[résolu] fenetres intempestives genantes
Dernière réponse : dans Sécurité
bonjour,
voilà, j'ai été infecté par le troyen Vundo, troyen que je pense avoir supprimé grace au VundoFix.
seulement ce brave cheval a invité quelques uns de ses amis, et je n'arrive pas à m'en sortir
![:(]( ":(")
donc je fais appel à des personnes competentes pour me donner un coup de main![;)]( ";)")
voici mon Log Hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 19:39:40, on 09/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\system32\E_S00RP2.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\SAgent4.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cidaemon.exe
D:\util\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://otoon01.spaces.live.com//PhotoUpload/MsnPUpld.ca...
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/128e7778a4a7401a9105/netzip...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,...
O17 - HKLM\System\CCS\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: EPSON V3 Service2(02) (EPSON_PM_RPCV2_02) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP2.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\RpcSandraSrv.exe
O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe
voilà, j'ai été infecté par le troyen Vundo, troyen que je pense avoir supprimé grace au VundoFix.
seulement ce brave cheval a invité quelques uns de ses amis, et je n'arrive pas à m'en sortir
donc je fais appel à des personnes competentes pour me donner un coup de main
voici mon Log Hijackthis:
Citation :
Logfile of HijackThis v1.99.1
Scan saved at 19:39:40, on 09/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\system32\E_S00RP2.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\SAgent4.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cidaemon.exe
D:\util\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://otoon01.spaces.live.com//PhotoUpload/MsnPUpld.ca...
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/128e7778a4a7401a9105/netzip...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,...
O17 - HKLM\System\CCS\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: EPSON V3 Service2(02) (EPSON_PM_RPCV2_02) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP2.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\RpcSandraSrv.exe
O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe
Autres pages sur : resolu fenetres intempestives genantes
Lassé par la pub ? Créez un compte
et voici mon rapport de Clean:
Rapport clean par Malekal_morte - http://www.malekal.com
Option 1, executee le 09/04/2007 a 19:42:23,98
*** Recherche de fichiers sur C:
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\kernel???.exe FOUND
C:\WINDOWS\system32\kernel??.exe FOUND
C:\WINDOWS\system32\kernel?.exe FOUND
C:\WINDOWS\system32\mcrh.tmp FOUND
C:\WINDOWS\system32\SpoonUninstall.exe FOUND
"C:\Program Files\mozilla firefox\plugins\npclntax.dll" FOUND
"C:\Program Files\Download Plugin\DlPlugin-Moz\" FOUND
"C:\Program Files\Download Plugin\" FOUND
"C:\Program Files\Viewpoint\" FOUND
*** Fin du rapport !
Citation :
Rapport clean par Malekal_morte - http://www.malekal.com
Option 1, executee le 09/04/2007 a 19:42:23,98
*** Recherche de fichiers sur C:
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\kernel???.exe FOUND
C:\WINDOWS\system32\kernel??.exe FOUND
C:\WINDOWS\system32\kernel?.exe FOUND
C:\WINDOWS\system32\mcrh.tmp FOUND
C:\WINDOWS\system32\SpoonUninstall.exe FOUND
"C:\Program Files\mozilla firefox\plugins\npclntax.dll" FOUND
"C:\Program Files\Download Plugin\DlPlugin-Moz\" FOUND
"C:\Program Files\Download Plugin\" FOUND
"C:\Program Files\Viewpoint\" FOUND
*** Fin du rapport !
Bonjour,
Télécharge Blacklight (F-Secure), clique sur " I ACCEPT " en bas de la page :
Clique sur le premier " Download " afin de télécharger le programme
Sauvegarde le sur ton Bureau
Double-clique blbeta.exe et accepte la licence; clique Scan puis Next.
A la fin du scan, NE TOUCHE A RIEN !
Tu verras un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
Nous devons analyser ce rapport, ferme donc le BlackLight.
Poste le rapport sur le forum.
AIDE : Tuto sur BlackLight (Malekal)
Télécharge Blacklight (F-Secure), clique sur " I ACCEPT " en bas de la page :
Clique sur le premier " Download " afin de télécharger le programme
Sauvegarde le sur ton Bureau
Double-clique blbeta.exe et accepte la licence; clique Scan puis Next.
A la fin du scan, NE TOUCHE A RIEN !
Tu verras un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
Nous devons analyser ce rapport, ferme donc le BlackLight.
Poste le rapport sur le forum.
AIDE : Tuto sur BlackLight (Malekal)
merci pour ta réponse rapide.
voici le résultat:
04/09/07 19:48:44 [Info]: BlackLight Engine 1.0.61 initialized
04/09/07 19:48:44 [Info]: OS: 5.1 build 2600 (Service Pack 2)
04/09/07 19:48:44 [Note]: 7019 4
04/09/07 19:48:44 [Note]: 7005 0
04/09/07 19:48:46 [Note]: 7006 0
04/09/07 19:48:46 [Note]: 7011 3412
04/09/07 19:48:46 [Note]: 7026 0
04/09/07 19:48:46 [Note]: 7026 0
04/09/07 19:48:51 [Note]: FSRAW library version 1.7.1021
04/09/07 20:13:17 [Note]: 2000 1012
voici le résultat:
Citation :
04/09/07 19:48:44 [Info]: BlackLight Engine 1.0.61 initialized
04/09/07 19:48:44 [Info]: OS: 5.1 build 2600 (Service Pack 2)
04/09/07 19:48:44 [Note]: 7019 4
04/09/07 19:48:44 [Note]: 7005 0
04/09/07 19:48:46 [Note]: 7006 0
04/09/07 19:48:46 [Note]: 7011 3412
04/09/07 19:48:46 [Note]: 7026 0
04/09/07 19:48:46 [Note]: 7026 0
04/09/07 19:48:51 [Note]: FSRAW library version 1.7.1021
04/09/07 20:13:17 [Note]: 2000 1012
Re,
Télécharge puis installe AVG Anti-Spyware (AVG AS)
Fais les mises à jour mais ne lance pas de scan pour le moment.
AIDE : Tuto sur AVG Anti-Spyware (Malekal)
Redémarre en mode sans échec
Relance AVG AS :
- Choisis l'onglet "Analyse"
- Puis l'onglet "Paramètres"
- Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
- Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
[#ff0000]Si un fichier est infecté en fin d'analyse, clique sur "Appliquer toutes les actions"[/#f]
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 2 puis patiente.
Redémarre normalement
Poste le rapport AVG AS ainsi qu'un rapport Hijackthis.
Poste le rapport clean : C:\rapport_clean.txt
Télécharge puis installe AVG Anti-Spyware (AVG AS)
Fais les mises à jour mais ne lance pas de scan pour le moment.
AIDE : Tuto sur AVG Anti-Spyware (Malekal)
Redémarre en mode sans échec
Relance AVG AS :
- Choisis l'onglet "Analyse"
- Puis l'onglet "Paramètres"
- Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
- Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
[#ff0000]Si un fichier est infecté en fin d'analyse, clique sur "Appliquer toutes les actions"[/#f]
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 2 puis patiente.
Redémarre normalement
Poste le rapport AVG AS ainsi qu'un rapport Hijackthis.
Poste le rapport clean : C:\rapport_clean.txt
voici le rapport AVG:
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 22:21:14 09/04/2007
+ Résultat de l'analyse:
D:\xbox\BiosChecker_v50\BiosScan\BiosScan.exe -> Backdoor.NewB : Nettoyé.
:mozilla.6:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.7:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.8:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.9:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.142:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.24:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.25:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.26:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.27:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.27:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.28:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.14:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\olivier\Cookies\olivier@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.245:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.234:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.235:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.236:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\olivier\Cookies\olivier@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\olivier\Cookies\olivier@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\olivier\Cookies\olivier@www.epilot[1].txt -> TrackingCookie.Epilot : Nettoyé.
:mozilla.69:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.24:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.281:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.282:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.283:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.284:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.112:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Ivwbox : Nettoyé.
:mozilla.50:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\olivier\Cookies\olivier@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.151:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.152:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.155:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.170:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.171:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.172:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.173:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.174:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.175:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.51:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.238:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.239:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.240:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.241:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.300:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.301:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.302:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.47:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.48:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.49:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\olivier\Cookies\olivier@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.16:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.17:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.18:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.20:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.181:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Trafic : Nettoyé.
:mozilla.184:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.189:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.190:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.191:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.212:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.213:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.218:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.219:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.220:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
Fin du rapport
le rapport Clean:
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Option 2, executee le 09/04/2007 a 22:21:51,15
Microsoft Windows XP [version 5.1.2600]
*** Suppression de fichiers sur C:
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\kernel???.exe
tentative de suppression de C:\WINDOWS\system32\mcrh.tmp
tentative de suppression de C:\WINDOWS\system32\SpoonUninstall.exe
tentative de suppression de "C:\Program Files\mozilla firefox\plugins\npclntax.dll"
tentative de suppression de "C:\Program Files\Download Plugin\DlPlugin-Moz\"
tentative de suppression de "C:\Program Files\Download Plugin\"
tentative de suppression de "C:\Program Files\Viewpoint\"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
et le log Hijackthis !
Logfile of HijackThis v1.99.1
Scan saved at 22:36:16, on 09/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\system32\E_S00RP2.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\SAgent4.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\util\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://otoon01.spaces.live.com//PhotoUpload/MsnPUpld.ca...
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/128e7778a4a7401a9105/netzip...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,...
O17 - HKLM\System\CCS\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: EPSON V3 Service2(02) (EPSON_PM_RPCV2_02) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP2.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\RpcSandraSrv.exe
O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe
pour info, lorsque j'ai ouvert IE, j'ai encore eu droit à 4 fenêtres de pub![:(]( ":(")
Citation :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 22:21:14 09/04/2007
+ Résultat de l'analyse:
D:\xbox\BiosChecker_v50\BiosScan\BiosScan.exe -> Backdoor.NewB : Nettoyé.
:mozilla.6:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.7:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.8:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.9:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.142:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.24:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.25:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.26:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.27:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.27:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.28:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.14:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\olivier\Cookies\olivier@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.245:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.234:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.235:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.236:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\olivier\Cookies\olivier@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\olivier\Cookies\olivier@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\olivier\Cookies\olivier@www.epilot[1].txt -> TrackingCookie.Epilot : Nettoyé.
:mozilla.69:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.24:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.281:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.282:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.283:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.284:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.112:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Ivwbox : Nettoyé.
:mozilla.50:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\olivier\Cookies\olivier@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.151:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.152:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.155:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.170:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.171:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.172:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.173:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.174:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.175:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.51:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.238:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.239:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.240:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.241:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.300:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.301:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.302:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.47:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.48:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.49:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\olivier\Cookies\olivier@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.16:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.17:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.18:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.20:C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.181:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Trafic : Nettoyé.
:mozilla.184:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.189:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.190:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.191:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.212:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.213:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.218:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.219:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.220:C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
Fin du rapport
le rapport Clean:
Citation :
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Option 2, executee le 09/04/2007 a 22:21:51,15
Microsoft Windows XP [version 5.1.2600]
*** Suppression de fichiers sur C:
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\kernel???.exe
tentative de suppression de C:\WINDOWS\system32\mcrh.tmp
tentative de suppression de C:\WINDOWS\system32\SpoonUninstall.exe
tentative de suppression de "C:\Program Files\mozilla firefox\plugins\npclntax.dll"
tentative de suppression de "C:\Program Files\Download Plugin\DlPlugin-Moz\"
tentative de suppression de "C:\Program Files\Download Plugin\"
tentative de suppression de "C:\Program Files\Viewpoint\"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
et le log Hijackthis !
Citation :
Logfile of HijackThis v1.99.1
Scan saved at 22:36:16, on 09/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\system32\E_S00RP2.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\SAgent4.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\util\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://otoon01.spaces.live.com//PhotoUpload/MsnPUpld.ca...
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/128e7778a4a7401a9105/netzip...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,...
O17 - HKLM\System\CCS\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: EPSON V3 Service2(02) (EPSON_PM_RPCV2_02) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP2.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\RpcSandraSrv.exe
O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe
pour info, lorsque j'ai ouvert IE, j'ai encore eu droit à 4 fenêtres de pub
Re,
Fais un scan en ligne Kaspersky avec Internet Explorer :
Clique sur ![]()
Clique maintenant sur J'accepte.
Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
Patiente pendant l'installation des Mises à jour.
Choisis par la suite l'analyse du Poste de travail
Sauvegarde puis colle le rapport généré en fin d'analyse.
