tr/vundo.gen + systemdoctor2006 + autres ? vraiment besoin d'aide SVP

VundoFix V6.4.2



Checking Java version...



Java version is 1.5.0.3

Old versions of java are exploitable and should be removed.



Scan started at 15:39:51 08/06/2007



Listing files found while scanning....



C:\WINDOWS\system32\awvvu.dll

C:\WINDOWS\system32\hggecay.dll

C:\WINDOWS\system32\uvvwa.bak1

C:\WINDOWS\system32\uvvwa.ini



Beginning removal...



Attempting to delete C:\WINDOWS\system32\awvvu.dll

C:\WINDOWS\system32\awvvu.dll Has been deleted!



Attempting to delete C:\WINDOWS\system32\hggecay.dll

C:\WINDOWS\system32\hggecay.dll Could not be deleted.



Attempting to delete C:\WINDOWS\system32\uvvwa.bak1

C:\WINDOWS\system32\uvvwa.bak1 Has been deleted!



Attempting to delete C:\WINDOWS\system32\uvvwa.ini

C:\WINDOWS\system32\uvvwa.ini Has been deleted!



Performing Repairs to the registry.

Done!



Beginning removal...



Attempting to delete C:\WINDOWS\system32\hggecay.dll

C:\WINDOWS\system32\hggecay.dll Has been deleted!



Performing Repairs to the registry.

Done!

Logfile of HijackThis v1.99.1

Scan saved at 15:57:53, on 08/06/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)



Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\system32\RunDLL32.exe

C:\WINDOWS\system32\RunDll32.exe

C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

C:\WINDOWS\Dit.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\SuperCopier2\SuperCopier2.exe

C:\Program Files\Serv-U\ServUTray.exe

C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe

C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\APConfig2500.exe

C:\Program Files\Rainlendar2\Rainlendar2.exe

C:\Program Files\RK Launcher\RKLauncher.exe

C:\Program Files\AntiVir PersonalEdition Classic\avcenter.exe

C:\WINDOWS\system32\msdtc.exe

C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe

C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\Private Folder\PrfldSvc.exe

C:\WINDOWS\system32\PSIService.exe

C:\WINDOWS\system32\Tablet.exe

C:\WINDOWS\System32\dmadmin.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\WTablet\TabUserW.exe

C:\WINDOWS\system32\Tablet.exe

C:\WINDOWS\system32\svchost.exe

C:\Documents And Settings\oOo _n3o_ oOo\Bureau\HijackThis.exe



R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.incompris.net

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.incompris.net

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.incompris.net

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {92A444D2-F945-4dd9-89A1-896A6C2D8D22} - C:\WINDOWS\system32\bhumrovq.dll

O2 - BHO: (no name) - {A2339A9B-D1F4-4084-9EEE-B9F5CB487527} - C:\WINDOWS\system32\hggecay.dll (file missing)

O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: (no name) - {EF89C1CA-61B9-4A6A-8742-ED7DC678AA8C} - C:\WINDOWS\system32\awvvu.dll (file missing)

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs

O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"

O4 - HKLM\..\Run: [Dit] Dit.exe

O4 - HKLM\..\RunServices: [InternetExplorer32] C:\WINDOWS\system32\iexplore32.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe

O4 - HKCU\..\Run: [ServUTrayIcon] C:\Program Files\Serv-U\ServUTray.exe

O4 - Startup: Raccourci vers Rainlendar2.lnk = C:\Program Files\Rainlendar2\Rainlendar2.exe

O4 - Startup: Raccourci vers RKLauncher.lnk = C:\Program Files\RK Launcher\RKLauncher.exe

O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe

O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\APConfig2500.exe

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll

O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll

O14 - IERESET.INF: START_PAGE_URL=http://www.incompris.net

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...

