13:33 <REP> d-------- C:\Documents and Settings\Rossifumi46\amsn_received
2006-11-26 13:33 <REP> d-------- C:\Documents and Settings\Rossifumi46\amsn
2006-11-26 13:27 <REP> d-------- C:\Program Files\amsn
2006-11-26 13:05 102,400 --a------ C:\WINDOWS\system32\tsccvid.dll
2006-11-26 13:05 <REP> d-------- C:\WINDOWS\system32\QuickTime
2006-11-26 13:04 <REP> d-------- C:\Program Files\TechSmith
2006-11-26 12:08 <REP> d-------- C:\Program Files\PhotoFiltre
2006-11-25 21:40 210,944 --a------ C:\WINDOWS\system32\MSVCRT10.DLL
2006-11-25 21:38 <REP> d-------- C:\WINDOWS\Sun
2006-11-25 21:38 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\Sun
2006-11-25 21:36 <REP> d-------- C:\Program Files\Java
2006-11-25 21:36 <REP> d-------- C:\Program Files\Fichiers communs\Java
2006-11-25 17:08 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\Media Player Classic
2006-11-25 14:14 <REP> d-------- C:\WINDOWS\system32\DllCache
2006-11-25 14:14 <REP> d-------- C:\Program Files\Media Player Classic
2006-11-25 13:43 60,416 --a------ C:\WINDOWS\ALCFDRTM.EXE
2006-11-25 13:41 69,632 --a------ C:\WINDOWS\Alcmtr.exe
2006-11-25 12:20 331,184 --------- C:\WINDOWS\system32\difxapi.dll
2006-11-25 12:20 203,648 --a------ C:\WINDOWS\system32\drivers\vinyl97.sys
2006-11-25 12:08 <REP> d-------- C:\Program Files\Lavalys
2006-11-24 22:51 <REP> d-------- C:\Program Files\DreamMail4
2006-11-24 22:10 <REP> d-------- C:\Program Files\Realtek AC97
2006-11-24 22:08 5,504 --------- C:\WINDOWS\system32\drivers\imagedrv.sys
2006-11-24 22:08 125,184 --------- C:\WINDOWS\system32\drivers\imagesrv.sys
2006-11-24 22:07 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2006-11-24 22:07 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2006-11-24 22:07 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2006-11-24 22:07 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2006-11-24 22:07 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2006-11-24 22:07 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2006-11-24 22:07 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
2006-11-24 22:07 <REP> d-------- C:\Program Files\Ahead
2006-11-24 21:55 <REP> d-------- C:\WINDOWS\system32\Lang
2006-11-24 20:46 <REP> d-------- C:\Program Files\SLD Codec Pack
2006-11-24 19:55 <REP> d-------- C:\Program Files\Fichiers communs\ChaosGroup
2006-11-24 19:55 <REP> d-------- C:\Program Files\Chaos Group
2006-11-24 19:51 974,848 --a------ C:\WINDOWS\system32\mfc70.dll
2006-11-24 19:51 487,424 --a------ C:\WINDOWS\system32\msvcp70.dll
2006-11-24 19:51 344,064 --a------ C:\WINDOWS\system32\msvcr70.dll
2006-11-24 19:51 <REP> d-------- C:\Program Files\Fichiers communs\Macromedia Shared
2006-11-24 19:50 <REP> d-------- C:\Program Files\Fichiers communs\Macromedia
2006-11-24 19:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Autodesk
2006-11-24 19:47 <REP> d-------- C:\Program Files\Macromedia
2006-11-24 19:45 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2006-11-24 19:45 <REP> d-------- C:\WINDOWS\system32\DirectX
2006-11-24 19:45 <REP> d-------- C:\Program Files\Fichiers communs\Autodesk Shared
2006-11-24 19:45 <REP> d-------- C:\Program Files\Autodesk
2006-11-24 19:39 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2006-11-24 19:37 <REP> d-------- C:\Program Files\Fichiers communs\DESIGNER
2006-11-24 19:36 <REP> d-------- C:\WINDOWS\SHELLNEW
2006-11-24 19:36 <REP> d-------- C:\Program Files\Microsoft.NET
2006-11-24 19:36 <REP> d-------- C:\Program Files\Microsoft Works
2006-11-24 19:36 <REP> d-------- C:\Program Files\Microsoft Visual Studio
2006-11-24 19:36 <REP> d-------- C:\Program Files\Microsoft Office
2006-11-24 19:26 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\Macromedia
2006-11-24 19:12 <REP> d-------- C:\Documents and Settings\Rossifumi46\Contacts
2006-11-24 19:01 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\Adobe
2006-11-24 18:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2006-11-24 18:53 <REP> d-------- C:\Program Files\Fichiers communs\Adobe Systems Shared
2006-11-24 18:47 <REP> d-------- C:\Program Files\Real
2006-11-24 18:47 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
2006-11-24 18:47 <REP> d-------- C:\Program Files\Fichiers communs\Real
2006-11-24 18:46 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\Real
2006-11-24 18:44 <REP> d-------- C:\Program Files\PestPatrol
2006-11-24 18:41 <REP> d--hs---- C:\RECYCLER
2006-11-24 18:40 <REP> d-------- C:\Program Files\Stardock
2006-11-24 18:40 <REP> d-------- C:\Program Files\Fichiers communs\Stardock
2006-11-24 18:37 20,640 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys
2006-11-24 18:37 <REP> d-------- C:\Program Files\Winamp
2006-11-24 18:37 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\Winamp
2006-11-24 18:35 <REP> d-------- C:\Program Files\Kaspersky Lab
2006-11-24 18:35 <REP> d-------- C:\Program Files\Fichiers communs\Kaspersky Lab
2006-11-24 18:35 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2006-11-24 18:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2006-11-24 18:34 <REP> d-------- C:\Program Files\Adobe
2006-11-24 18:30 <REP> d-------- C:\WINDOWS\RegisteredPackages
2006-11-24 18:28 <REP> d-------- C:\Program Files\Illustrate
2006-11-24 18:18 61,440 --a------ C:\WINDOWS\system32\vuins32.dll
2006-11-24 18:18 43,008 --a------ C:\WINDOWS\system32\drivers\fetnd5bv.sys
2006-11-24 18:18 <REP> d-------- C:\WINDOWS\vnDrvBas
2006-11-24 18:16 9,728 -ra------ C:\WINDOWS\system32\drivers\videX32.sys
2006-11-24 18:16 11,264 -ra------ C:\WINDOWS\system32\drivers\xfilt.sys
2006-11-24 18:15 <REP> d-------- C:\Program Files\VIA
2006-11-24 18:14 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2006-11-24 18:14 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2006-11-24 18:14 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2006-11-24 18:14 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2006-11-24 18:13 9,196,032 --------- C:\WINDOWS\system32\RTLCPL.exe