AIDE : Tuto sur le scan en ligne
NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
AIDE : Tuto sur le scan en ligne
NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
voilà le rapport:
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Tuesday, April 10, 2007 6:44:00 AM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 9/04/2007
Enregistrements dans la base antivirus Kaspersky : 276732
-------------------------------------------------------------------------------
Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie: vrai
Cible de l'analyse - Poste de travail:
A:\
C:\
D:\
E:\
F:\
Statistiques de l'analyse:
Total d'objets analysés: 285725
Nombre de virus trouvés: 5
Nombre d'objets infectés: 10 / 0
Nombre d'objets suspects: 0
Durée de l'analyse: 05:24:48
Nom de l'objet infecté / Nom du virus / Dernière action
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\00bee06222d6ba878e8e3c9912deca99_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\01280fe79234aa6b92ab0cc102262ef4_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\01bb0755b8d44871d353f4bf9b0e5d0f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\01d406d8b534fbcf47ea13b82b9255df_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\032d3866a365862663a304c053afe90a_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\03f4bf3b4b488e1ece62961ee6902895_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\04698afd78b4b2cde543cffd6cfb2b13_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\04de19972d597e4deb61b4565afc2d85_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\069bb028ef71b5dc2774f9042c86680f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\06d2be9f6f595f00a2861ddb6efacf0c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\07ca2bc875a483d5be9d746414baf09d_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0c5f324e93b73410f3e05dac72b540fa_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0d0fbdb7dbbc655deb89849f02b2f275_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0da8e8702781711e1667465e7a2412de_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0e11d4d5932db6252e2e15f3ae3dd2f4_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0ea9d923c76b84d625b3494da13584aa_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0f576f98638580678b2fa76553153320_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0fbadcd766303ff9bdf2398f5b0df4f0_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\104961eb9419b3453321aa2bb914dc11_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\120c40daedd2377b606e2723f63025ad_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\141ee676689fab53bdde4cd4fc086b74_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1434726c5a11d4a91b4a2142d3ef7b28_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\16061ad67cdc71a8e7c9b67d014b94bd_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\166448b2e0390e4dff31b054d0ac1bb5_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1695d2bb453f495d1be56f75baab58dd_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\179bec83320a7083a79dbc1e6e3aaf7d_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\18ab0318b7e2b5e1775fd86d20fa1c33_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\18f0214ebcd280e63d4ad39e19599b71_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1a557b634ab3732ec94d169868bd54c9_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1a6ba714d6ad9d24e18231d393ea8561_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1c21a9b5e8f17493dffa8ac944622906_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\20412d1fe527b654b761289e8a1631a5_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\20862c677bc26fe322f1360bce001116_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\20890cedaba32f757474b3ad61fba619_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\20961c02857fd29c6e0696dc6db3be4f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2134b7e331858fc33fe7e76645652b89_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2487eeb631d3c6c2a24c35fe1b521da8_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2602d353fc6a533e36a63f267fca6259_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2657a08d6269ed7f4936d11ae70deb15_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\285afdc051bb66fc08072a03b78bc79a_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\28628bc077b9a6c5dce660d367aaf3ec_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\29422836fae1cffcbb9bd908a26839ad_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\295093ac62c06ff822e1df1ca375c22f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\29b3ba91dfe353122329f10527db8770_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\29bd274cc17117841f8b45a755913f37_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2a77a76836380a98805f4d1ae259195e_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2ae097b517b71ec6ea55e1d49358cd9f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2b07a7d515a3c5bedf6cf6e0d2b359a3_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2b74808347cbdb13feea75b36acd3e02_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2cf9395363ab672e24f09eed762964dc_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2dcdc02545d8bc43d50510eedce7a820_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2dd7fae5865cc52faa59c5fcfa1fcde9_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2f61194024015025ed3b76a214950244_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2fcf83d82a858132d6a24b6d23c3118d_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\30b68208271a7b5575793f65d563020c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\315d5fcfd4a5f2419fe52502f359e6cb_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\32f34a85fcd8f748568e5fed06312ff3_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3318fc3100e7410df56e1561f9016e1c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\345fcb3c25e4427a962f328d40aeb6d4_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3801680344ab6f2f982f5ae5c5e6bccb_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\39166de33eeaa227b7accc63a6fa7c5c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3a5d601969d6fa2cd53cb242b788183f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3d4667155d8efaedcd8327532abc4649_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3d5434768bec6c897b2a7b8eb93ec84d_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3dbc05ecda17602cee42880c142d3cca_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3e8b6ecdb250177fcac89c908ec261e2_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3f251694eaa000d0fd764ae58570cf10_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3f38122a6e5ae9cf5adc4782be314315_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\402516c6062042f4b29d67986b7841ff_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\408e337a06eda724962434a80441a692_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\414e3f042035d25654dbc98d925d9a79_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\415ac93db5feaf1acf2c54916ffa6b96_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\41a7f8b5956844f065518b7d95c85835_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4250107cd628f263404eb9af4eb88e18_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\42d369e806b0398f92dff023cecce694_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\42f68f9cfe348cb5bf914cbbf74f031a_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4492bffd19c05df2744e7995f1ea2d26_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\45d68b96a6d37901d7f3b12a04e838b1_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\45d8253bb693442c547b31a0c4e503f7_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\47c1da5c310a05ba63c7bcd4757ba88f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\49ba9706ef2f92f9c215f0771e39830a_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4b708ace6be64ad968b420160fdbd52f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4b8b907716e9e78624284a812addc57b_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4c34696b569dfdcecf7c737afb40c916_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4ec364afdfa91fceb05247b4d5d80fbf_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4ee2d8bc4add97f7c8a208cfaaa40e9d_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\508311f3bef87d44794fd332c900d8fb_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\50895b393d52f35c7d5938643b823015_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\515d92461b093325df2284faa453dd22_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\517bca77ecaeb747999f5ecbdd077577_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5293252e41cb1d26533b4687a93ef01c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\54a5476e7e4d3c1fe786dfafcda3769e_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5745436a8c8f71ee0ef0c9f49f8a0d1b_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\57d22827fdfe54f9a6de48d0879a9f4c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5835e82ae7abb2acefec35c7c53315dc_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\58f9bd7a79bbdd7b88f368a2d330fb39_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\59468ef98d615834b3c6c64a0ac0085a_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\598477d9cf17d07598e1182051767163_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\59f75050f85ed78f3489c7312ac6baf2_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5b3dc7f992f593becc00ca3117dba3a2_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5bd0d6a6ddab4fb249fc1145ec5a7f39_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5e3a6550aa15f1b1bd8a37432443a382_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5e52a34fe66f6faeff3aa65a635e30d4_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\639dc526e25b881533d276ccbdbb904e_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\644ca09160ef6616d5d7a2921cf1d420_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\64591b80d36252ef5320fba8ad851596_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\670f73371a50dfb3be3832cbe64d0b7c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6727f622ee036a6064b9050b453802aa_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\681c647c885472d0a8f2bdb4c02e9fe5_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\68a6c025e8dde5a97d30fd19992b3d24_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\68a95ce2cdcc2f2c087f4c6f65e23490_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6ae51b6cb8f83f901618cb06bfc8e787_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6b23c2c7663f00575337112621a21193_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6b271b18334f2458993f52b0fda4767f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6b94a9d3faae3fdc29dd3c95c1de134c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6cbdc58b46257b22bb831a1d1a1108ce_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6d273abe299ae4deca7143c2dcde4e16_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6d5a71cb94c687d82daf585b228febf9_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6f02da8225f4bd91b33cb3028cccbdfa_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6f254ba0be3a57d7a0103949a91cd374_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6ffb28f083d52c13efcf1178705c62b9_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7044858c5da70392f247f450177b5f28_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\708667a76aa26d2b4e0ec22ebbd1c65d_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7430f9db165df96cd31294f2976e2ec7_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\78fbe1c43105e57d7b828ba1203bdba2_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\79395710275f354fcc08b96ac1d0f362_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\79885c264fb8c59a7ad4d1f930e994c0_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\79da68d225e72155092c382ece8cdb59_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7a3b154d8be0197998b6848796ab623e_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7a45bd32960b9114af1a2c026a1f4df0_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7feb6d4adf56d4dbb65b2eba6ea84176_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\82d02039088715fe187bb9d2bac41b6e_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8324f8d7369c7b41562dcc7710b3f092_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\844248183387ba15c88fa48353acd1fe_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\85d1c3b8795f18cdd7aef0d19bb66e02_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\86aedda83462e2fe32e40c3e2a4a448a_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8704915e8e71c084e3e8ceceb92bfa83_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\882e776daaa70da84cf0d69a08999b36_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8844dcb9473385e8b30ba16de3ac0526_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8a1514b5e200126a938573ebd15c142e_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8a64c166645d5f9d195dea94d94facaf_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8aec34378fdb550e4a60d58470814549_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8d49c49c2293489986d3cc982eb6aa0b_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8dffd67e2e52f7e51cd2a07c821b7d76_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\93aeb812c30eab42f68b7a5db691e9c6_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\94083398e149edb99ada667a6e081548_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\94d3b0a789cb7ad882d022b848f83e36_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\97a7852ceb735a82533cc2158e3aff14_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\97c0c42862d8b9b9afb281f4534946fa_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\982b76ca1da436eefddcc7dc7cc18d03_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\98da0d7f44d4ee594a2032e0a3f6ca23_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9a27fc6c2f3816fb7cb5275edc7ac3bc_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9a5bc78c35e7e035d64194d86f780fc0_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9a88e64f9a2226f1f719be85f39cdee7_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9bc86ad0040a7782a66668753a0b321e_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9da32fbad2fbed2dbf0992af8d984149_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9ea740b65b09f2020c32b7c6a4b3fc13_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9eaa0b7cb9f4e4d7a4613c6d4dd5b17f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9ff7578581c9a528456a9ac14fad9d5c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a05f3d5846e5f15d910f6e774c7dc098_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a06136f908efe4025d5551eaa17a2749_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a1fd211d089a114e38ae2ad0984eb981_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a55a41f4e1f386074bcd6b8c19494de9_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a6075aba8e815f61e8b864883f9b610b_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a671426ba2f7e2a6308dcc2bb1d6d2ea_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a695a2e7b3f0e1fed159ddd8893c96d8_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a7331ea43f239e41738884952b52ce11_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\aabdf686b3d200e62696709334595655_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ad2471dca5d7d4136fa083510af8d8ea_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ad2d2c4bd1093f64c01a5a6a5c0fc984_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ad5aa1b676db7095f6d5df5ba08b862c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ad82f37e21d6d9a90ddf0b98ead22f92_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\adecbe38a6a851a8b4477149f9b818b3_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\af2a61c29719fd168fdeac76708abb08_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\af8a69f21fc6360eca410ddec05dd919_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b01fcd9e391cda20848177b9d8b336b9_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b1432a455a9bb31dc348287ab9f96da8_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b15e4ef7d6d88af94e8fdcab207ec4c1_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b17f57df01367b169bf00b0cd5d9010e_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b20ff96d4c0845b3b3932a7c877a9338_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b23d92b71f7bed6b1799ff27805ee2eb_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b69fc81e3a6a75167d5fa19f765b67ac_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b6b746a7f5e31f2a394ec77b9e01b5c1_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b839de2c0157bfee4b63e4b65688d626_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b9eb1c20dfe1edf064ada15b3f23c518_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bb42f00c7e40d616ca248fd587d79d49_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bc4174d7d427682290f135c0ca5739b0_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bc6eac4a5979ae7d83688b350403afb8_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bcf8c612d6b1f649de88bd38083f866f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bd23296becb7467ad45c482b922b3ca0_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bde231bbd66715a0a11bad0246dad5a1_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\be45f2156718eb43cb877a9bd0e23efc_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bf1a3452d7cf5cf8ce79448577f79674_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c1b583ea3e13ed58fd5adfc969e78a22_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c1d0c67a5561aaada52e3d63bfe04ac3_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c2a7671d9e2bcc7c33fb186a367ebce5_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c42398fa8e8d5d8bd36b06a0f882b39a_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c4e6a798f334d2a987fe345bdf55b1b2_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c6332097f3a2c5ca77ec2812b4ff958d_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c6d1a75991eeca32d1b479eb4eaec01f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c7358d41a2aff84a38c559c1f291a221_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c7b19825455cdbe74a8bb09afb80efbe_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cb487b69a4ad348352505f50a8b71b7f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cc1a6397079e6495333a656754d77313_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cc3ead4d7c7a278d7314e16097172b2d_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cdead4d1142a7a2ee9e4d55bb23886cb_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cfc594ba3d9972fa9bf6a559df3b65a7_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d0771cda31d8ed0988c63f933a6b2b67_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d0a2d5d2b908253526797d55c55ca08c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d0fc9d486b7c8abc124d3b7a923f9a5f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d10348142e264c3feda2efea3270c4d2_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d3faa8bb9c331c79614feb535c13374f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d409c01cdfe2f888afc18885b3e1164a_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d4c78b285ea49e4563325fd78af58077_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d4d3e4892fcbe39f3ac6566ca2585d02_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d56faa36048fb8882c39cbea2bfd9e33_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d67da94ee42f0bc1227ed2bc491b8a33_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d6a4ba85b8f1016ada04c9a7c0a5affc_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d6b13c02ae2759ccbf4790fd5d0daa9c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d73200f73a36d0eac2f02352ce5761cf_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d8f29b0efa4bca9b00e748ccfe671a3e_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d8fa962f19b8fb842803bb68c3a116eb_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d961ea28ee7f9805c47b77e36ef28d12_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d98723e66fe9452241dc683102c0054d_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d9d62cef650fc6d7020ea9b2616a1b76_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\dbce2b8965038c9366899268707dab6b_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\dcb16e766a48b16fd2e95879c65836be_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e0081c2e82f7c21c6dd2816b180b1c1b_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e0b353fd573218c246ee7f1e14ba2b50_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e0cd50b3b8345350353c7e8ae2d9214c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e3524b85dc53e128dc4ada48ac6d9942_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e450880f6ba39b75754f516569eff35c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e5b7c630e5db6ac6ebff69a535ebdf1f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e6436afdc3c9073221bf0ad9ea4baa7f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e669264c7a5daedbd36fb62fb6dfa426_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e846c0142bcf31c45eb04cdc40ce4c73_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e8907f4fff1202604ceff3cac67f3f3f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ea0d3b70bd474425b86c2e4204dd79c9_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\eaa15fa1ed616aa72a26b7f118dee303_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ec3631ee6dcf052d3bab2e53c8d78965_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ece48958a9cd0202d46c617d85c24475_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ecf3c88f1a1cb0858c0ef24e6259d252_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ee1e51f34005fed6c2b722d939bf0901_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ef7d38fe359c028f82dfaad662496c6f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f103cdf5cbb05e2481f8c32b479591a0_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f5c2b103c719f179b51ac834a55eae0e_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f7840fbfe15b6c19f606626558b29299_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f90c92027d204048a890d8badf489566_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f9d61e801ecc7f47873ab41095e90a14_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fb61656f592291783e7437457ad62abd_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fcc77418a7ec43cb44d90ec7a584e518_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fd787713eb8f31368010822754dafa79_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fdfc90f92de4fb565f9b5c92a9800df8_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fe416af539a80d07c8ffaf6468d3e708_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fe65634da269930749cd023119de736d_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ff00930ffbf4faca8bd94c565768355f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-04092007-120908.log L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\flashgot.log L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\history.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\key3.db L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\search.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\urlclassifier2.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Temp\~DFA3EF.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Temp\~DFA3FB.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Mes documents\Downloads\utorrent-1.7-beta-1137.exe/data.rar/utorrent-1.7-beta-1137_patch.exe/data0001 Infecté : Trojan-Downloader.NSIS.Agent.ac ignoré
C:\Documents and Settings\olivier\Mes documents\Downloads\utorrent-1.7-beta-1137.exe/data.rar/utorrent-1.7-beta-1137_patch.exe Infecté : Trojan-Downloader.NSIS.Agent.ac ignoré
C:\Documents and Settings\olivier\Mes documents\Downloads\utorrent-1.7-beta-1137.exe/data.rar Infecté : Trojan-Downloader.NSIS.Agent.ac ignoré
C:\Documents and Settings\olivier\Mes documents\Downloads\utorrent-1.7-beta-1137.exe RarSFX: infecté - 3 ignoré
C:\Documents and Settings\olivier\ntuser.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\00000002.ps1 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\00000002.ps2 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\00010015.ci L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\cicat.fid L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\cicat.hsh L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\CiCL0001.000 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\CiP10000.000 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\CiP20000.000 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\CiPT0000.000 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\CiSL0001.000 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\CiSP0000.000 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\CiST0000.000 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\CiVP0000.000 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\INDEX.000 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\propstor.bk1 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\propstor.bk2 L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{8F4C7AB6-E385-4A8A-B3E3-7E6701FF878C}\RP399\A0068466.dll Infecté : Trojan.Win32.BHO.g ignoré
C:\System Volume Information\_restore{8F4C7AB6-E385-4A8A-B3E3-7E6701FF878C}\RP410\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\bund1\ClientBundle1.exe/data0004 Infecté : Trojan.Win32.BHO.ab ignoré
C:\WINDOWS\system32\bund1\ClientBundle1.exe/data0006 Infecté : Trojan-Dropper.Win32.Agent.bfr ignoré
C:\WINDOWS\system32\bund1\ClientBundle1.exe NSIS: infecté - 2 ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ACEEvent.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\core.cache.dsk L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\core.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_310.dat L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_7d4.dat L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_a8.dat L'objet est verrouillé ignoré
C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
D:\System Volume Information\_restore{8F4C7AB6-E385-4A8A-B3E3-7E6701FF878C}\RP410\change.log L'objet est verrouillé ignoré
D:\util\setupwavtomp3.exe/WISE0016.BIN Infecté : Trojan-Downloader.Win32.Adload.a ignoré
D:\util\setupwavtomp3.exe WiseSFX: infecté - 1 ignoré
Analyse terminée.