O17 - HKLM\System\CCS\Services\Tcpip\..\{CCE69AD8-F484-431E-9BD0-EBAE137BE877}: NameServer = 212.27.53.252,212.27.54.252

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\WINDOWS\Private Folder\PrfldSvc.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

"oOo _n3o_ oOo" - 2007-06-08 16:30:33 Service Pack 2 NTFS

ComboFix 07-06-3B - Running from: "J:\"





((((((((((((((((((((((((( Files Created from 2007-05-08 to 2007-06-08 )))))))))))))))))))))))))))))))





2007-06-08 15:39 <REP> d-------- C:\VundoFix Backups

2007-06-08 14:46 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\WTablet

2007-06-08 04:53 <REP> d-------- C:\Program Files\Windows Live

2007-06-07 03:52 <REP> d-------- C:\Program Files\Lavalys

2007-06-07 02:25 <REP> d-------- C:\WINDOWS\AU_Temp

2007-06-07 01:34 55,316 --a------ C:\WINDOWS\system32\bhumrovq.dll

2007-06-07 01:22 <REP> d-------- C:\Program Files\Serv-U

2007-06-06 19:06 <REP> d-------- C:\Program Files\Fichiers communs\Hewlett-Packard

2007-06-06 19:00 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys

2007-06-06 18:59 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll

2007-06-06 18:59 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe

2007-06-06 18:59 61,440 --a------ C:\WINDOWS\system32\HPZinw12.exe

2007-06-06 18:59 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll

2007-06-06 18:59 278,584 --a------ C:\WINDOWS\system32\HPZidr12.dll

2007-06-06 18:59 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll

2007-06-06 18:59 <REP> d-------- C:\Program Files\HP

2007-06-06 18:55 68,984 --a------ C:\WINDOWS\hpoins05.dat

2007-06-06 18:55 19,696 --------- C:\WINDOWS\hpomdl05.dat

2007-06-06 18:55 <REP> d-------- C:\temp\HP_WebRelease

2007-06-06 18:55 <REP> d-------- C:\temp

2007-06-06 18:47 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys

2007-06-05 03:42 <REP> d-------- C:\Program Files\Alias

2007-06-05 03:42 <REP> d-------- C:\DOCUME~1\OOO_N3~1\APPLIC~1\Alias

2007-06-05 03:42 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Alias

2007-06-05 03:02 <REP> d-------- C:\DOCUME~1\OOO_N3~1\APPLIC~1\Opera

2007-06-01 15:46 <REP> d-------- C:\DOCUME~1\NETWOR~1\APPLIC~1\WTablet

2007-05-30 14:59 6,272 --a------ C:\WINDOWS\system32\drivers\wacomvhid.sys

2007-05-30 14:59 140,848 --a------ C:\WINDOWS\system32\Wintab32.dll

2007-05-30 14:59 1,189,424 --a------ C:\WINDOWS\system32\Tablet.exe

2007-05-30 14:59 <REP> d-------- C:\WINDOWS\system32\WTablet

2007-05-30 14:59 <REP> d-------- C:\Program Files\Tablet

2007-05-30 14:59 <REP> d-------- C:\DOCUME~1\OOO_N3~1\APPLIC~1\WTablet

2007-05-29 15:02 <REP> d-------- C:\Program Files\Virtual Magnifying Glass

2007-05-28 21:42 <REP> d-------- C:\Program Files\Combined Community Codec Pack

2007-05-28 21:41 <REP> d-------- C:\Program Files\Matroska Pack

2007-05-28 05:15 <REP> d-------- C:\Program Files\GUILTY GEAR XX RELOAD

2007-05-28 03:00 <REP> d-------- C:\DOCUME~1\OOO_N3~1\APPLIC~1\vlc

2007-05-28 02:30 <REP> d-------- C:\Program Files\Freeplayer

2007-05-28 00:51 <REP> d-------- C:\Program Files\Windows Journal Viewer

2007-05-27 22:27 73,728 --a------ C:\WINDOWS\system32\psxpadff.dll

2007-05-27 22:27 307,200 --a------ C:\WINDOWS\system32\psxcpl.dll

2007-05-27 22:27 16,896 --a------ C:\WINDOWS\system32\drivers\psxenum.sys

2007-05-27 22:27 12,160 --a------ C:\WINDOWS\system32\drivers\psxpad.sys

2007-05-27 14:47 4,096 --a------ C:\WINDOWS\d3dx.dat