2006-11-24 18:13 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2006-11-24 18:13 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2006-11-24 18:13 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2006-11-24 18:13 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2006-11-24 18:13 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2006-11-24 18:13 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2006-11-24 18:13 208,896 --------- C:\WINDOWS\alcupd.exe
2006-11-24 18:13 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2006-11-24 18:13 2,279,424 --a------ C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2006-11-24 18:13 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2006-11-24 18:13 156,672 --------- C:\WINDOWS\system32\RtlCPAPI.dll
2006-11-24 18:13 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2006-11-24 18:13 139,264 --------- C:\WINDOWS\alcrmv.exe
2006-11-24 18:02 <REP> d-------- C:\Documents and Settings\Rossifumi46\Application Data\ATI
2006-11-24 13:39 <REP> dr--s---- C:\WINDOWS\Fonts
2006-11-24 13:39 <REP> d--hs---- C:\WINDOWS\..
2006-11-24 13:39 <REP> d--h----- C:\WINDOWS\inf
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\WinSxS
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Web
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\twain_32
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Temp
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\wins
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\wbem
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\usmt
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\spool
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\ShellExt
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\Setup
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\ras
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\oobe
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\npp
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\mui
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\inetsrv
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\IME
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\icsxml
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\ias
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\export
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\drivers\etc
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\drivers\disdn
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\drivers\..
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\drivers\.
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\drivers
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\dhcp
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\config
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\3com_dmi
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\3076
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\2052
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\1054
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\1042
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\1041
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\1037
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\1036
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\1033
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\1031
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\1028
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\1025
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\..
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32\.
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system32
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system\..
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system\.
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\system
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\security
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Resources
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\repair
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Provisioning
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\PeerNet
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\pchealth
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\mui
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\msapps
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\msagent
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Media
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\java
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\ime
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Help
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\ehome
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Driver Cache
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Debug
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Cursors
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Connection Wizard
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\Config
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\AppPatch
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\addins
2006-11-24 13:39 <REP> d-------- C:\WINDOWS\.
2006-11-24 13:39 <REP> d-------- C:\WINDOWS
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-04 23:58 -------- d-------- C:\Program Files\Fichiers communs
2006-12-04 22:22 -------- d-------- C:\Program Files\Mozilla Firefox
2006-12-04 19:59 -------- d-------- C:\Program Files\MSN Messenger
2006-12-04 11:33 -------- d-------- C:\Program Files\Windows Media Player
2006-12-04 11:26 -------- d-------- C:\Program Files\Internet Explorer
2006-12-04 11:17 -------- d-------- C:\Program Files\Outlook Express
2006-12-04 11:17 -------- d-------- C:\Program Files\Fichiers communs\System
2006-12-03 21:33 -------- d-------- C:\Program Files\QuickTime
2006-12-03 15:22 -------- d-------- C:\Program Files\ESET
2006-11-30 11:41 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-11-29 19:39 -------- d-------- C:\Program Files\Maxthon
2006-11-25 11:06 -------- d---s---- C:\Documents and Settings\Rossifumi46\Application Data\Microsoft