Citation :
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Tuesday, April 10, 2007 6:44:00 AM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 9/04/2007
Enregistrements dans la base antivirus Kaspersky : 276732
-------------------------------------------------------------------------------
Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie: vrai
Cible de l'analyse - Poste de travail:
A:\
C:\
D:\
E:\
F:\
Statistiques de l'analyse:
Total d'objets analysés: 285725
Nombre de virus trouvés: 5
Nombre d'objets infectés: 10 / 0
Nombre d'objets suspects: 0
Durée de l'analyse: 05:24:48
Nom de l'objet infecté / Nom du virus / Dernière action
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\00bee06222d6ba878e8e3c9912deca99_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\01280fe79234aa6b92ab0cc102262ef4_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\01bb0755b8d44871d353f4bf9b0e5d0f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\01d406d8b534fbcf47ea13b82b9255df_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\032d3866a365862663a304c053afe90a_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\03f4bf3b4b488e1ece62961ee6902895_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\04698afd78b4b2cde543cffd6cfb2b13_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\04de19972d597e4deb61b4565afc2d85_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\069bb028ef71b5dc2774f9042c86680f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\06d2be9f6f595f00a2861ddb6efacf0c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\07ca2bc875a483d5be9d746414baf09d_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0c5f324e93b73410f3e05dac72b540fa_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0d0fbdb7dbbc655deb89849f02b2f275_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0da8e8702781711e1667465e7a2412de_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0e11d4d5932db6252e2e15f3ae3dd2f4_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0ea9d923c76b84d625b3494da13584aa_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0f576f98638580678b2fa76553153320_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0fbadcd766303ff9bdf2398f5b0df4f0_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\104961eb9419b3453321aa2bb914dc11_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\120c40daedd2377b606e2723f63025ad_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\141ee676689fab53bdde4cd4fc086b74_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1434726c5a11d4a91b4a2142d3ef7b28_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\16061ad67cdc71a8e7c9b67d014b94bd_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\166448b2e0390e4dff31b054d0ac1bb5_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1695d2bb453f495d1be56f75baab58dd_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\179bec83320a7083a79dbc1e6e3aaf7d_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\18ab0318b7e2b5e1775fd86d20fa1c33_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\18f0214ebcd280e63d4ad39e19599b71_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1a557b634ab3732ec94d169868bd54c9_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1a6ba714d6ad9d24e18231d393ea8561_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1c21a9b5e8f17493dffa8ac944622906_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\20412d1fe527b654b761289e8a1631a5_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\20862c677bc26fe322f1360bce001116_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\20890cedaba32f757474b3ad61fba619_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\20961c02857fd29c6e0696dc6db3be4f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2134b7e331858fc33fe7e76645652b89_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2487eeb631d3c6c2a24c35fe1b521da8_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2602d353fc6a533e36a63f267fca6259_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2657a08d6269ed7f4936d11ae70deb15_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\285afdc051bb66fc08072a03b78bc79a_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\28628bc077b9a6c5dce660d367aaf3ec_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\29422836fae1cffcbb9bd908a26839ad_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\295093ac62c06ff822e1df1ca375c22f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\29b3ba91dfe353122329f10527db8770_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\29bd274cc17117841f8b45a755913f37_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2a77a76836380a98805f4d1ae259195e_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2ae097b517b71ec6ea55e1d49358cd9f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2b07a7d515a3c5bedf6cf6e0d2b359a3_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2b74808347cbdb13feea75b36acd3e02_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2cf9395363ab672e24f09eed762964dc_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2dcdc02545d8bc43d50510eedce7a820_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2dd7fae5865cc52faa59c5fcfa1fcde9_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2f61194024015025ed3b76a214950244_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2fcf83d82a858132d6a24b6d23c3118d_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\30b68208271a7b5575793f65d563020c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\315d5fcfd4a5f2419fe52502f359e6cb_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\32f34a85fcd8f748568e5fed06312ff3_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3318fc3100e7410df56e1561f9016e1c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\345fcb3c25e4427a962f328d40aeb6d4_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3801680344ab6f2f982f5ae5c5e6bccb_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\39166de33eeaa227b7accc63a6fa7c5c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3a5d601969d6fa2cd53cb242b788183f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3d4667155d8efaedcd8327532abc4649_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3d5434768bec6c897b2a7b8eb93ec84d_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3dbc05ecda17602cee42880c142d3cca_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3e8b6ecdb250177fcac89c908ec261e2_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3f251694eaa000d0fd764ae58570cf10_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3f38122a6e5ae9cf5adc4782be314315_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\402516c6062042f4b29d67986b7841ff_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\408e337a06eda724962434a80441a692_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\414e3f042035d25654dbc98d925d9a79_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\415ac93db5feaf1acf2c54916ffa6b96_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\41a7f8b5956844f065518b7d95c85835_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4250107cd628f263404eb9af4eb88e18_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\42d369e806b0398f92dff023cecce694_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\42f68f9cfe348cb5bf914cbbf74f031a_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4492bffd19c05df2744e7995f1ea2d26_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\45d68b96a6d37901d7f3b12a04e838b1_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\45d8253bb693442c547b31a0c4e503f7_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\47c1da5c310a05ba63c7bcd4757ba88f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\49ba9706ef2f92f9c215f0771e39830a_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4b708ace6be64ad968b420160fdbd52f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4b8b907716e9e78624284a812addc57b_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4c34696b569dfdcecf7c737afb40c916_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4ec364afdfa91fceb05247b4d5d80fbf_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4ee2d8bc4add97f7c8a208cfaaa40e9d_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\508311f3bef87d44794fd332c900d8fb_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\50895b393d52f35c7d5938643b823015_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\515d92461b093325df2284faa453dd22_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\517bca77ecaeb747999f5ecbdd077577_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5293252e41cb1d26533b4687a93ef01c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\54a5476e7e4d3c1fe786dfafcda3769e_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5745436a8c8f71ee0ef0c9f49f8a0d1b_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\57d22827fdfe54f9a6de48d0879a9f4c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5835e82ae7abb2acefec35c7c53315dc_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\58f9bd7a79bbdd7b88f368a2d330fb39_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\59468ef98d615834b3c6c64a0ac0085a_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\598477d9cf17d07598e1182051767163_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\59f75050f85ed78f3489c7312ac6baf2_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5b3dc7f992f593becc00ca3117dba3a2_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5bd0d6a6ddab4fb249fc1145ec5a7f39_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5e3a6550aa15f1b1bd8a37432443a382_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5e52a34fe66f6faeff3aa65a635e30d4_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\639dc526e25b881533d276ccbdbb904e_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\644ca09160ef6616d5d7a2921cf1d420_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\64591b80d36252ef5320fba8ad851596_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\670f73371a50dfb3be3832cbe64d0b7c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6727f622ee036a6064b9050b453802aa_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\681c647c885472d0a8f2bdb4c02e9fe5_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\68a6c025e8dde5a97d30fd19992b3d24_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\68a95ce2cdcc2f2c087f4c6f65e23490_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6ae51b6cb8f83f901618cb06bfc8e787_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6b23c2c7663f00575337112621a21193_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6b271b18334f2458993f52b0fda4767f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6b94a9d3faae3fdc29dd3c95c1de134c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6cbdc58b46257b22bb831a1d1a1108ce_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6d273abe299ae4deca7143c2dcde4e16_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6d5a71cb94c687d82daf585b228febf9_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6f02da8225f4bd91b33cb3028cccbdfa_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6f254ba0be3a57d7a0103949a91cd374_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6ffb28f083d52c13efcf1178705c62b9_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7044858c5da70392f247f450177b5f28_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\708667a76aa26d2b4e0ec22ebbd1c65d_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7430f9db165df96cd31294f2976e2ec7_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\78fbe1c43105e57d7b828ba1203bdba2_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\79395710275f354fcc08b96ac1d0f362_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\79885c264fb8c59a7ad4d1f930e994c0_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\79da68d225e72155092c382ece8cdb59_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7a3b154d8be0197998b6848796ab623e_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7a45bd32960b9114af1a2c026a1f4df0_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7feb6d4adf56d4dbb65b2eba6ea84176_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\82d02039088715fe187bb9d2bac41b6e_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8324f8d7369c7b41562dcc7710b3f092_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\844248183387ba15c88fa48353acd1fe_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\85d1c3b8795f18cdd7aef0d19bb66e02_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\86aedda83462e2fe32e40c3e2a4a448a_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8704915e8e71c084e3e8ceceb92bfa83_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\882e776daaa70da84cf0d69a08999b36_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8844dcb9473385e8b30ba16de3ac0526_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8a1514b5e200126a938573ebd15c142e_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8a64c166645d5f9d195dea94d94facaf_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8aec34378fdb550e4a60d58470814549_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8d49c49c2293489986d3cc982eb6aa0b_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8dffd67e2e52f7e51cd2a07c821b7d76_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\93aeb812c30eab42f68b7a5db691e9c6_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\94083398e149edb99ada667a6e081548_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\94d3b0a789cb7ad882d022b848f83e36_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\97a7852ceb735a82533cc2158e3aff14_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\97c0c42862d8b9b9afb281f4534946fa_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\982b76ca1da436eefddcc7dc7cc18d03_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\98da0d7f44d4ee594a2032e0a3f6ca23_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9a27fc6c2f3816fb7cb5275edc7ac3bc_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9a5bc78c35e7e035d64194d86f780fc0_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9a88e64f9a2226f1f719be85f39cdee7_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9bc86ad0040a7782a66668753a0b321e_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9da32fbad2fbed2dbf0992af8d984149_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9ea740b65b09f2020c32b7c6a4b3fc13_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9eaa0b7cb9f4e4d7a4613c6d4dd5b17f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9ff7578581c9a528456a9ac14fad9d5c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a05f3d5846e5f15d910f6e774c7dc098_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a06136f908efe4025d5551eaa17a2749_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a1fd211d089a114e38ae2ad0984eb981_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a55a41f4e1f386074bcd6b8c19494de9_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a6075aba8e815f61e8b864883f9b610b_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a671426ba2f7e2a6308dcc2bb1d6d2ea_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a695a2e7b3f0e1fed159ddd8893c96d8_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a7331ea43f239e41738884952b52ce11_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\aabdf686b3d200e62696709334595655_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ad2471dca5d7d4136fa083510af8d8ea_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ad2d2c4bd1093f64c01a5a6a5c0fc984_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ad5aa1b676db7095f6d5df5ba08b862c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ad82f37e21d6d9a90ddf0b98ead22f92_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\adecbe38a6a851a8b4477149f9b818b3_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\af2a61c29719fd168fdeac76708abb08_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\af8a69f21fc6360eca410ddec05dd919_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b01fcd9e391cda20848177b9d8b336b9_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b1432a455a9bb31dc348287ab9f96da8_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b15e4ef7d6d88af94e8fdcab207ec4c1_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b17f57df01367b169bf00b0cd5d9010e_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b20ff96d4c0845b3b3932a7c877a9338_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b23d92b71f7bed6b1799ff27805ee2eb_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b69fc81e3a6a75167d5fa19f765b67ac_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b6b746a7f5e31f2a394ec77b9e01b5c1_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b839de2c0157bfee4b63e4b65688d626_