2007-05-27 00:30 <REP> d-------- C:\Program Files\LD-Anime

2007-05-26 16:09 <REP> d-------- C:\Program Files\MKVtoolnix

2007-05-26 16:01 <REP> d-------- C:\Program Files\x264

2007-05-26 15:03 <REP> d-------- C:\Program Files\Gabest

2007-05-26 15:03 <REP> d-------- C:\Program Files\AviSynth 2.5

2007-05-26 15:02 <REP> d-------- C:\Program Files\GordianKnot

2007-05-26 14:58 <REP> d-------- C:\WINDOWS\Downloaded Installations

2007-05-26 14:02 <REP> d-------- C:\Program Files\XviD

2007-05-26 13:46 69,632 --a------ C:\WINDOWS\system32\GkSui18.EXE

2007-05-26 13:46 59,904 --a------ C:\WINDOWS\system32\MSCC2FR.DLL

2007-05-26 13:46 40,960 --a------ C:\WINDOWS\system32\FLXGDFR.DLL

2007-05-26 13:46 34,304 --a------ C:\WINDOWS\system32\RCHTXFR.DLL

2007-05-26 13:46 32,768 --a------ C:\WINDOWS\system32\CMDLGFR.DLL

2007-05-26 13:46 21,504 --a------ C:\WINDOWS\system32\TABCTFR.DLL

2007-05-26 13:46 15,360 --a------ C:\WINDOWS\system32\INETFR.DLL

2007-05-26 13:46 141,312 --a------ C:\WINDOWS\system32\MSCMCFR.DLL

2007-05-26 13:46 <REP> d-------- C:\Program Files\NFO Creator

2007-05-26 12:47 <REP> d--h----- C:\WINDOWS\PIF

2007-05-25 22:37 <REP> d-------- C:\DOCUME~1\OOO_N3~1\APPLIC~1\Help

2007-05-25 22:24 <REP> d-------- C:\DOCUME~1\OOO_N3~1\APPLIC~1\InstallShield

2007-05-25 20:27 221,184 --a------ C:\WINDOWS\system32\wmpns.dll

2007-05-25 20:27 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe

2007-05-25 17:52 <REP> d-------- C:\Program Files\portalgraphics

2007-05-25 15:13 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth

2007-05-25 14:59 344,064 --a------ C:\WINDOWS\system32\msvcr70.dll

2007-05-25 14:59 127,184 --a------ C:\WINDOWS\Unwise.exe

2007-05-25 14:59 <REP> d-------- C:\Program Files\X10 Hardware

2007-05-25 14:59 <REP> d-------- C:\Program Files\Common Files

2007-05-25 14:55 54,784 --a------ C:\WINDOWS\system32\drivers\vfwwdm32.dll

2007-05-25 14:55 <REP> d-------- C:\Program Files\IVT Corporation

2007-05-25 14:51 73,728 --a------ C:\WINDOWS\system32\Install2500USB.dll

2007-05-25 14:51 54,016 --a------ C:\WINDOWS\system32\drivers\rt2500usb.sys

2007-05-25 14:51 45,056 --a------ C:\WINDOWS\system32\DEDriverDLL.dll

2007-05-25 14:51 36,864 --a------ C:\WINDOWS\system32\WRLSetup.exe

2007-05-25 14:51 19,915 --a------ C:\WINDOWS\system32\drivers\AegisP.sys

2007-05-25 14:51 <REP> d-------- C:\Program Files\RALINK

2007-05-25 14:50 90,112 --a------ C:\WINDOWS\Dit.exe

2007-05-25 14:50 61,440 --a------ C:\WINDOWS\DitExp.exe

2007-05-25 14:50 290,816 --------- C:\WINDOWS\Dit.DLL

2007-05-25 14:50 17,408 --a------ C:\WINDOWS\system32\drivers\USBCRFT.SYS

2007-05-24 23:35 <REP> d-------- C:\DOCUME~1\OOO_N3~1\APPLIC~1\Google

2007-05-24 15:19 <REP> d-------- C:\Program Files\XBCD

2007-05-23 15:50 82,432 --a------ C:\WINDOWS\system32\msxml4r.dll

2007-05-23 15:50 6,656 --a------ C:\WINDOWS\system32\Taskill.exe

2007-05-23 15:50 28,672 --a------ C:\WINDOWS\system32\MDFolder.exe

2007-05-23 15:50 1,233,920 --a------ C:\WINDOWS\system32\msxml4.dll

2007-05-23 15:50 <REP> d-a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP

2007-05-23 15:50 <REP> d-------- C:\Program Files\Zortam Mp3 Media Studio

2007-05-22 14:45 90,112 --a------ C:\WINDOWS\unvise32.exe

2007-05-22 14:45 <REP> d-------- C:\Program Files\FlashFXP

2007-05-21 20:59 <REP> d-------- C:\Program Files\RegCleaner

2007-05-21 18:03 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Thunderbird