2006-11-24 19:38 -------- d-------- C:\Program Files\Fichiers communs\Microsoft Shared
2006-11-24 19:17 -------- d-------- C:\Program Files\Messenger Plus! Live
2006-11-24 17:59 -------- d-------- C:\Program Files\ATI Technologies
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"LClock"="lclock.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"HomeAlarm"="C:\\Program Files\\Chameleon Clock\\ChamClock.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"nod32kui"="\"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE"
"Logitech Hardware Abstraction Layer"="\"C:\\Program Files\\Fichiers communs\\Logitech\\khalshared\\KHALMNPR.EXE\""
"LWBKEYBOARD"="C:\\Program Files\\Labtec\\Media Keyboard\\V5.0\\KbdAp32A.exe"
"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay"
"PestPatrol Control Center"="C:\\PROGRA~1\\PESTPA~1\\PPControl.exe"
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"PPMemCheck"="C:\\PROGRA~1\\PESTPA~1\\PPMemCheck.exe"
"CookiePatrol"="C:\\PROGRA~1\\PESTPA~1\\CookiePatrol.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,00,04,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,12,03,00,00,23,00,00,00,dc,00,00,00,d3,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"LSD_III"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,4c,53,44,5c,65,6e,64,\
2e,63,6d,64,00
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\runonce]
"LSD_III"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,4c,53,44,5c,65,6e,64,\
2e,63,6d,64,00
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoCDBurning"=dword:00000001
"ForceClassicControlPanel"=dword:00000001
"NoLowDiskSpaceChecks"=dword:00000001
"ClearRecentDocsOnExit"=dword:00000040
"NoSMBalloonTip"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Lancement rapide d'Adobe Reader.lnk"
"backup"="C:\\WINDOWS\\pss\\Lancement rapide d'Adobe Reader.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Reader\\READER~1.EXE "
"item"="Lancement rapide d'Adobe Reader"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Rossifumi46^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]
"path"="C:\\Documents and Settings\\Rossifumi46\\Menu Démarrer\\Programmes\\Démarrage\\Adobe Gamma.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Gamma.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\FICHIE~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE "
"item"="Adobe Gamma"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKLM"
"command"=""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ADeck"
"hkey"="HKLM"
"command"="C:\\Program Files\\VIA\\VIAudioi\\SBADeck\\ADeck.exe 1"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PestPatrolCL]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKLM"
"command"=""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Maintenance en 1 clic.job
Completion time: 06-12-04 23:59:19.67
C:\ComboFix.txt ... 06-12-04 23:59
Bonjour,
On continue![:)]( ":)")
Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
Double-clique VundoFix.exe afin de le lancer
Lorsque l'outil se lance à nouveau, clique sur le bouton Scan for Vundo
Clique sur le bouton Scan for Vundo
Lorsque le scan est complété, clique sur le bouton Remove Vundo
Une invite te demandera si tu veux supprimer les fichiers, clique YES
Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
On continue
Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
Salut, Alors le rapport de Vundo (il y a celui d'hier et celui d'aujourd'hui ensuite)
VundoFix V6.2.13
Checking Java version...
Java version is 1.5.0.9
Scan started at 11:15:26 04/12/2006
Listing files found while scanning....
C:\WINDOWS\system32\winbjt32.dll
C:\WINDOWS\system32\mllmk.dll
C:\WINDOWS\system32\kmllm.ini
C:\WINDOWS\system32\kmllm.bak1
Beginning removal...
Attempting to delete C:\WINDOWS\system32\winbjt32.dll
C:\WINDOWS\system32\winbjt32.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\mllmk.dll
C:\WINDOWS\system32\mllmk.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\kmllm.ini
C:\WINDOWS\system32\kmllm.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\kmllm.bak1
C:\WINDOWS\system32\kmllm.bak1 Has been deleted!
Performing Repairs to the registry.
Done!
====
VundoFix V6.2.13
Checking Java version...
Java version is 1.5.0.9
Scan started at 15:13:46 05/12/2006
Listing files found while scanning....
No infected files were found.
Beginning removal...
Puis Hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 15:33:09, on 05/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\lclock.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\DreamMail4\DM2005.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
G:\a graver\Scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.winlsd.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - C:\WINDOWS\system32\ogkioguv.dll
O2 - BHO: (no name) - {501BBD0E-75A7-430B-A05C-61AF08253A75} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 - Startup: DreamMail.lnk = C:\Program Files\DreamMail4\DM2005.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5695263-EA0E-41EA-8A47-5F6C8052815B}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
Sinon depuis ca matin plus de pop-up![:bounce:]( ":bounce:")
VundoFix V6.2.13
Checking Java version...
Java version is 1.5.0.9
Scan started at 11:15:26 04/12/2006
Listing files found while scanning....
C:\WINDOWS\system32\winbjt32.dll
C:\WINDOWS\system32\mllmk.dll
C:\WINDOWS\system32\kmllm.ini
C:\WINDOWS\system32\kmllm.bak1
Beginning removal...
Attempting to delete C:\WINDOWS\system32\winbjt32.dll
C:\WINDOWS\system32\winbjt32.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\mllmk.dll
C:\WINDOWS\system32\mllmk.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\kmllm.ini
C:\WINDOWS\system32\kmllm.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\kmllm.bak1
C:\WINDOWS\system32\kmllm.bak1 Has been deleted!
Performing Repairs to the registry.
Done!
====
VundoFix V6.2.13
Checking Java version...
Java version is 1.5.0.9
Scan started at 15:13:46 05/12/2006
Listing files found while scanning....
No infected files were found.
Beginning removal...