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b9eb1c20dfe1edf064ada15b3f23c518_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bb42f00c7e40d616ca248fd587d79d49_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bc4174d7d427682290f135c0ca5739b0_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bc6eac4a5979ae7d83688b350403afb8_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bcf8c612d6b1f649de88bd38083f866f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bd23296becb7467ad45c482b922b3ca0_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bde231bbd66715a0a11bad0246dad5a1_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\be45f2156718eb43cb877a9bd0e23efc_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bf1a3452d7cf5cf8ce79448577f79674_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c1b583ea3e13ed58fd5adfc969e78a22_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c1d0c67a5561aaada52e3d63bfe04ac3_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c2a7671d9e2bcc7c33fb186a367ebce5_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c42398fa8e8d5d8bd36b06a0f882b39a_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c4e6a798f334d2a987fe345bdf55b1b2_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c6332097f3a2c5ca77ec2812b4ff958d_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c6d1a75991eeca32d1b479eb4eaec01f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c7358d41a2aff84a38c559c1f291a221_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c7b19825455cdbe74a8bb09afb80efbe_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cb487b69a4ad348352505f50a8b71b7f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cc1a6397079e6495333a656754d77313_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cc3ead4d7c7a278d7314e16097172b2d_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cdead4d1142a7a2ee9e4d55bb23886cb_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cfc594ba3d9972fa9bf6a559df3b65a7_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d0771cda31d8ed0988c63f933a6b2b67_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d0a2d5d2b908253526797d55c55ca08c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d0fc9d486b7c8abc124d3b7a923f9a5f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d10348142e264c3feda2efea3270c4d2_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d3faa8bb9c331c79614feb535c13374f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d409c01cdfe2f888afc18885b3e1164a_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d4c78b285ea49e4563325fd78af58077_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d4d3e4892fcbe39f3ac6566ca2585d02_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d56faa36048fb8882c39cbea2bfd9e33_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d67da94ee42f0bc1227ed2bc491b8a33_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d6a4ba85b8f1016ada04c9a7c0a5affc_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d6b13c02ae2759ccbf4790fd5d0daa9c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d73200f73a36d0eac2f02352ce5761cf_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d8f29b0efa4bca9b00e748ccfe671a3e_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d8fa962f19b8fb842803bb68c3a116eb_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d961ea28ee7f9805c47b77e36ef28d12_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d98723e66fe9452241dc683102c0054d_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d9d62cef650fc6d7020ea9b2616a1b76_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\dbce2b8965038c9366899268707dab6b_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\dcb16e766a48b16fd2e95879c65836be_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e0081c2e82f7c21c6dd2816b180b1c1b_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e0b353fd573218c246ee7f1e14ba2b50_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e0cd50b3b8345350353c7e8ae2d9214c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e3524b85dc53e128dc4ada48ac6d9942_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e450880f6ba39b75754f516569eff35c_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e5b7c630e5db6ac6ebff69a535ebdf1f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e6436afdc3c9073221bf0ad9ea4baa7f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e669264c7a5daedbd36fb62fb6dfa426_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e846c0142bcf31c45eb04cdc40ce4c73_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e8907f4fff1202604ceff3cac67f3f3f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ea0d3b70bd474425b86c2e4204dd79c9_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\eaa15fa1ed616aa72a26b7f118dee303_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ec3631ee6dcf052d3bab2e53c8d78965_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ece48958a9cd0202d46c617d85c24475_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ecf3c88f1a1cb0858c0ef24e6259d252_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ee1e51f34005fed6c2b722d939bf0901_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ef7d38fe359c028f82dfaad662496c6f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f103cdf5cbb05e2481f8c32b479591a0_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f5c2b103c719f179b51ac834a55eae0e_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f7840fbfe15b6c19f606626558b29299_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f90c92027d204048a890d8badf489566_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f9d61e801ecc7f47873ab41095e90a14_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fb61656f592291783e7437457ad62abd_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fcc77418a7ec43cb44d90ec7a584e518_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fd787713eb8f31368010822754dafa79_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fdfc90f92de4fb565f9b5c92a9800df8_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fe416af539a80d07c8ffaf6468d3e708_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fe65634da269930749cd023119de736d_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ff00930ffbf4faca8bd94c565768355f_f4da71dd-9469-4731-8db1-d02af869bae6 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-04092007-120908.log L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\flashgot.log L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\history.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\key3.db L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\search.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\urlclassifier2.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Temp\~DFA3EF.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Temp\~DFA3FB.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Mes documents\Downloads\utorrent-1.7-beta-1137.exe/data.rar/utorrent-1.7-beta-1137_patch.exe/data0001 Infecté : Trojan-Downloader.NSIS.Agent.ac ignoré
C:\Documents and Settings\olivier\Mes documents\Downloads\utorrent-1.7-beta-1137.exe/data.rar/utorrent-1.7-beta-1137_patch.exe Infecté : Trojan-Downloader.NSIS.Agent.ac ignoré
C:\Documents and Settings\olivier\Mes documents\Downloads\utorrent-1.7-beta-1137.exe/data.rar Infecté : Trojan-Downloader.NSIS.Agent.ac ignoré
C:\Documents and Settings\olivier\Mes documents\Downloads\utorrent-1.7-beta-1137.exe RarSFX: infecté - 3 ignoré
C:\Documents and Settings\olivier\ntuser.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\00000002.ps1 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\00000002.ps2 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\00010015.ci L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\cicat.fid L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\cicat.hsh L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\CiCL0001.000 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\CiP10000.000 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\CiP20000.000 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\CiPT0000.000 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\CiSL0001.000 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\CiSP0000.000 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\CiST0000.000 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\CiVP0000.000 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\INDEX.000 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\propstor.bk1 L'objet est verrouillé ignoré
C:\System Volume Information\catalog.wci\propstor.bk2 L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{8F4C7AB6-E385-4A8A-B3E3-7E6701FF878C}\RP399\A0068466.dll Infecté : Trojan.Win32.BHO.g ignoré
C:\System Volume Information\_restore{8F4C7AB6-E385-4A8A-B3E3-7E6701FF878C}\RP410\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\bund1\ClientBundle1.exe/data0004 Infecté : Trojan.Win32.BHO.ab ignoré
C:\WINDOWS\system32\bund1\ClientBundle1.exe/data0006 Infecté : Trojan-Dropper.Win32.Agent.bfr ignoré
C:\WINDOWS\system32\bund1\ClientBundle1.exe NSIS: infecté - 2 ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ACEEvent.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\core.cache.dsk L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\core.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_310.dat L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_7d4.dat L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_a8.dat L'objet est verrouillé ignoré
C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
D:\System Volume Information\_restore{8F4C7AB6-E385-4A8A-B3E3-7E6701FF878C}\RP410\change.log L'objet est verrouillé ignoré
D:\util\setupwavtomp3.exe/WISE0016.BIN Infecté : Trojan-Downloader.Win32.Adload.a ignoré
D:\util\setupwavtomp3.exe WiseSFX: infecté - 1 ignoré
Analyse terminée.
le voilà:
Logfile of HijackThis v1.99.1
Scan saved at 18:48:41, on 10/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\system32\E_S00RP2.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\SAgent4.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
D:\util\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://otoon01.spaces.live.com//PhotoUpload/MsnPUpld.ca...
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/128e7778a4a7401a9105/netzip...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,...
O17 - HKLM\System\CCS\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: EPSON V3 Service2(02) (EPSON_PM_RPCV2_02) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP2.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\RpcSandraSrv.exe
O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe
Citation :
Logfile of HijackThis v1.99.1
Scan saved at 18:48:41, on 10/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\system32\E_S00RP2.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\SAgent4.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
D:\util\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://otoon01.spaces.live.com//PhotoUpload/MsnPUpld.ca...
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/128e7778a4a7401a9105/netzip...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,...
O17 - HKLM\System\CCS\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: EPSON V3 Service2(02) (EPSON_PM_RPCV2_02) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP2.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\RpcSandraSrv.exe
O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe
Ok.
Avec Internet Explorer
Fais un scan en ligne Panda
- Clique sur " Scan your PC "
- Ensuite sur " Check Now "
- /!\ Clique en bas sur " I don't Accept "
Entre ton adresse e-mail puis commence le scan
- Poste le rapport en fin d'analyse
Si tu as Avast! désactive-le lors du scan
Avec Internet Explorer
Fais un scan en ligne Panda
- Clique sur " Scan your PC "
- Ensuite sur " Check Now "
- /!\ Clique en bas sur " I don't Accept "
Entre ton adresse e-mail puis commence le scan
- Poste le rapport en fin d'analyse
Si tu as Avast! désactive-le lors du scan
voilà le log ![:D]( ":D")
Incident Status Location
Adware:adware/powerscan Not disinfected Windows Registry
Adware:adware/statblaster Not disinfected Windows Registry
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt[.atwola.com/]
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt[.bravenet.com/]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt[.xiti.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt[.bluestreak.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt[.tradedoubler.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt[.c5.zedo.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt[.zedo.com/]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\olivier\Application Data\Nvu\Profiles\ze2230i4.default\cookies.txt[.xiti.com/]
Potentially unwanted tool:Application/Pskill.K Not disinfected C:\Documents and Settings\olivier\Bureau\clean\pskill.exe
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@c5.zedo[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@casalemedia[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@doubleclick[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@drivecleaner[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@mediaplex[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@stats.drivecleaner[2].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@tradedoubler[1].txt
Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@weborama[1].txt
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@winantispyware[2].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@xiti[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@zedo[1].txt
Spyware:Spyware/Virtumonde Not disinfected C:\VundoFix Backups\bqvjygtk.dll.bad
Adware:Adware/Cydoor Not disinfected C:\WINDOWS\system32\1165270061.exe[¦%%\coltea.dll]
Hacktool:HackTool/Zapgon.A Not disinfected D:\fc-vision\Invision\Stdio.dll
Potentially unwanted tool:Application/Processor Not disinfected D:\temp\navilog\Process.exe
Adware:Adware/Cydoor Not disinfected D:\util\Torrent.exe[¦$$\System32\netstrap42.dll]
Adware:Adware/ClockSync Not disinfected D:\util\Torrent.exe[²ÖÇ\VVSNInst.exe]
au fait une fois le scan terminé j'en fais quoi de la fenetre panda activescan ?
Citation :
Incident Status Location
Adware:adware/powerscan Not disinfected Windows Registry
Adware:adware/statblaster Not disinfected Windows Registry
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt[.atwola.com/]
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\géraldine\Application Data\Mozilla\Firefox\Profiles\cw24ayk9.default\cookies.txt[.bravenet.com/]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt[.xiti.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt[.bluestreak.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt[.tradedoubler.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt[.c5.zedo.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\olivier\Application Data\Mozilla\Firefox\Profiles\ynwfq4oa.default\cookies.txt[.zedo.com/]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\olivier\Application Data\Nvu\Profiles\ze2230i4.default\cookies.txt[.xiti.com/]
Potentially unwanted tool:Application/Pskill.K Not disinfected C:\Documents and Settings\olivier\Bureau\clean\pskill.exe
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@c5.zedo[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@casalemedia[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@doubleclick[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@drivecleaner[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@mediaplex[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@stats.drivecleaner[2].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@tradedoubler[1].txt
Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@weborama[1].txt
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@winantispyware[2].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@xiti[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\olivier\Cookies\olivier@zedo[1].txt
Spyware:Spyware/Virtumonde Not disinfected C:\VundoFix Backups\bqvjygtk.dll.bad
Adware:Adware/Cydoor Not disinfected C:\WINDOWS\system32\1165270061.exe[¦%%\coltea.dll]
Hacktool:HackTool/Zapgon.A Not disinfected D:\fc-vision\Invision\Stdio.dll
Potentially unwanted tool:Application/Processor Not disinfected D:\temp\navilog\Process.exe
Adware:Adware/Cydoor Not disinfected D:\util\Torrent.exe[¦$$\System32\netstrap42.dll]
Adware:Adware/ClockSync Not disinfected D:\util\Torrent.exe[²ÖÇ\VVSNInst.exe]
au fait une fois le scan terminé j'en fais quoi de la fenetre panda activescan ?