2007-05-21 17:37 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Corel

2007-05-21 17:17 54,400 --a------ C:\WINDOWS\system32\drivers\i8042prt.sys

2007-05-21 17:07 <REP> d-------- C:\DOCUME~1\OOO_N3~1\APPLIC~1\AdobeUM

2007-05-21 03:06 5,248 --a------ C:\WINDOWS\system32\drivers\a347scsi.sys





(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))



2007-05-17 23:35:22 71,248 ----a-w C:\WINDOWS\system32\perfc00C.dat

2007-05-17 23:35:22 458,230 ----a-w C:\WINDOWS\system32\perfh00C.dat

2007-05-11 16:56:56 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll

2007-03-12 12:02:26 947,472 ----a-w C:\WINDOWS\system32\msjava.dll





((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))





*Note* empty entries & legit default entries are not shown



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 01:56]

{53707962-6F74-2D53-2644-206D7942484F}=C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 01:04]

{92A444D2-F945-4dd9-89A1-896A6C2D8D22}=C:\WINDOWS\system32\bhumrovq.dll [2007-06-07 01:34]

{A2339A9B-D1F4-4084-9EEE-B9F5CB487527}=C:\WINDOWS\system32\hggecay.dll []

{AE7CD045-E861-484f-8273-0445EE161910}=C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 02:13]

{EF89C1CA-61B9-4A6A-8742-ED7DC678AA8C}=C:\WINDOWS\system32\awvvu.dll []



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 10:35]

"nwiz"="nwiz.exe" [2006-10-22 12:22 C:\WINDOWS\system32\nwiz.exe]

"NvMediaCenter"="NvMCTray.dll" [2006-10-22 12:22 C:\WINDOWS\system32\nvmctray.dll]

"Cmaudio"="cmicnfg.cpl" []

"BootSkin Startup Jobs"="C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" [2004-04-26 16:21]

"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 02:12]

"Dit"="Dit.exe" [2004-07-20 18:18 C:\WINDOWS\Dit.exe]



[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-05-11 00:00]

"SuperCopier2.exe"="C:\Program Files\SuperCopier2\SuperCopier2.exe" [2006-07-07 18:45]

"ServUTrayIcon"="C:\Program Files\Serv-U\ServUTray.exe" [2007-04-16 13:22]



[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]

"InternetExplorer32"=C:\WINDOWS\system32\iexplore32.exe



[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoDesktopCleanupWizard"=1 (0x1)



[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"ForceClassicControlPanel"=1 (0x1)

"ClearRecentDocsOnExit"=40 (0x28)

"NoLowDiskSpaceChecks"=1 (0x1)

"NoSMBalloonTip"=1 (0x1)

"NoStartMenuNetworkPlaces"=1 (0x1)

"NoStartMenuMyMusic"=1 (0x1)

"NoSMMyPictures"=1 (0x1)



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{A2339A9B-D1F4-4084-9EEE-B9F5CB487527}"="C:\WINDOWS\system32\hggecay.dll" []



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InternetExplorer32]

C:\WINDOWS\system32\iexplore32.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LClock]

\Windows\LClock\LClock.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raccourci vers la page des propriétés de High Definition Audio]

HDAudPropShortcut.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

"C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZortamMp3MediaStudio]

"H:\Program Files\Zortam Mp3 Media Studio\zmmspro.exe"



HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*





Contents of the 'Scheduled Tasks' folder

2007-06-08 12:25:36 C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job

2007-06-08 12:25:36 C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job



**************************************************************************



catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net

Rootkit scan 2007-06-08 16:33:27

Windows 5.1.2600 Service Pack 2 NTFS



scanning hidden processes ...