Puis Hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 15:33:09, on 05/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\lclock.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\DreamMail4\DM2005.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
G:\a graver\Scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.winlsd.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - C:\WINDOWS\system32\ogkioguv.dll
O2 - BHO: (no name) - {501BBD0E-75A7-430B-A05C-61AF08253A75} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 - Startup: DreamMail.lnk = C:\Program Files\DreamMail4\DM2005.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5695263-EA0E-41EA-8A47-5F6C8052815B}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
Sinon depuis ca matin plus de pop-up
Un coup d'AVG pour les restes.
Télécharge puis installe AVG Anti-Spyware (AVG AS)
Une fois AVG AS lancé, clique sur "Mise à jour"
Ferme le programme.
AIDE : Tuto sur Avg Antispyware (Malekal)
Redémarre en mode sans échec
Relance AVG AS puis choisis l'onglet "Analyse"
Puis l'onglet "Paramètres"
Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
/!\ Si un fichier est infecté en fin d'analyse /!\
Clique sur "Appliquer toutes les actions "
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Redémarre normalement
Copie/Colle le rapport AVG AS ainsi qu'un rapport Hijackthis.
Télécharge puis installe AVG Anti-Spyware (AVG AS)
Une fois AVG AS lancé, clique sur "Mise à jour"
Ferme le programme.
AIDE : Tuto sur Avg Antispyware (Malekal)
Redémarre en mode sans échec
Relance AVG AS puis choisis l'onglet "Analyse"
Puis l'onglet "Paramètres"
Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
/!\ Si un fichier est infecté en fin d'analyse /!\
Clique sur "Appliquer toutes les actions "
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Redémarre normalement
Copie/Colle le rapport AVG AS ainsi qu'un rapport Hijackthis.
Alors le rapport de Hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 20:47:48, on 05/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\lclock.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\DreamMail4\DM2005.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
G:\a graver\Scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.winlsd.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - C:\WINDOWS\system32\ogkioguv.dll
O2 - BHO: (no name) - {501BBD0E-75A7-430B-A05C-61AF08253A75} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 - Startup: DreamMail.lnk = C:\Program Files\DreamMail4\DM2005.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5695263-EA0E-41EA-8A47-5F6C8052815B}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
Et celui de AVG AS
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 20:42:23 05/12/2006
+ Résultat de l'analyse:
C:\Program Files\ASIO4ALL v2\uninstall.exe -> Adware.MediaTicket : Aucune action entreprise.
G:\a graver\ASIO4ALL_2_7_English.exe -> Adware.MediaTicket : Aucune action entreprise.
C:\Program Files\amsn\uninstall.exe -> Not-A-Virus.HackTool.Win32.Homac : Aucune action entreprise.
:mozilla.812:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.285:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.286:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.287:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.288:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.289:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.290:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.291:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.292:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.293:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.294:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.295:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.296:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.297:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.298:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.299:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.300:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.365:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.400:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.401:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.463:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.464:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.531:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.540:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.567:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.713:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.894:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.936:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Alain\Local Settings\Temp\Cookies\alain@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Program Files\PestPatrol\Quarantine\20061203150531.zip/Documents and Settings/Rossifumi46/Cookies/rossifumi46@2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.262:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.263:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.305:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.306:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.495:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adjuggler : Aucune action entreprise.
:mozilla.496:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adjuggler : Aucune action entreprise.
:mozilla.497:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adjuggler : Aucune action entreprise.
:mozilla.107:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Admarketplace : Aucune action entreprise.
:mozilla.57:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Admarketplace : Aucune action entreprise.
:mozilla.302:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adnet : Aucune action entreprise.
:mozilla.303:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adnet : Aucune action entreprise.
:mozilla.162:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.163:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.294:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.295:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
C:\Program Files\PestPatrol\Quarantine\20061203150531.zip/Documents and Settings/Rossifumi46/Cookies/rossifumi46@adtech[2].txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.177:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.178:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.179:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.180:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.371:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.372:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.373:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.374:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.175:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.6:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Alain\Local Settings\Temp\Cookies\alain@atdmt[1].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Alain\Local Settings\Temp\Cookies\alain@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Program Files\PestPatrol\Quarantine\20061203150531.zip/Documents and Settings/Rossifumi46/Cookies/rossifumi46@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.135:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.212:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Program Files\PestPatrol\Quarantine\20061203150531.zip/Documents and Settings/Rossifumi46/Cookies/rossifumi46@bluestreak[2].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.303:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Aucune action entreprise.
:mozilla.75:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Aucune action entreprise.
:mozilla.79:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Aucune action entreprise.
:mozilla.80:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Aucune action entreprise.
:mozilla.83:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Aucune action entreprise.
:mozilla.84:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Aucune action entreprise.
:mozilla.85:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Aucune action entreprise.
:mozilla.241:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Clickbank : Aucune action entreprise.
:mozilla.727:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Clickzs : Aucune action entreprise.
:mozilla.728:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Clickzs : Aucune action entreprise.
:mozilla.350:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Com : Aucune action entreprise.
:mozilla.602:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Com : Aucune action entreprise.
:mozilla.152:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.153:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.154:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.231:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.232:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.233:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.601:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Coremetrics : Aucune action entreprise.
:mozilla.752:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Cqcounter : Aucune action entreprise.
:mozilla.847:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Dbbsrv : Aucune action entreprise.