Re,
Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne TOUS les emplacements en gras ci-dessous :
C:\VundoFix Backups
C:\WINDOWS\system32\1165270061.exe
D:\fc-vision\Invision\Stdio.dll
D:\util\Torrent.exe
---> Clique-droit puis Copier
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller.
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport est la date de sa création.
Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne TOUS les emplacements en gras ci-dessous :
C:\VundoFix Backups
C:\WINDOWS\system32\1165270061.exe
D:\fc-vision\Invision\Stdio.dll
D:\util\Torrent.exe
---> Clique-droit puis Copier
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller.
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport est la date de sa création.
Citation :
C:\VundoFix Backups moved successfully.
C:\WINDOWS\system32\1165270061.exe moved successfully.
DllUnregisterServer procedure not found in D:\fc-vision\Invision\Stdio.dll
D:\fc-vision\Invision\Stdio.dll NOT unregistered.
D:\fc-vision\Invision\Stdio.dll moved successfully.
D:\util\Torrent.exe moved successfully.
Created on 04/10/2007 21:56:27
Citation :
Logfile of HijackThis v1.99.1Scan saved at 22:08:26, on 10/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\system32\E_S00RP2.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\SAgent4.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\util\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://otoon01.spaces.live.com//PhotoUpload/MsnPUpld.ca...
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/128e7778a4a7401a9105/netzip...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,...
O17 - HKLM\System\CCS\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{23EE2B08-C951-4C98-911F-26CD4992EB92}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: EPSON V3 Service2(02) (EPSON_PM_RPCV2_02) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP2.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\RpcSandraSrv.exe
O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe
mais comment tu fais pour t'y retrouver là dedans ?
Oui.
Télécharge Silent Runners
http://www.silentrunners.org/Silent%20Runners.zip
Dézippe le sur ton bureau ou dans un dossier dédié.
Double Clique ensuite sur ce fichier, patiente jusqu'à l'affichage d'un message.
Un rapport est généré dans le meme dossier, colle le ici.
NOTE : Si tu as une alerte de ton antivirus au cours du téléchargement, ou au cours de l'utilisation, n'en tiend pas compte.
Télécharge Silent Runners
http://www.silentrunners.org/Silent%20Runners.zip
Dézippe le sur ton bureau ou dans un dossier dédié.
Double Clique ensuite sur ce fichier, patiente jusqu'à l'affichage d'un message.
Un rapport est généré dans le meme dossier, colle le ici.
NOTE : Si tu as une alerte de ton antivirus au cours du téléchargement, ou au cours de l'utilisation, n'en tiend pas compte.
voilà le rapport...
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" ["Google Inc."]
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"NVMixerTray" = ""C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"" ["NVIDIA Corporation"]
"NVIDIA nTune" = ""C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear" ["NVIDIA"]
"LogitechVideoRepair" = "C:\Program Files\Logitech\Video\ISStart.exe " ["Logitech Inc."]
"LogitechVideoTray" = "C:\Program Files\Logitech\Video\LogiTray.exe" ["Logitech Inc."]
"ATIPTA" = "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" ["ATI Technologies, Inc."]
"WOOWATCH" = "C:\PROGRA~1\Wanadoo\Watch.exe" ["France Télécom R&D"]
"NeroFilterCheck" = "C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" ["Nero AG"]
"avast!" = "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [null data]
"SunJavaUpdateSched" = ""C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"" ["Sun Microsystems, Inc."]
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx\ {++}
"Register Homesite+.exe" = ""C:\Program Files\Macromedia\HomeSite+\Homesite+.exe" /REGSERVER" ["Macromedia, Inc."]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Adobe PDF Reader Link Helper"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."]
{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Google Toolbar Helper"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar3.dll" ["Google Inc."]
{AE7CD045-E861-484f-8273-0445EE161910}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Adobe PDF Conversion Toolbar Helper"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll" ["Adobe Systems Incorporated"]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Extension icône HyperTerminal"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{FF393560-C2A7-11CF-BFF4-444553540000}" = "History"
-> {HKCU...CLSID} = "History"
\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}" = "The Internet"
-> {HKCU...CLSID} = "The Internet"
\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{88C6C381-2E85-11D0-94DE-444553540000}" = "ActiveX Cache Folder"
-> {HKCU...CLSID} = "ActiveX Cache Folder"
\InProcServer32\(Default) = "C:\WINDOWS\system32\occache.dll" [MS]
"{F5175861-2688-11d0-9C5E-00AA00A45957}" = "Subscription Folder"
-> {HKCU...CLSID} = "Subscription Folder"
\InProcServer32\(Default) = "C:\WINDOWS\system32\webcheck.dll" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\msohev.dll" [MS]
"{e57ce731-33e8-4c51-8354-bb4de9d215d1}" = "Périphériques Plug and Play universels"
-> {HKLM...CLSID} = "Périphériques Plug and Play universels"
\InProcServer32\(Default) = "C:\WINDOWS\system32\upnpui.dll" [MS]
"{B446400D-0030-457b-8F64-422A19605186}" = "Logitech Gallery"
-> {HKLM...CLSID} = "Logitech Gallery"
\InProcServer32\(Default) = "C:\Program Files\Logitech\ImageStudio\NameSpc.dll" ["Logitech Inc."]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802}" = "Adobe.Acrobat.ContextMenu"
-> {HKLM...CLSID} = "Acrobat Elements Context Menu"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll" ["Adobe Systems Inc."]
"{0AC6C6C5-F7A8-11D2-BEF4-00C04F990001}" = "Macromedia FTP & RDS"
-> {HKLM...CLSID} = "Macromedia FTP & RDS"
\InProcServer32\(Default) = "C:\WINDOWS\system32\CfShellFtpRds.dll" ["Macromedia, Inc."]
"{FED7043D-346A-414D-ACD7-550D052499A7}" = "dBpowerAMP Music Converter 1"
-> {HKLM...CLSID} = "dBpShell Class"
\InProcServer32\(Default) = "C:\Program Files\dBpowerAMP\dBShell.dll" [empty string]
"{2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5}" = "dBpowerAMP Music Converter"
-> {HKLM...CLSID} = "dMCIShell Class"
\InProcServer32\(Default) = "C:\Program Files\dBpowerAMP\dMCShell.DLL" [empty string]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Outlook File Icon Extension"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\OLKFSTUB.DLL" [MS]
"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders"
-> {HKLM...CLSID} = "Mes dossiers de partage"
\InProcServer32\(Default) = "C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll" [MS]
"{79BC0345-1015-11D2-A299-006008312725}" = "blue.shell"
-> {HKLM...CLSID} = "Studio.Project"
\InProcServer32\(Default) = "C:\Program Files\Pinnacle\Studio 10\programs\BlueShellExt.dll" [null data]
"{377BF0A0-F755-4469-BA0C-BEB93AAB5454}" = "MuVo V100 Media Explorer"
-> {HKLM...CLSID} = "MuVo V100 Media Explorer"
\InProcServer32\(Default) = "C:\Program Files\Creative\Creative MuVo V100\MuVo V100 Media Explorer\CTMvnsu.dll" ["Creative Technology Ltd"]
"{400CFEE2-39D0-46DC-96DF-E0BB5A4324B3}" = "My Logitech Pictures"
-> {HKLM...CLSID} = "My Logitech Pictures"
\InProcServer32\(Default) = "C:\Program Files\Logitech\Video\Namespc2.dll" ["Logitech Inc."]
"{DBD8E168-244D-448C-9922-25508950D1DC}" = "Ulead UDF Driver"
-> {HKLM...CLSID} = "USIShellExt Class"
\InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Ulead Systems\DVD\USIShex.dll" ["Ulead Systems, Inc."]
"{efb97cb8-a4a4-4357-a261-002ffaed0267}" = "CD Slideshow Powertoy"
-> {HKLM...CLSID} = "CD Burn Slideshow Hook"
\InProcServer32\(Default) = "C:\WINDOWS\system32\slideshow.dll" [MS]
"{1530F7EE-5128-43BD-9977-84A4B0FAD7DF}" = "PhotoToys"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\phototoys.dll" [MS]
"{709C6E11-538F-4759-86AC-6ACB302AA0DE}" = "Desktop Manager"
-> {HKLM...CLSID} = "Desktop Manager"
\InProcServer32\(Default) = "C:\WINDOWS\system32\msvdm.dll" [null data]
"{A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A}" = "XnView Shell Extension"
-> {HKLM...CLSID} = "XnViewShell Class"
\InProcServer32\(Default) = "C:\Program Files\XnView\XnViewShellExt.dll" [empty string]
"{472083B0-C522-11CF-8763-00608CC02F24}" = "avast"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
"{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}" = "UnlockerShellExtension"
-> {HKLM...CLSID} = "UnlockerShellExtension"
\InProcServer32\(Default) = "C:\Program Files\Unlocker\UnlockerCOM.dll" [null data]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
<<!>> "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}" = "Microsoft AntiMalware ShellExecuteHook"
-> {HKLM...CLSID} = "Microsoft AntiMalware ShellExecuteHook"
\InProcServer32\(Default) = "C:\PROGRA~1\WINDOW~3\MpShHook.dll" [MS]
<<!>> "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" = "AVG Anti-Spyware 7.5"
-> {HKLM...CLSID} = "CShellExecuteHookImpl Object"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" ["Anti-Malware Development a.s."]
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
-> {HKLM...CLSID} = "WPDShServiceObj Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS]
HKLM\System\CurrentControlSet\Control\Session Manager\
<<!>> "BootExecute" = "autocheck autochk *"| [file not found]|"xe" [file not found]
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
<<!>> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]
HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
Adobe.Acrobat.ContextMenu\(Default) = "{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802}"
-> {HKLM...CLSID} = "Acrobat Elements Context Menu"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll" ["Adobe Systems Inc."]
avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
AVG Anti-Spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}"
-> {HKLM...CLSID} = "CContextScan Object"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll" ["Anti-Malware Development a.s."]
IXnView\(Default) = "{A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A}"
-> {HKLM...CLSID} = "XnViewShell Class"
\InProcServer32\(Default) = "C:\Program Files\XnView\XnViewShellExt.dll" [empty string]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
AVG Anti-Spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}"
-> {HKLM...CLSID} = "CContextScan Object"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll" ["Anti-Malware Development a.s."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
UnlockerShellExtension\(Default) = "{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}"
-> {HKLM...CLSID} = "UnlockerShellExtension"
\InProcServer32\(Default) = "C:\Program Files\Unlocker\UnlockerCOM.dll" [null data]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\
UnlockerShellExtension\(Default) = "{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}"
-> {HKLM...CLSID} = "UnlockerShellExtension"
\InProcServer32\(Default) = "C:\Program Files\Unlocker\UnlockerCOM.dll" [null data]
Group Policies {policy setting}:
--------------------------------
Note: detected settings may not have any effect.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\
"NoSMBalloonTip" = (REG_DWORD) hex:0x00000000
{unrecognized setting}
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\
"DisableRegistryTools" = (REG_DWORD) hex:0x00000000
{Prevent access to registry editing tools}
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\
"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001
{Shutdown: Allow system to be shut down without having to log on}
"undockwithoutlogon" = (REG_DWORD) hex:0x00000001
{Devices: Allow undock without having to log on}
Active Desktop and Wallpaper:
-----------------------------
Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\ACD Wallpaper.bmp"
Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\WINDOWS\ACD Wallpaper.bmp"
Startup items in "olivier" & "All Users" startup folders:
---------------------------------------------------------
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
"Logitech SetPoint" -> shortcut to: "C:\Program Files\Logitech\SetPoint\SetPoint.exe" ["Logitech Inc."]
"Microsoft Office" -> shortcut to: "C:\Program Files\Microsoft Office\Office10\OSA.EXE -b -l" [MS]
Enabled Scheduled Tasks:
------------------------
"BA84D1E391E3768B" -> launches: "c:\docume~1\olivier\applic~1\1drawnew\Active web locks.exe" [file not found]
"MP Scheduled Scan" -> launches: "C:\Program Files\Windows Defender\MpCmdRun.exe Scan -RestrictPrivileges" [MS]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000004\LibraryPath = "C:\WINDOWS\system32\pnrpnsp.dll" [MS]
000000000005\LibraryPath = "C:\WINDOWS\system32\pnrpnsp.dll" [MS]
000000000006\LibraryPath = "%SystemRoot%\System32\nwprovau.dll" [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 51
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05
Toolbars, Explorer Bars, Extensions:
------------------------------------
Toolbars
HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar3.dll" ["Google Inc."]
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"
-> {HKLM...CLSID} = "Adobe PDF"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll" ["Adobe Systems Incorporated"]
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{F2CF5485-4E02-4F68-819C-B92DE9277049}"
-> {HKLM...CLSID} = "&Links"
\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar3.dll" ["Google Inc."]