scanning hidden autostart entries ...



scanning hidden files ...



scan completed successfully

hidden files: 0



**************************************************************************



Completion time: 2007-06-08 16:33:58



--- E O F ---

Logfile of HijackThis v1.99.1

Scan saved at 16:39:54, on 08/06/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)



Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\system32\RunDLL32.exe

C:\WINDOWS\system32\RunDll32.exe

C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

C:\WINDOWS\Dit.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\SuperCopier2\SuperCopier2.exe

C:\Program Files\Serv-U\ServUTray.exe

C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe

C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\APConfig2500.exe

C:\Program Files\Rainlendar2\Rainlendar2.exe

C:\Program Files\RK Launcher\RKLauncher.exe

C:\WINDOWS\system32\msdtc.exe

C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe

C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\Private Folder\PrfldSvc.exe

C:\WINDOWS\system32\PSIService.exe

C:\WINDOWS\system32\Tablet.exe

C:\WINDOWS\System32\dmadmin.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\WTablet\TabUserW.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\Tablet.exe

C:\WINDOWS\explorer.exe

C:\Documents And Settings\oOo _n3o_ oOo\Bureau\HijackThis.exe



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.incompris.net

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.incompris.net

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {92A444D2-F945-4dd9-89A1-896A6C2D8D22} - C:\WINDOWS\system32\bhumrovq.dll

O2 - BHO: (no name) - {A2339A9B-D1F4-4084-9EEE-B9F5CB487527} - C:\WINDOWS\system32\hggecay.dll (file missing)

O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: (no name) - {EF89C1CA-61B9-4A6A-8742-ED7DC678AA8C} - C:\WINDOWS\system32\awvvu.dll (file missing)

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs

O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"

O4 - HKLM\..\Run: [Dit] Dit.exe

O4 - HKLM\..\RunServices: [InternetExplorer32] C:\WINDOWS\system32\iexplore32.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe

O4 - HKCU\..\Run: [ServUTrayIcon] C:\Program Files\Serv-U\ServUTray.exe

O4 - Startup: Raccourci vers Rainlendar2.lnk = C:\Program Files\Rainlendar2\Rainlendar2.exe

O4 - Startup: Raccourci vers RKLauncher.lnk = C:\Program Files\RK Launcher\RKLauncher.exe

O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe

O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\APConfig2500.exe

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll

O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll

O14 - IERESET.INF: START_PAGE_URL=http://www.incompris.net

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...

O17 - HKLM\System\CCS\Services\Tcpip\..\{CCE69AD8-F484-431E-9BD0-EBAE137BE877}: NameServer = 212.27.53.252,212.27.54.252

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\WINDOWS\Private Folder\PrfldSvc.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

08/06/2007 a 19:23:41,98



*** Recherche des fichiers dans C:

C:\autorun.inf FOUND



*** Recherche des fichiers dans C:\WINDOWS\



*** Recherche des fichiers dans C:\WINDOWS\system32



*** Recherche des fichiers dans C:\Program Files

"C:\Program Files\Internet\" FOUND

*** Fin du rapport !

Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 10/06/2007 a 22:30:23,96

Microsoft Windows XP [version 5.1.2600]

*** Suppression des fichiers dans C:
tentative de suppression de C:\autorun.inf

*** Suppression des fichiers dans C:\WINDOWS\

*** Suppression des fichiers dans C:\WINDOWS\system32

*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\Internet\"