:mozilla.100:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.71:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
C:\Documents and Settings\Alain\Local Settings\Temp\Cookies\alain@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
C:\Program Files\PestPatrol\Quarantine\20061203150531.zip/Documents and Settings/Rossifumi46/Cookies/rossifumi46@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.652:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Esomniture : Aucune action entreprise.
:mozilla.715:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Esomniture : Aucune action entreprise.
:mozilla.167:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.55:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.850:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Etracker : Aucune action entreprise.
:mozilla.307:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Euroclick : Aucune action entreprise.
:mozilla.308:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Euroclick : Aucune action entreprise.
:mozilla.523:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.524:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.525:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.526:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.527:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.711:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.712:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.713:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.714:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.715:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.25:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.26:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.27:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.556:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.557:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.387:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Findwhat : Aucune action entreprise.
:mozilla.242:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.383:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.441:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.720:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.855:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.856:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.857:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.858:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.859:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.860:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.861:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.862:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.863:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.519:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.520:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.793:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Liveperson : Aucune action entreprise.
:mozilla.794:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Liveperson : Aucune action entreprise.
:mozilla.106:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.56:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
C:\Documents and Settings\Alain\Local Settings\Temp\Cookies\alain@mediaplex[1].txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
C:\Program Files\PestPatrol\Quarantine\20061203150531.zip/Documents and Settings/Rossifumi46/Cookies/rossifumi46@mediaplex[1].txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.146:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.147:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.148:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.280:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.281:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
C:\Program Files\PestPatrol\Quarantine\20061203150531.zip/Documents and Settings/Rossifumi46/Cookies/rossifumi46@qksrv[2].txt -> TrackingCookie.Qksrv : Aucune action entreprise.
:mozilla.214:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
:mozilla.215:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
:mozilla.216:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
:mozilla.304:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Revenue : Aucune action entreprise.
:mozilla.603:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Revenue : Aucune action entreprise.
:mozilla.604:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Revenue : Aucune action entreprise.
:mozilla.358:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.359:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.360:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.361:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.362:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.363:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.615:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.616:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.617:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.618:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.619:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.353:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sexcounter : Aucune action entreprise.
:mozilla.354:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sexcounter : Aucune action entreprise.
:mozilla.798:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sexcounter : Aucune action entreprise.
:mozilla.799:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sexcounter : Aucune action entreprise.
:mozilla.718:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.719:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.720:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.753:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.754:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.755:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.756:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.787:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.788:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.794:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.246:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.247:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.248:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.95:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.96:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.97:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Alain\Local Settings\Temp\Cookies\alain@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Alain\Local Settings\Temp\Cookies\alain@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Alain\Local Settings\Temp\Cookies\alain@www.smartadserver[3].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Rossifumi46\Cookies\rossifumi46@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.628:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Spylog : Aucune action entreprise.
:mozilla.44:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.566:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.567:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.568:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.569:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.570:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.655:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Targetnet : Aucune action entreprise.
:mozilla.656:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Targetnet : Aucune action entreprise.
:mozilla.45:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.46:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.52:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.53:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
C:\Program Files\PestPatrol\Quarantine\20061203150531.zip/Documents and Settings/Rossifumi46/Cookies/rossifumi46@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.280:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Trafic : Aucune action entreprise.
:mozilla.640:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Tribalfusion : Aucune action entreprise.
:mozilla.281:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Valuead : Aucune action entreprise.
:mozilla.282:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Valuead : Aucune action entreprise.
:mozilla.283:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Valuead : Aucune action entreprise.
:mozilla.492:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Valueclick : Aucune action entreprise.
:mozilla.183:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.184:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.185:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.347:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.348:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.349:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Program Files\PestPatrol\Quarantine\20061203150531.zip/Documents and Settings/Rossifumi46/Cookies/rossifumi46@weborama[1].txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.564:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Webtrendslive : Aucune action entreprise.
:mozilla.675:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yadro : Aucune action entreprise.
:mozilla.678:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yadro : Aucune action entreprise.
:mozilla.45:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.46:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.47:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.48:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.49:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.50:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.51:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.72:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.73:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.74:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.76:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.77:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.78:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.81:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.82:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.187:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.188:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.189:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.709:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.710:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
C:\Program Files\PestPatrol\Quarantine\20061203150531.zip/Documents and Settings/Rossifumi46/Cookies/rossifumi46@zedo[1].txt -> TrackingCookie.Zedo : Aucune action entreprise.
Fin du rapport
VOila tout![:pt1cable:]( ":pt1cable:")
Logfile of HijackThis v1.99.1
Scan saved at 20:47:48, on 05/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\lclock.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\DreamMail4\DM2005.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
G:\a graver\Scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.winlsd.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - C:\WINDOWS\system32\ogkioguv.dll
O2 - BHO: (no name) - {501BBD0E-75A7-430B-A05C-61AF08253A75} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 - Startup: DreamMail.lnk = C:\Program Files\DreamMail4\DM2005.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5695263-EA0E-41EA-8A47-5F6C8052815B}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
Et celui de AVG AS
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 20:42:23 05/12/2006
+ Résultat de l'analyse:
C:\Program Files\ASIO4ALL v2\uninstall.exe -> Adware.MediaTicket : Aucune action entreprise.