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"
-> {HKLM...CLSID} = "Adobe PDF"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll" ["Adobe Systems Incorporated"]
HKLM\Software\Microsoft\Internet Explorer\Toolbar\
"{E0E899AB-F487-11D5-8D29-0050BA6940E3}" = "FlashGet Bar"
-> {HKLM...CLSID} = "FlashGet Bar"
\InProcServer32\(Default) = "C:\PROGRA~1\FlashGet\fgiebar.dll" ["Amaze Soft"]
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" = (no title provided)
-> {HKLM...CLSID} = "Adobe PDF"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll" ["Adobe Systems Incorporated"]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided)
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar3.dll" ["Google Inc."]
Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\
{182EC0BE-5110-49C8-A062-BEB1D02A220B}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Adobe PDF"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll" ["Adobe Systems Incorporated"]
HKLM\Software\Classes\CLSID\{01002DB2-8170-4D9B-A8B1-DDC9DD114E03}\(Default) = "Volet Wanadoo"
Implemented Categories\{00021494-0000-0000-C000-000000000046}\ [horizontal bar]
InProcServer32\(Default) = "C:\PROGRA~1\Wanadoo\audience\audience.dll" [empty string]
HKLM\Software\Classes\CLSID\{3BAF4A27-C764-4E1A-A6F4-62F7A7E5E51C}\(Default) = "ToolBand Class"
Implemented Categories\{00021494-0000-0000-C000-000000000046}\ [horizontal bar]
InProcServer32\(Default) = "C:\PROGRA~1\Wanadoo\audience\audience.dll" [empty string]
HKLM\Software\Classes\CLSID\{5BF498C0-931E-4A4F-B33F-456D07137EAA}\(Default) = "Volet Wanadoo"
Implemented Categories\{00021494-0000-0000-C000-000000000046}\ [horizontal bar]
InProcServer32\(Default) = "C:\PROGRA~1\Wanadoo\audience\audience.dll" [empty string]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Console Java (Sun)"
"CLSIDExtension" = "{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in 1.6.0_01"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.6.0_01"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll" ["Sun Microsystems, Inc."]
{D6E814A0-E0C5-11D4-8D29-0050BA6940E3}\
"ButtonText" = "FlashGet"
"MenuText" = "&FlashGet"
"Exec" = "C:\PROGRA~1\FlashGet\flashget.exe" ["FlashGet.com"]
Miscellaneous IE Hijack Points
------------------------------
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\
<<H>> "{08C06D61-F1F3-4799-86F8-BE1A89362C85}" = (no title provided)
-> {HKLM...CLSID} = "Search Class"
\InProcServer32\(Default) = "C:\PROGRA~1\Wanadoo\SEARCH~1.DLL" [empty string]
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."]
ATK Keyboard Service, ATKKeyboardService, "C:\WINDOWS\ATKKBService.exe" ["ASUSTeK COMPUTER INC."]
avast! Antivirus, avast! Antivirus, ""C:\Program Files\Alwil Software\Avast4\ashServ.exe"" [null data]
avast! iAVS4 Control Service, aswUpdSv, ""C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"" [null data]
avast! Mail Scanner, avast! Mail Scanner, ""C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service" ["ALWIL Software"]
avast! Web Scanner, avast! Web Scanner, ""C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service" ["ALWIL Software"]
AVG Anti-Spyware Guard, AVG Anti-Spyware Guard, "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe" ["Anti-Malware Development a.s."]
Creative Service for CDROM Access, Creative Service for CDROM Access, "C:\WINDOWS\system32\CTsvcCDA.exe" ["Creative Technology Ltd"]
Diskeeper, Diskeeper, ""C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe"" ["Diskeeper Corporation"]
Epson Printer Status Agent4, StatusAgent4, "C:\WINDOWS\system32\SAgent4.exe" ["SEIKO EPSON CORPORATION"]
EPSON V3 Service2(02), EPSON_PM_RPCV2_02, "C:\WINDOWS\system32\E_S00RP2.EXE" ["SEIKO EPSON CORPORATION"]
France Telecom Routing Table Service, FTRTSVC, "C:\WINDOWS\System32\FTRTSVC.exe" ["France Telecom"]
Machine Debug Manager, MDM, ""C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe"" [MS]
Service d'application d'assistance IPv6, 6to4, "C:\WINDOWS\system32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\6to4svc.dll" [MS]}
Service Partage réseau du Lecteur Windows Media, WMPNetworkSvc, ""C:\Program Files\Windows Media Player\WMPNetwk.exe"" [MS]
Services TCP/IP simplifiés, SimpTcp, "C:\WINDOWS\system32\tcpsvcs.exe" [MS]
Windows Defender, WinDefend, ""C:\Program Files\Windows Defender\MsMpEng.exe"" [MS]
Écouteur RIP, Iprip, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\iprip.dll" [MS]}
Print Monitors:
---------------
HKLM\System\CurrentControlSet\Control\Print\Monitors\
Adobe PDF Port\Driver = "C:\WINDOWS\system32\AdobePDF.dll" ["Adobe Systems Incorporated."]
EPSON STM3 2KMonitor3\Driver = "E_SL2003.DLL" ["SEIKO EPSON CORPORATION"]
EPSON V6 2KMonitor\Driver = "EBPMON24.DLL" ["SEIKO EPSON CORPORATION"]
Microsoft Shared Fax Monitor\Driver = "FXSMON.DLL" [MS]
----------
<<!>>: Suspicious data at a malware launch point.
<<H>>: Suspicious data at a browser hijack point.
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 56 seconds, including 18 seconds for message boxes)
les anti spywares ont supprimés pas mal de petites choses ... mais pour l'instant toujours ces fenetres ...
Citation :
"Silent Runners.vbs", revision R50, http://www.silentrunners.org/Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" ["Google Inc."]
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"NVMixerTray" = ""C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"" ["NVIDIA Corporation"]
"NVIDIA nTune" = ""C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear" ["NVIDIA"]
"LogitechVideoRepair" = "C:\Program Files\Logitech\Video\ISStart.exe " ["Logitech Inc."]
"LogitechVideoTray" = "C:\Program Files\Logitech\Video\LogiTray.exe" ["Logitech Inc."]
"ATIPTA" = "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" ["ATI Technologies, Inc."]
"WOOWATCH" = "C:\PROGRA~1\Wanadoo\Watch.exe" ["France Télécom R&D"]
"NeroFilterCheck" = "C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" ["Nero AG"]
"avast!" = "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [null data]
"SunJavaUpdateSched" = ""C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"" ["Sun Microsystems, Inc."]
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx\ {++}
"Register Homesite+.exe" = ""C:\Program Files\Macromedia\HomeSite+\Homesite+.exe" /REGSERVER" ["Macromedia, Inc."]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Adobe PDF Reader Link Helper"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."]
{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Google Toolbar Helper"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar3.dll" ["Google Inc."]
{AE7CD045-E861-484f-8273-0445EE161910}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Adobe PDF Conversion Toolbar Helper"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll" ["Adobe Systems Incorporated"]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Extension icône HyperTerminal"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{FF393560-C2A7-11CF-BFF4-444553540000}" = "History"
-> {HKCU...CLSID} = "History"
\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}" = "The Internet"
-> {HKCU...CLSID} = "The Internet"
\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{88C6C381-2E85-11D0-94DE-444553540000}" = "ActiveX Cache Folder"
-> {HKCU...CLSID} = "ActiveX Cache Folder"
\InProcServer32\(Default) = "C:\WINDOWS\system32\occache.dll" [MS]
"{F5175861-2688-11d0-9C5E-00AA00A45957}" = "Subscription Folder"
-> {HKCU...CLSID} = "Subscription Folder"
\InProcServer32\(Default) = "C:\WINDOWS\system32\webcheck.dll" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\msohev.dll" [MS]
"{e57ce731-33e8-4c51-8354-bb4de9d215d1}" = "Périphériques Plug and Play universels"
-> {HKLM...CLSID} = "Périphériques Plug and Play universels"
\InProcServer32\(Default) = "C:\WINDOWS\system32\upnpui.dll" [MS]
"{B446400D-0030-457b-8F64-422A19605186}" = "Logitech Gallery"
-> {HKLM...CLSID} = "Logitech Gallery"
\InProcServer32\(Default) = "C:\Program Files\Logitech\ImageStudio\NameSpc.dll" ["Logitech Inc."]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802}" = "Adobe.Acrobat.ContextMenu"
-> {HKLM...CLSID} = "Acrobat Elements Context Menu"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll" ["Adobe Systems Inc."]
"{0AC6C6C5-F7A8-11D2-BEF4-00C04F990001}" = "Macromedia FTP & RDS"
-> {HKLM...CLSID} = "Macromedia FTP & RDS"
\InProcServer32\(Default) = "C:\WINDOWS\system32\CfShellFtpRds.dll" ["Macromedia, Inc."]
"{FED7043D-346A-414D-ACD7-550D052499A7}" = "dBpowerAMP Music Converter 1"
-> {HKLM...CLSID} = "dBpShell Class"
\InProcServer32\(Default) = "C:\Program Files\dBpowerAMP\dBShell.dll" [empty string]
"{2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5}" = "dBpowerAMP Music Converter"
-> {HKLM...CLSID} = "dMCIShell Class"
\InProcServer32\(Default) = "C:\Program Files\dBpowerAMP\dMCShell.DLL" [empty string]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Outlook File Icon Extension"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\OLKFSTUB.DLL" [MS]
"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders"
-> {HKLM...CLSID} = "Mes dossiers de partage"
\InProcServer32\(Default) = "C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll" [MS]
"{79BC0345-1015-11D2-A299-006008312725}" = "blue.shell"
-> {HKLM...CLSID} = "Studio.Project"
\InProcServer32\(Default) = "C:\Program Files\Pinnacle\Studio 10\programs\BlueShellExt.dll" [null data]
"{377BF0A0-F755-4469-BA0C-BEB93AAB5454}" = "MuVo V100 Media Explorer"
-> {HKLM...CLSID} = "MuVo V100 Media Explorer"
\InProcServer32\(Default) = "C:\Program Files\Creative\Creative MuVo V100\MuVo V100 Media Explorer\CTMvnsu.dll" ["Creative Technology Ltd"]
"{400CFEE2-39D0-46DC-96DF-E0BB5A4324B3}" = "My Logitech Pictures"
-> {HKLM...CLSID} = "My Logitech Pictures"
\InProcServer32\(Default) = "C:\Program Files\Logitech\Video\Namespc2.dll" ["Logitech Inc."]
"{DBD8E168-244D-448C-9922-25508950D1DC}" = "Ulead UDF Driver"
-> {HKLM...CLSID} = "USIShellExt Class"
\InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Ulead Systems\DVD\USIShex.dll" ["Ulead Systems, Inc."]
"{efb97cb8-a4a4-4357-a261-002ffaed0267}" = "CD Slideshow Powertoy"
-> {HKLM...CLSID} = "CD Burn Slideshow Hook"
\InProcServer32\(Default) = "C:\WINDOWS\system32\slideshow.dll" [MS]
"{1530F7EE-5128-43BD-9977-84A4B0FAD7DF}" = "PhotoToys"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\phototoys.dll" [MS]
"{709C6E11-538F-4759-86AC-6ACB302AA0DE}" = "Desktop Manager"
-> {HKLM...CLSID} = "Desktop Manager"
\InProcServer32\(Default) = "C:\WINDOWS\system32\msvdm.dll" [null data]
"{A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A}" = "XnView Shell Extension"
-> {HKLM...CLSID} = "XnViewShell Class"
\InProcServer32\(Default) = "C:\Program Files\XnView\XnViewShellExt.dll" [empty string]
"{472083B0-C522-11CF-8763-00608CC02F24}" = "avast"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
"{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}" = "UnlockerShellExtension"
-> {HKLM...CLSID} = "UnlockerShellExtension"
\InProcServer32\(Default) = "C:\Program Files\Unlocker\UnlockerCOM.dll" [null data]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
<<!>> "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}" = "Microsoft AntiMalware ShellExecuteHook"
-> {HKLM...CLSID} = "Microsoft AntiMalware ShellExecuteHook"
\InProcServer32\(Default) = "C:\PROGRA~1\WINDOW~3\MpShHook.dll" [MS]
<<!>> "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" = "AVG Anti-Spyware 7.5"
-> {HKLM...CLSID} = "CShellExecuteHookImpl Object"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" ["Anti-Malware Development a.s."]
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
-> {HKLM...CLSID} = "WPDShServiceObj Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS]
HKLM\System\CurrentControlSet\Control\Session Manager\
<<!>> "BootExecute" = "autocheck autochk *"| [file not found]|"xe" [file not found]
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
<<!>> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]
HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
Adobe.Acrobat.ContextMenu\(Default) = "{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802}"
-> {HKLM...CLSID} = "Acrobat Elements Context Menu"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll" ["Adobe Systems Inc."]
avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
AVG Anti-Spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}"
-> {HKLM...CLSID} = "CContextScan Object"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll" ["Anti-Malware Development a.s."]