G:\a graver\ASIO4ALL_2_7_English.exe -> Adware.MediaTicket : Aucune action entreprise.
C:\Program Files\amsn\uninstall.exe -> Not-A-Virus.HackTool.Win32.Homac : Aucune action entreprise.
:mozilla.812:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.285:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.286:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.287:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.288:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.289:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.290:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.291:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.292:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.293:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.294:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.295:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.296:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.297:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.298:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.299:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.300:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.365:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.400:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.401:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.463:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.464:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.531:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.540:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.567:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.713:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.894:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.936:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Alain\Local Settings\Temp\Cookies\alain@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Program Files\PestPatrol\Quarantine\20061203150531.zip/Documents and Settings/Rossifumi46/Cookies/rossifumi46@2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.262:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.263:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.305:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.306:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.495:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adjuggler : Aucune action entreprise.
:mozilla.496:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adjuggler : Aucune action entreprise.
:mozilla.497:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adjuggler : Aucune action entreprise.
:mozilla.107:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Admarketplace : Aucune action entreprise.
:mozilla.57:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Admarketplace : Aucune action entreprise.
:mozilla.302:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adnet : Aucune action entreprise.
:mozilla.303:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adnet : Aucune action entreprise.
:mozilla.162:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.163:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.294:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.295:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
C:\Program Files\PestPatrol\Quarantine\20061203150531.zip/Documents and Settings/Rossifumi46/Cookies/rossifumi46@adtech[2].txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.177:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.178:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.179:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.180:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.371:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.372:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.373:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.374:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.175:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.6:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Alain\Local Settings\Temp\Cookies\alain@atdmt[1].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Alain\Local Settings\Temp\Cookies\alain@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Program Files\PestPatrol\Quarantine\20061203150531.zip/Documents and Settings/Rossifumi46/Cookies/rossifumi46@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.135:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.212:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Program Files\PestPatrol\Quarantine\20061203150531.zip/Documents and Settings/Rossifumi46/Cookies/rossifumi46@bluestreak[2].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.303:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Aucune action entreprise.
:mozilla.75:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Aucune action entreprise.
:mozilla.79:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Aucune action entreprise.
:mozilla.80:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Aucune action entreprise.
:mozilla.83:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Aucune action entreprise.
:mozilla.84:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Aucune action entreprise.
:mozilla.85:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Aucune action entreprise.
:mozilla.241:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Clickbank : Aucune action entreprise.
:mozilla.727:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Clickzs : Aucune action entreprise.
:mozilla.728:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Clickzs : Aucune action entreprise.
:mozilla.350:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Com : Aucune action entreprise.
:mozilla.602:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Com : Aucune action entreprise.
:mozilla.152:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.153:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.154:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.231:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.232:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.233:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.601:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Coremetrics : Aucune action entreprise.
:mozilla.752:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Cqcounter : Aucune action entreprise.
:mozilla.847:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Dbbsrv : Aucune action entreprise.
:mozilla.100:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.71:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
C:\Documents and Settings\Alain\Local Settings\Temp\Cookies\alain@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
C:\Program Files\PestPatrol\Quarantine\20061203150531.zip/Documents and Settings/Rossifumi46/Cookies/rossifumi46@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.652:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Esomniture : Aucune action entreprise.
:mozilla.715:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Esomniture : Aucune action entreprise.
:mozilla.167:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.55:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.850:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Etracker : Aucune action entreprise.
:mozilla.307:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Euroclick : Aucune action entreprise.
:mozilla.308:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Euroclick : Aucune action entreprise.
:mozilla.523:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.524:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.525:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.526:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.527:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.711:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.712:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.713:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.714:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.715:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.25:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.26:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.27:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.556:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.557:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.387:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Findwhat : Aucune action entreprise.
:mozilla.242:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.383:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.441:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.720:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.855:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.856:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.857:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.858:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.859:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.860:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.861:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.862:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.863:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.519:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.520:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.793:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Liveperson : Aucune action entreprise.
:mozilla.794:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Liveperson : Aucune action entreprise.
:mozilla.106:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.56:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
C:\Documents and Settings\Alain\Local Settings\Temp\Cookies\alain@mediaplex[1].txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
C:\Program Files\PestPatrol\Quarantine\20061203150531.zip/Documents and Settings/Rossifumi46/Cookies/rossifumi46@mediaplex[1].txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.146:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.147:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.148:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.280:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.281:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
C:\Program Files\PestPatrol\Quarantine\20061203150531.zip/Documents and Settings/Rossifumi46/Cookies/rossifumi46@qksrv[2].txt -> TrackingCookie.Qksrv : Aucune action entreprise.
:mozilla.214:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
:mozilla.215:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
:mozilla.216:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
:mozilla.304:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Revenue : Aucune action entreprise.
:mozilla.603:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Revenue : Aucune action entreprise.
:mozilla.604:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Revenue : Aucune action entreprise.
:mozilla.358:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.359:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.360:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.361:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.362:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.363:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.615:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.616:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.617:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.618:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.619:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.353:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sexcounter : Aucune action entreprise.
:mozilla.354:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sexcounter : Aucune action entreprise.
:mozilla.798:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sexcounter : Aucune action entreprise.
:mozilla.799:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sexcounter : Aucune action entreprise.
:mozilla.718:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.719:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.720:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.753:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.754:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.755:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.756:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.787:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.788:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.794:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.246:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.247:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.248:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.95:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.96:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.97:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Alain\Local Settings\Temp\Cookies\alain@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Alain\Local Settings\Temp\Cookies\alain@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Alain\Local Settings\Temp\Cookies\alain@www.smartadserver[3].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Rossifumi46\Cookies\rossifumi46@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.628:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Spylog : Aucune action entreprise.
:mozilla.44:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.566:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.567:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.568:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.569:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.570:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.655:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Targetnet : Aucune action entreprise.
:mozilla.656:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Targetnet : Aucune action entreprise.
:mozilla.45:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.46:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.52:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.53:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
C:\Program Files\PestPatrol\Quarantine\20061203150531.zip/Documents and Settings/Rossifumi46/Cookies/rossifumi46@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.280:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Trafic : Aucune action entreprise.
:mozilla.640:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Tribalfusion : Aucune action entreprise.
:mozilla.281:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Valuead : Aucune action entreprise.
:mozilla.282:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Valuead : Aucune action entreprise.
:mozilla.283:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Valuead : Aucune action entreprise.
:mozilla.492:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Valueclick : Aucune action entreprise.
:mozilla.183:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.184:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.185:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.347:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.348:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.349:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Program Files\PestPatrol\Quarantine\20061203150531.zip/Documents and Settings/Rossifumi46/Cookies/rossifumi46@weborama[1].txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.564:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Webtrendslive : Aucune action entreprise.
:mozilla.675:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yadro : Aucune action entreprise.
:mozilla.678:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yadro : Aucune action entreprise.
:mozilla.45:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.46:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.47:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.48:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.49:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.50:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.51:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.72:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.73:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.74:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.76:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.77:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.78:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.81:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.82:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.187:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.188:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.189:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.709:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.710:C:\Documents and Settings\Alain\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
C:\Program Files\PestPatrol\Quarantine\20061203150531.zip/Documents and Settings/Rossifumi46/Cookies/rossifumi46@zedo[1].txt -> TrackingCookie.Zedo : Aucune action entreprise.
Fin du rapport
VOila tout
Bonjour, voiçi le scan AVG bien réalisé.
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 11:59:28 06/12/2006
+ Résultat de l'analyse:
C:\System Volume Information\_restore{B692ED34-969E-485F-9CCB-F63B74E88866}\RP4\A0002031.exe -> Adware.Maxifiles : Ignoré.
:mozilla.289:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.290:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.291:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.292:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.293:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.294:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.295:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.296:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.297:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.298:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.299:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.300:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.301:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.362:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.383:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.384:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.503:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.511:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.537:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.309:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.221:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Admarketplace : Nettoyé.
:mozilla.306:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adnet : Nettoyé.
:mozilla.307:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adnet : Nettoyé.
:mozilla.81:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.82:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.96:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.97:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.98:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.99:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.24:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.145:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.57:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.58:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.59:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.63:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.64:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.65:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.66:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.67:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.349:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.136:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.137:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.138:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.38:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.6:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.773:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Etracker : Nettoyé.
:mozilla.310:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.139:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.140:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.141:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.142:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.143:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.144:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.32:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.33:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.34:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.35:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.375:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Findwhat : Nettoyé.
:mozilla.778:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.779:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.780:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.781:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.782:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.783:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.784:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.785:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.786:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.726:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.727:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.100:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.48:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.49:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.50:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.248:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.249:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.250:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.563:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.564:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.574:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.575:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.576:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.577:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.578:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.352:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.353:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.658:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.659:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.660:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.688:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.689:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.690:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.691:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.39:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Rossifumi46\Cookies\rossifumi46@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.587:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Spylog : Nettoyé.
:mozilla.54:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.56:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.284:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Trafic : Nettoyé.
:mozilla.599:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.285:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.286:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.287:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.87:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.88:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.90:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.634:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.55:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.60:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.61:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.62:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.76:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.77:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.78:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
C:\System Volume Information\_restore{B692ED34-969E-485F-9CCB-F63B74E88866}\RP6\A0002597.dll -> Trojan.Agent.vg : Nettoyé.
C:\VundoFix Backups\winbjt32.dll.bad -> Trojan.Agent.vg : Nettoyé.
Fin du rapport
Et Hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 12:00:54, on 06/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\lclock.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\DreamMail4\DM2005.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Autodesk\3dsMax8\3dsmax.exe
C:\DOCUME~1\ROSSIF~1\LOCALS~1\Temp\AdskCleanup.0001
C:\DOCUME~1\ROSSIF~1\LOCALS~1\Temp\AdskCleanup.0001
G:\a graver\Scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.winlsd.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - C:\WINDOWS\system32\ogkioguv.dll
O2 - BHO: (no name) - {501BBD0E-75A7-430B-A05C-61AF08253A75} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 - Startup: DreamMail.lnk = C:\Program Files\DreamMail4\DM2005.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5695263-EA0E-41EA-8A47-5F6C8052815B}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 11:59:28 06/12/2006
+ Résultat de l'analyse:
C:\System Volume Information\_restore{B692ED34-969E-485F-9CCB-F63B74E88866}\RP4\A0002031.exe -> Adware.Maxifiles : Ignoré.