IXnView\(Default) = "{A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A}"
-> {HKLM...CLSID} = "XnViewShell Class"
\InProcServer32\(Default) = "C:\Program Files\XnView\XnViewShellExt.dll" [empty string]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
AVG Anti-Spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}"
-> {HKLM...CLSID} = "CContextScan Object"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll" ["Anti-Malware Development a.s."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
UnlockerShellExtension\(Default) = "{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}"
-> {HKLM...CLSID} = "UnlockerShellExtension"
\InProcServer32\(Default) = "C:\Program Files\Unlocker\UnlockerCOM.dll" [null data]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\
UnlockerShellExtension\(Default) = "{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}"
-> {HKLM...CLSID} = "UnlockerShellExtension"
\InProcServer32\(Default) = "C:\Program Files\Unlocker\UnlockerCOM.dll" [null data]
Group Policies {policy setting}:
--------------------------------
Note: detected settings may not have any effect.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\
"NoSMBalloonTip" = (REG_DWORD) hex:0x00000000
{unrecognized setting}
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\
"DisableRegistryTools" = (REG_DWORD) hex:0x00000000
{Prevent access to registry editing tools}
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\
"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001
{Shutdown: Allow system to be shut down without having to log on}
"undockwithoutlogon" = (REG_DWORD) hex:0x00000001
{Devices: Allow undock without having to log on}
Active Desktop and Wallpaper:
-----------------------------
Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\ACD Wallpaper.bmp"
Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\WINDOWS\ACD Wallpaper.bmp"
Startup items in "olivier" & "All Users" startup folders:
---------------------------------------------------------
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
"Logitech SetPoint" -> shortcut to: "C:\Program Files\Logitech\SetPoint\SetPoint.exe" ["Logitech Inc."]
"Microsoft Office" -> shortcut to: "C:\Program Files\Microsoft Office\Office10\OSA.EXE -b -l" [MS]
Enabled Scheduled Tasks:
------------------------
"BA84D1E391E3768B" -> launches: "c:\docume~1\olivier\applic~1\1drawnew\Active web locks.exe" [file not found]
"MP Scheduled Scan" -> launches: "C:\Program Files\Windows Defender\MpCmdRun.exe Scan -RestrictPrivileges" [MS]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000004\LibraryPath = "C:\WINDOWS\system32\pnrpnsp.dll" [MS]
000000000005\LibraryPath = "C:\WINDOWS\system32\pnrpnsp.dll" [MS]
000000000006\LibraryPath = "%SystemRoot%\System32\nwprovau.dll" [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 51
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05
Toolbars, Explorer Bars, Extensions:
------------------------------------
Toolbars
HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar3.dll" ["Google Inc."]
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"
-> {HKLM...CLSID} = "Adobe PDF"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll" ["Adobe Systems Incorporated"]
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{F2CF5485-4E02-4F68-819C-B92DE9277049}"
-> {HKLM...CLSID} = "&Links"
\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar3.dll" ["Google Inc."]
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"
-> {HKLM...CLSID} = "Adobe PDF"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll" ["Adobe Systems Incorporated"]
HKLM\Software\Microsoft\Internet Explorer\Toolbar\
"{E0E899AB-F487-11D5-8D29-0050BA6940E3}" = "FlashGet Bar"
-> {HKLM...CLSID} = "FlashGet Bar"
\InProcServer32\(Default) = "C:\PROGRA~1\FlashGet\fgiebar.dll" ["Amaze Soft"]
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" = (no title provided)
-> {HKLM...CLSID} = "Adobe PDF"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll" ["Adobe Systems Incorporated"]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided)
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar3.dll" ["Google Inc."]
Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\
{182EC0BE-5110-49C8-A062-BEB1D02A220B}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Adobe PDF"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll" ["Adobe Systems Incorporated"]
HKLM\Software\Classes\CLSID\{01002DB2-8170-4D9B-A8B1-DDC9DD114E03}\(Default) = "Volet Wanadoo"
Implemented Categories\{00021494-0000-0000-C000-000000000046}\ [horizontal bar]
InProcServer32\(Default) = "C:\PROGRA~1\Wanadoo\audience\audience.dll" [empty string]
HKLM\Software\Classes\CLSID\{3BAF4A27-C764-4E1A-A6F4-62F7A7E5E51C}\(Default) = "ToolBand Class"
Implemented Categories\{00021494-0000-0000-C000-000000000046}\ [horizontal bar]
InProcServer32\(Default) = "C:\PROGRA~1\Wanadoo\audience\audience.dll" [empty string]
HKLM\Software\Classes\CLSID\{5BF498C0-931E-4A4F-B33F-456D07137EAA}\(Default) = "Volet Wanadoo"
Implemented Categories\{00021494-0000-0000-C000-000000000046}\ [horizontal bar]
InProcServer32\(Default) = "C:\PROGRA~1\Wanadoo\audience\audience.dll" [empty string]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Console Java (Sun)"
"CLSIDExtension" = "{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in 1.6.0_01"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.6.0_01"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll" ["Sun Microsystems, Inc."]
{D6E814A0-E0C5-11D4-8D29-0050BA6940E3}\
"ButtonText" = "FlashGet"
"MenuText" = "&FlashGet"
"Exec" = "C:\PROGRA~1\FlashGet\flashget.exe" ["FlashGet.com"]
Miscellaneous IE Hijack Points
------------------------------
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\
<<H>> "{08C06D61-F1F3-4799-86F8-BE1A89362C85}" = (no title provided)
-> {HKLM...CLSID} = "Search Class"
\InProcServer32\(Default) = "C:\PROGRA~1\Wanadoo\SEARCH~1.DLL" [empty string]
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."]
ATK Keyboard Service, ATKKeyboardService, "C:\WINDOWS\ATKKBService.exe" ["ASUSTeK COMPUTER INC."]
avast! Antivirus, avast! Antivirus, ""C:\Program Files\Alwil Software\Avast4\ashServ.exe"" [null data]
avast! iAVS4 Control Service, aswUpdSv, ""C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"" [null data]
avast! Mail Scanner, avast! Mail Scanner, ""C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service" ["ALWIL Software"]
avast! Web Scanner, avast! Web Scanner, ""C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service" ["ALWIL Software"]
AVG Anti-Spyware Guard, AVG Anti-Spyware Guard, "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe" ["Anti-Malware Development a.s."]
Creative Service for CDROM Access, Creative Service for CDROM Access, "C:\WINDOWS\system32\CTsvcCDA.exe" ["Creative Technology Ltd"]
Diskeeper, Diskeeper, ""C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe"" ["Diskeeper Corporation"]
Epson Printer Status Agent4, StatusAgent4, "C:\WINDOWS\system32\SAgent4.exe" ["SEIKO EPSON CORPORATION"]
EPSON V3 Service2(02), EPSON_PM_RPCV2_02, "C:\WINDOWS\system32\E_S00RP2.EXE" ["SEIKO EPSON CORPORATION"]
France Telecom Routing Table Service, FTRTSVC, "C:\WINDOWS\System32\FTRTSVC.exe" ["France Telecom"]
Machine Debug Manager, MDM, ""C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe"" [MS]
Service d'application d'assistance IPv6, 6to4, "C:\WINDOWS\system32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\6to4svc.dll" [MS]}
Service Partage réseau du Lecteur Windows Media, WMPNetworkSvc, ""C:\Program Files\Windows Media Player\WMPNetwk.exe"" [MS]
Services TCP/IP simplifiés, SimpTcp, "C:\WINDOWS\system32\tcpsvcs.exe" [MS]
Windows Defender, WinDefend, ""C:\Program Files\Windows Defender\MsMpEng.exe"" [MS]
Écouteur RIP, Iprip, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\iprip.dll" [MS]}
Print Monitors:
---------------
HKLM\System\CurrentControlSet\Control\Print\Monitors\
Adobe PDF Port\Driver = "C:\WINDOWS\system32\AdobePDF.dll" ["Adobe Systems Incorporated."]
EPSON STM3 2KMonitor3\Driver = "E_SL2003.DLL" ["SEIKO EPSON CORPORATION"]
EPSON V6 2KMonitor\Driver = "EBPMON24.DLL" ["SEIKO EPSON CORPORATION"]
Microsoft Shared Fax Monitor\Driver = "FXSMON.DLL" [MS]
----------
<<!>>: Suspicious data at a malware launch point.
<<H>>: Suspicious data at a browser hijack point.
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 56 seconds, including 18 seconds for message boxes)
les anti spywares ont supprimés pas mal de petites choses ... mais pour l'instant toujours ces fenetres ...
oui, j'ai l'impression que j'en ai moins avec firefox, mais j'ai toujours au moins les fenetres "search the web" à chaque fois que je fais une recherche sur google
peut-être que les autres aussi, mais je n'ai pas eu le temps de m'en rendre compte
edit: je viens juste d'avoir une fenetre "win anti spyware"
ce qui est drôle c'est que même sous Firefox, les fen^tres qui s'ouvrent le font en IE ... peut être parce que IE est mon navigateur par défaut ...
ça sent le Format C: ça non ?
peut-être que les autres aussi, mais je n'ai pas eu le temps de m'en rendre compte
edit: je viens juste d'avoir une fenetre "win anti spyware"
ce qui est drôle c'est que même sous Firefox, les fen^tres qui s'ouvrent le font en IE ... peut être parce que IE est mon navigateur par défaut ...
ça sent le Format C: ça non ?
Citation :
Rapport clean par Malekal_morte - http://www.malekal.com Option 1, executee le 11/04/2007 a 18:29:07,23
*** Recherche de fichiers sur C:
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
*** Fin du rapport !
On va essayer autre chose.
Télécharge SpySweeper (de Webroot, version d'essai de 14 jours) :
-Clique sur "Télécharger la version test".
-Installe le programme en choississant "installation standard".
-Accepte le redémarrage
-L'option de le mettre à jour s'affichera, acceptes la mise à jour
-Lorsque les mises à jour seront installées, dans colonne de gauche clique sur l'onglet Options puis analyse.
-Sous Eléments à analyser et Autres options coche toutes les cases.
-Ferme SpySweeper
La suite étant faite en mode sans échec, imprime ou copie/colle dans un fichier texte les instructions suivantes
Redémarre en mode sans échec : au redémarrage, tapotes immédiatement la touche F8, tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.
Démarre SpySweeper
-Clique Analyser sur la gauche puis sur Démarrer l'analyse.
-Quand le scan est terminé, clique sur Suivant.
-Assure-toi que tous les éléments trouvés sont tous cochés, puis clic sur Suivant.
-Tous les éléments cochés seront alors mis en quarantaine.
-Dans "Récapitulatif", sélectionne en bas Afficher le journal de session puis Enregistrer dans un fichier afin de sauvegarder le rapport.
Redémarre normalement
Désinstalle SpySweeper à partir de ajout/suppression de programme sauf si tu veux continuer l'évaluation pendant 15 jours.
Copie/colle le rapport de SpySweeper ici
-Clique sur "Télécharger la version test".
-Installe le programme en choississant "installation standard".
-Accepte le redémarrage
-L'option de le mettre à jour s'affichera, acceptes la mise à jour
-Lorsque les mises à jour seront installées, dans colonne de gauche clique sur l'onglet Options puis analyse.
-Sous Eléments à analyser et Autres options coche toutes les cases.
-Ferme SpySweeper
La suite étant faite en mode sans échec, imprime ou copie/colle dans un fichier texte les instructions suivantes
-Clique Analyser sur la gauche puis sur Démarrer l'analyse.
-Quand le scan est terminé, clique sur Suivant.
-Assure-toi que tous les éléments trouvés sont tous cochés, puis clic sur Suivant.
-Tous les éléments cochés seront alors mis en quarantaine.
-Dans "Récapitulatif", sélectionne en bas Afficher le journal de session puis Enregistrer dans un fichier afin de sauvegarder le rapport.
22:09: Removal process completed. Elapsed time 00:00:07
22:09: Quarantining All Traces: 180search assistant/zango
22:09: Quarantining All Traces: epilot cookie
22:09: Quarantining All Traces: reliablestats cookie
22:09: Quarantining All Traces: mediaplex cookie
22:09: Quarantining All Traces: casalemedia cookie
22:09: Quarantining All Traces: adecn cookie
22:09: Quarantining All Traces: web buying
22:09: Quarantining All Traces: edipol alloticket dialer
22:09: Quarantining All Traces: core adware
22:09: Quarantining All Traces: mediapipe
22:09: Quarantining All Traces: sogou
22:09: Quarantining All Traces: nsis media extension
22:09: Quarantining All Traces: virtumonde
22:09: Quarantining All Traces: vs toolbar
22:09: Removal process initiated
20:26: Traces Found: 32
20:26: Full Sweep has completed. Elapsed time 01:36:28
20:26: File Sweep Complete, Elapsed Time: 01:35:17
20:24: Warning: Access violation at address 00401D58 in module 'SpySweeper.exe'. Read of address 7E6B000C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
...
...