:mozilla.289:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.290:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.291:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.292:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.293:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.294:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.295:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.296:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.297:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.298:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.299:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.300:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.301:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.362:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.383:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.384:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.503:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.511:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.537:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.309:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.221:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Admarketplace : Nettoyé.
:mozilla.306:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adnet : Nettoyé.
:mozilla.307:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adnet : Nettoyé.
:mozilla.81:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.82:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.96:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.97:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.98:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.99:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.24:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.145:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.57:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.58:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.59:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.63:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.64:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.65:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.66:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.67:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.349:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.136:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.137:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.138:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.38:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.6:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.773:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Etracker : Nettoyé.
:mozilla.310:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.139:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.140:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.141:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.142:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.143:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.144:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.32:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.33:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.34:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.35:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.375:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Findwhat : Nettoyé.
:mozilla.778:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.779:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.780:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.781:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.782:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.783:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.784:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.785:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.786:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.726:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.727:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.100:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.48:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.49:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.50:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.248:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.249:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.250:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.563:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.564:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.574:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.575:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.576:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.577:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.578:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.352:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.353:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.658:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.659:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.660:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.688:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.689:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.690:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.691:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.39:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Rossifumi46\Cookies\rossifumi46@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.587:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Spylog : Nettoyé.
:mozilla.54:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.56:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.284:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Trafic : Nettoyé.
:mozilla.599:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.285:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.286:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.287:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.87:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.88:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.90:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.634:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.55:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.60:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.61:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.62:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.76:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.77:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.78:C:\Documents and Settings\Rossifumi46\Application Data\Mozilla\Firefox\Profiles\hc30i46x.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
C:\System Volume Information\_restore{B692ED34-969E-485F-9CCB-F63B74E88866}\RP6\A0002597.dll -> Trojan.Agent.vg : Nettoyé.
C:\VundoFix Backups\winbjt32.dll.bad -> Trojan.Agent.vg : Nettoyé.
Fin du rapport
Et Hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 12:00:54, on 06/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\lclock.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\DreamMail4\DM2005.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Autodesk\3dsMax8\3dsmax.exe
C:\DOCUME~1\ROSSIF~1\LOCALS~1\Temp\AdskCleanup.0001
C:\DOCUME~1\ROSSIF~1\LOCALS~1\Temp\AdskCleanup.0001
G:\a graver\Scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.winlsd.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - C:\WINDOWS\system32\ogkioguv.dll
O2 - BHO: (no name) - {501BBD0E-75A7-430B-A05C-61AF08253A75} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 - Startup: DreamMail.lnk = C:\Program Files\DreamMail4\DM2005.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5695263-EA0E-41EA-8A47-5F6C8052815B}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
Re,
- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :
O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - C:\WINDOWS\system32\ogkioguv.dll
O2 - BHO: (no name) - {501BBD0E-75A7-430B-A05C-61AF08253A75} - (no file)
Clique sur Fix checked (en bas à gauche)
Double-clique VundoFix.exe afin de le lancer
NE clique PAS sur le bouton Scan for Vundo
Clique Droit dans la fenêtre blanche, choisis Add more files ?
Rajoute dans la première ligne :
C:\WINDOWS\system32\ogkioguv.dll
Clique successivement sur :
- Add Files
- Close Windows
- Remove Vundo
Si l'outil te demande de redémarrer, accepte.
Copie/Colle ensuite le rapport C:\vundofix.txt
- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :
O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - C:\WINDOWS\system32\ogkioguv.dll
O2 - BHO: (no name) - {501BBD0E-75A7-430B-A05C-61AF08253A75} - (no file)
Clique sur Fix checked (en bas à gauche)
C:\WINDOWS\system32\ogkioguv.dll
- Add Files
- Close Windows
- Remove Vundo
Salut. Voila c'est fait: le log
VundoFix V6.2.13
Checking Java version...
Java version is 1.5.0.9
Scan started at 15:13:46 05/12/2006
Listing files found while scanning....
No infected files were found.
Beginning removal...
Beginning removal...
Beginning removal...
Attempting to delete C:\WINDOWS\system32\ogkioguv.dll
C:\WINDOWS\system32\ogkioguv.dll Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.2.13
Checking Java version...
Java version is 1.5.0.9
Scan started at 15:13:46 05/12/2006
Listing files found while scanning....
No infected files were found.
Beginning removal...
Beginning removal...
Beginning removal...
Attempting to delete C:\WINDOWS\system32\ogkioguv.dll
C:\WINDOWS\system32\ogkioguv.dll Has been deleted!
Performing Repairs to the registry.
Done!
Un oublis.Logfile of HijackThis v1.99.1
Scan saved at 18:17:16, on 06/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\lclock.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\DreamMail4\DM2005.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe
C:\DOCUME~1\ROSSIF~1\LOCALS~1\Temp\~e5d141.tmp
C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
C:\DOCUME~1\ROSSIF~1\LOCALS~1\Temp\~e5d141.tmp
G:\a graver\Scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.winlsd.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 - Startup: DreamMail.lnk = C:\Program Files\DreamMail4\DM2005.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5695263-EA0E-41EA-8A47-5F6C8052815B}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
Lassé par la pub ? Créez un compte
- Contenus similaires :