19:57: Warning: Stream read error
19:57: Warning: Failed to access drive F:
19:57: Warning: Failed to access drive E:
19:30: C:\WINDOWS\system32\drivers\core.sys (ID = 513403)
19:30: C:\System Volume Information\_restore{8f4c7ab6-e385-4a8a-b3e3-7e6701ff878c}\RP399\A0068469.exe (ID = 503853)
19:30: C:\_OTMoveIt\MovedFiles\WINDOWS\system32\1165270061.exe (ID = 462805)
19:30: C:\System Volume Information\_restore{8f4c7ab6-e385-4a8a-b3e3-7e6701ff878c}\RP399\A0068468.exe (ID = 497837)
19:28: C:\System Volume Information\_restore{8f4c7ab6-e385-4a8a-b3e3-7e6701ff878c}\RP399\A0068467.dll (ID = 497843)
19:17: C:\WINDOWS\system32\RealMediaSplitter.ax (ID = 385620)
19:17: Found Adware: sogou
19:13: C:\System Volume Information\_restore{8f4c7ab6-e385-4a8a-b3e3-7e6701ff878c}\RP408\A0068710.dll (ID = 146239)
19:13: Found Adware: 180search assistant/zango
19:10: C:\WINDOWS\system32\odbvgie.dll (ID = 462587)
19:09: C:\System Volume Information\_restore{8f4c7ab6-e385-4a8a-b3e3-7e6701ff878c}\RP397\A0068367.dll (ID = 497843)
19:06: C:\System Volume Information\_restore{8f4c7ab6-e385-4a8a-b3e3-7e6701ff878c}\RP401\A0068506.exe (ID = 497837)
18:50: Starting File Sweep
18:50: Warning: Failed to access drive A:
18:50: Cookie Sweep Complete, Elapsed Time: 00:00:00
18:50: c:\documents and settings\olivier\cookies\olivier@www.epilot[1].txt (ID = 2622)
18:50: Found Spy Cookie: epilot cookie
18:50: c:\documents and settings\olivier\cookies\olivier@stats1.reliablestats[1].txt (ID = 3254)
18:50: Found Spy Cookie: reliablestats cookie
18:50: c:\documents and settings\olivier\cookies\olivier@mediaplex[1].txt (ID = 6442)
18:50: Found Spy Cookie: mediaplex cookie
18:50: c:\documents and settings\olivier\cookies\olivier@casalemedia[1].txt (ID = 2354)
18:50: Found Spy Cookie: casalemedia cookie
18:50: c:\documents and settings\olivier\cookies\olivier@adecn[1].txt (ID = 2063)
18:50: c:\documents and settings\olivier\cookies\olivier@ad2.adecn[1].txt (ID = 2064)
18:50: Found Spy Cookie: adecn cookie
18:50: Starting Cookie Sweep
18:50: Registry Sweep Complete, Elapsed Time:00:00:21
18:50: HKU\S-1-5-21-507921405-602162358-725345543-1004\software\webbuying\ (ID = 2110957)
18:50: Found Adware: web buying
18:50: HKU\S-1-5-21-507921405-602162358-725345543-1004\software\visio ras script\ (ID = 125646)
18:50: Found Adware: edipol alloticket dialer
18:50: HKLM\system\controlset003\services\core\ (ID = 2152521)
18:50: HKLM\system\controlset003\enum\root\legacy_core\ (ID = 2152512)
18:50: HKLM\system\controlset002\services\core\ (ID = 2118420)
18:50: HKLM\system\controlset002\enum\root\legacy_core\ (ID = 2118399)
18:50: Found Adware: core adware
18:50: HKLM\software\microsoft\uniqdata\ (ID = 1997747)
18:50: Found Adware: virtumonde
18:50: HKLM\software\classes\typelib\{f6eea23b-522b-4e23-87e8-1f3544380659}\ (ID = 1988764)
18:50: HKLM\software\classes\clsid\{d3035da0-2bbf-4549-a465-1f3da531cb70}\ (ID = 1988246)
18:50: HKLM\software\classes\odbvge.clsdll\ (ID = 1987680)
18:50: HKCR\typelib\{f6eea23b-522b-4e23-87e8-1f3544380659}\ (ID = 1987536)
18:50: HKCR\clsid\{d3035da0-2bbf-4549-a465-1f3da531cb70}\ (ID = 1987018)
18:50: HKCR\odbvge.clsdll\ (ID = 1986452)
18:50: Found Adware: nsis media extension
18:50: HKLM\software\microsoft\juan\ (ID = 1781228)
18:50: Found Adware: vs toolbar
18:50: HKLM\software\classes\appid\downloadmanager.exe\ (ID = 866963)
18:50: HKCR\appid\downloadmanager.exe\ (ID = 866684)
18:50: Found Adware: mediapipe
18:50: Starting Registry Sweep
18:50: Memory Sweep Complete, Elapsed Time: 00:00:41
18:49: Starting Memory Sweep
18:49: Sweep initiated using definitions version 894
18:49: Spy Sweeper 5.0.7.1608 started
18:49: | Start of Session, mercredi 11 avril 2007 |
********
18:49: | End of Session, mercredi 11 avril 2007 |
Keylogger Shield: Off
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites Shield: Off
Hosts File Shield: On
Spy Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
18:49: Shield States
18:49: Spyware Definitions: 894
18:49: Spy Sweeper 5.0.7.1608 started
18:48: Program Version 5.0.7.1608 Using Spyware Definitions 894
18:44: Your definitions are up to date.
18:43: Your spyware definitions have been updated.
18:43: The Spy Communication shield has blocked access to: WWW.AMAENA.COM
18:43: The Spy Communication shield has blocked access to: WWW.AMAENA.COM
18:43: The Spy Communication shield has blocked access to: WWW.AMAENA.COM
18:43: The Spy Communication shield has blocked access to: WWW.AMAENA.COM
Keylogger Shield: Off
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites Shield: Off
Hosts File Shield: On
Spy Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
18:41: Shield States
18:41: Spyware Definitions: 734
18:41: Spy Sweeper 5.0.7.1608 started
18:41: Spy Sweeper 5.0.7.1608 started
18:41: | Start of Session, mercredi 11 avril 2007 |
********
22:09: Quarantining All Traces: 180search assistant/zango
22:09: Quarantining All Traces: epilot cookie
22:09: Quarantining All Traces: reliablestats cookie
22:09: Quarantining All Traces: mediaplex cookie
22:09: Quarantining All Traces: casalemedia cookie
22:09: Quarantining All Traces: adecn cookie
22:09: Quarantining All Traces: web buying
22:09: Quarantining All Traces: edipol alloticket dialer
22:09: Quarantining All Traces: core adware
22:09: Quarantining All Traces: mediapipe
22:09: Quarantining All Traces: sogou
22:09: Quarantining All Traces: nsis media extension
22:09: Quarantining All Traces: virtumonde
22:09: Quarantining All Traces: vs toolbar
22:09: Removal process initiated
20:26: Traces Found: 32
20:26: Full Sweep has completed. Elapsed time 01:36:28
20:26: File Sweep Complete, Elapsed Time: 01:35:17
20:24: Warning: Access violation at address 00401D58 in module 'SpySweeper.exe'. Read of address 7E6B000C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
20:24: Warning: Access violation at address 0058C2B4 in module 'SpySweeper.exe'. Read of address 0000038C
...
...
19:57: Warning: Stream read error
19:57: Warning: Failed to access drive F:
19:57: Warning: Failed to access drive E:
19:30: C:\WINDOWS\system32\drivers\core.sys (ID = 513403)
19:30: C:\System Volume Information\_restore{8f4c7ab6-e385-4a8a-b3e3-7e6701ff878c}\RP399\A0068469.exe (ID = 503853)
19:30: C:\_OTMoveIt\MovedFiles\WINDOWS\system32\1165270061.exe (ID = 462805)
19:30: C:\System Volume Information\_restore{8f4c7ab6-e385-4a8a-b3e3-7e6701ff878c}\RP399\A0068468.exe (ID = 497837)
19:28: C:\System Volume Information\_restore{8f4c7ab6-e385-4a8a-b3e3-7e6701ff878c}\RP399\A0068467.dll (ID = 497843)
19:17: C:\WINDOWS\system32\RealMediaSplitter.ax (ID = 385620)
19:17: Found Adware: sogou
19:13: C:\System Volume Information\_restore{8f4c7ab6-e385-4a8a-b3e3-7e6701ff878c}\RP408\A0068710.dll (ID = 146239)
19:13: Found Adware: 180search assistant/zango
19:10: C:\WINDOWS\system32\odbvgie.dll (ID = 462587)
19:09: C:\System Volume Information\_restore{8f4c7ab6-e385-4a8a-b3e3-7e6701ff878c}\RP397\A0068367.dll (ID = 497843)
19:06: C:\System Volume Information\_restore{8f4c7ab6-e385-4a8a-b3e3-7e6701ff878c}\RP401\A0068506.exe (ID = 497837)
18:50: Starting File Sweep
18:50: Warning: Failed to access drive A:
18:50: Cookie Sweep Complete, Elapsed Time: 00:00:00
18:50: c:\documents and settings\olivier\cookies\olivier@www.epilot[1].txt (ID = 2622)
18:50: Found Spy Cookie: epilot cookie
18:50: c:\documents and settings\olivier\cookies\olivier@stats1.reliablestats[1].txt (ID = 3254)
18:50: Found Spy Cookie: reliablestats cookie
18:50: c:\documents and settings\olivier\cookies\olivier@mediaplex[1].txt (ID = 6442)
18:50: Found Spy Cookie: mediaplex cookie
18:50: c:\documents and settings\olivier\cookies\olivier@casalemedia[1].txt (ID = 2354)
18:50: Found Spy Cookie: casalemedia cookie
18:50: c:\documents and settings\olivier\cookies\olivier@adecn[1].txt (ID = 2063)
18:50: c:\documents and settings\olivier\cookies\olivier@ad2.adecn[1].txt (ID = 2064)
18:50: Found Spy Cookie: adecn cookie
18:50: Starting Cookie Sweep
18:50: Registry Sweep Complete, Elapsed Time:00:00:21
18:50: HKU\S-1-5-21-507921405-602162358-725345543-1004\software\webbuying\ (ID = 2110957)
18:50: Found Adware: web buying
18:50: HKU\S-1-5-21-507921405-602162358-725345543-1004\software\visio ras script\ (ID = 125646)
18:50: Found Adware: edipol alloticket dialer
18:50: HKLM\system\controlset003\services\core\ (ID = 2152521)
18:50: HKLM\system\controlset003\enum\root\legacy_core\ (ID = 2152512)
18:50: HKLM\system\controlset002\services\core\ (ID = 2118420)
18:50: HKLM\system\controlset002\enum\root\legacy_core\ (ID = 2118399)
18:50: Found Adware: core adware
18:50: HKLM\software\microsoft\uniqdata\ (ID = 1997747)
18:50: Found Adware: virtumonde
18:50: HKLM\software\classes\typelib\{f6eea23b-522b-4e23-87e8-1f3544380659}\ (ID = 1988764)
18:50: HKLM\software\classes\clsid\{d3035da0-2bbf-4549-a465-1f3da531cb70}\ (ID = 1988246)
18:50: HKLM\software\classes\odbvge.clsdll\ (ID = 1987680)
18:50: HKCR\typelib\{f6eea23b-522b-4e23-87e8-1f3544380659}\ (ID = 1987536)
18:50: HKCR\clsid\{d3035da0-2bbf-4549-a465-1f3da531cb70}\ (ID = 1987018)
18:50: HKCR\odbvge.clsdll\ (ID = 1986452)
18:50: Found Adware: nsis media extension
18:50: HKLM\software\microsoft\juan\ (ID = 1781228)
18:50: Found Adware: vs toolbar
18:50: HKLM\software\classes\appid\downloadmanager.exe\ (ID = 866963)
18:50: HKCR\appid\downloadmanager.exe\ (ID = 866684)
18:50: Found Adware: mediapipe
18:50: Starting Registry Sweep
18:50: Memory Sweep Complete, Elapsed Time: 00:00:41
18:49: Starting Memory Sweep
18:49: Sweep initiated using definitions version 894
18:49: Spy Sweeper 5.0.7.1608 started
18:49: | Start of Session, mercredi 11 avril 2007 |
********
18:49: | End of Session, mercredi 11 avril 2007 |
Keylogger Shield: Off
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites Shield: Off
Hosts File Shield: On
Spy Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
18:49: Shield States
18:49: Spyware Definitions: 894
18:49: Spy Sweeper 5.0.7.1608 started
18:48: Program Version 5.0.7.1608 Using Spyware Definitions 894
18:44: Your definitions are up to date.
18:43: Your spyware definitions have been updated.
18:43: The Spy Communication shield has blocked access to: WWW.AMAENA.COM
18:43: The Spy Communication shield has blocked access to: WWW.AMAENA.COM
18:43: The Spy Communication shield has blocked access to: WWW.AMAENA.COM
18:43: The Spy Communication shield has blocked access to: WWW.AMAENA.COM
Keylogger Shield: Off
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites Shield: Off
Hosts File Shield: On
Spy Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
18:41: Shield States
18:41: Spyware Definitions: 734
18:41: Spy Sweeper 5.0.7.1608 started
18:41: Spy Sweeper 5.0.7.1608 started
18:41: | Start of Session, mercredi 11 avril 2007 |
********
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumFenetres intempestives em-pc.on.internet
- ForumSpyware secure fenetres intempestives
- ForumFenetres intempestives
- ForumFenetres intempestives et drive cleaner.
- ForumComment stopper les fenetres intempestives
- ForumOuverture fenetres intempestives scache.regiedepub.com
- ForumInternet fenetres intempestives
- ForumFenetres intempestives google chrome
- ForumFenetres intempestives internet explorer
- ForumFenetres intempestives spyware-secure
- Voir plus