*** Suppression des clefs du registre effectuee..
*** Fin du rapport !

Logfile of HijackThis v1.99.1
Scan saved at 23:05:27, on 10/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\Dit.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Serv-U\ServUTray.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\APConfig2500.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\RK Launcher\RKLauncher.exe
C:\Documents And Settings\oOo _n3o_ oOo\Bureau\HijackThis.exe
C:\WINDOWS\system32\msdtc.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\Private Folder\PrfldSvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\System32\dmadmin.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\Tablet.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.incompris.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.incompris.net
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {92A444D2-F945-4dd9-89A1-896A6C2D8D22} - C:\WINDOWS\system32\bhumrovq.dll
O2 - BHO: (no name) - {A2339A9B-D1F4-4084-9EEE-B9F5CB487527} - C:\WINDOWS\system32\hggecay.dll (file missing)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {EF89C1CA-61B9-4A6A-8742-ED7DC678AA8C} - C:\WINDOWS\system32\awvvu.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\RunServices: [InternetExplorer32] C:\WINDOWS\system32\iexplore32.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [ServUTrayIcon] C:\Program Files\Serv-U\ServUTray.exe
O4 - Startup: Raccourci vers Rainlendar2.lnk = C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - Startup: Raccourci vers RKLauncher.lnk = C:\Program Files\RK Launcher\RKLauncher.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\APConfig2500.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.incompris.net
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\WINDOWS\Private Folder\PrfldSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

//==<AVG AntiSpyware 7.5.1.22>===================================
Exception code: C0000005 ACCESS_VIOLATION
Fault address: 004030A0 01:000020A0 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
Module Date: 05/30/2007 13:55:10
File Version of C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe: 7.5.1.36
Exception Date: 06/08/2007 20:18:12

MiniDump Information Saved to C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.dmp

Registers:
EAX:00000000
EBX:012CFEF4
ECX:00000000
EDX:011D0008
ESI:00000000
EDI:012CFEC6
CS:EIP:001B:004030A0
SS:ESP:0023:012CFA70 EBP:012CFED0
DS:0023 ES:0023 FS:003B GS:0000
Flags:00010246

Intel specific metho

Call stack:A
Address Frame Param 0 Param 1 Param 2 Param 3 Logical addr Module
004030A0 012CFED0 012CFEF4 0044A888 0000008C 010CFFA0 0001:000020A0 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

ImageHelp specific method

Call stack:
Address Frame Param 0 Param 1 Param 2 Param 3 Symbol/Logical address
004030A0 012CFED0 012CFEF4 0044A888 0000008C 010CFFA0 0001:000020A0 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

Loaded Modules:
Base Size Module
00400000 04E000 7.05.0001.0036 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
7C910000 0B7000 5.01.2600.2180 C:\WINDOWS\system32\ntdll.dll
7C800000 105000 5.01.2600.2945 C:\WINDOWS\system32\kernel32.dll
10000000 0DE000 4.02.0000.0019 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll
76720000 009000 6.00.2900.2180 C:\WINDOWS\system32\SHFOLDER.dll
77BE0000 058000 7.00.2600.2180 C:\WINDOWS\system32\msvcrt.dll
77DA0000 0AC000 5.01.2600.2180 C:\WINDOWS\system32\ADVAPI32.dll
77E50000 091000 5.01.2600.2180 C:\WINDOWS\system32\RPCRT4.dll
77F40000 09D000 6.00.2900.2937 C:\WINDOWS\system32\SHLWAPI.dll
77EF0000 047000 5.01.2600.2818 C:\WINDOWS\system32\GDI32.dll
77D10000 08E000 5.01.2600.2622 C:\WINDOWS\system32\USER32.dll
76AE0000 02F000 5.01.2600.2180 C:\WINDOWS\system32\WINMM.dll
76BA0000 00B000 5.01.2600.2180 C:\WINDOWS\system32\PSAPI.DLL
77BD0000 008000 5.01.2600.2180 C:\WINDOWS\system32\VERSION.dll
76D10000 019000 5.01.2600.2912 C:\WINDOWS\system32\iphlpapi.dll
719F0000 017000 5.01.2600.2180 C:\WINDOWS\system32\WS2_32.dll
719E0000 008000 5.01.2600.2180 C:\WINDOWS\system32\WS2HELP.dll
774A0000 13D000 5.01.2600.2726 C:\WINDOWS\system32\ole32.dll
770E0000 08C000 5.01.2600.2180 C:\WINDOWS\system32\OLEAUT32.dll
77390000 102000 5.82.2900.2649 C:\WINDOWS\system32\comctl32.dll
58B50000 09A000 5.82.2900.2649 C:\WINDOWS\system32\comctl32.dll
77650000 021000 5.01.2600.2180 C:\WINDOWS\system32\NTMARTA.DLL
76F10000 02D000 5.01.2600.2180 C:\WINDOWS\system32\WLDAP32.dll
71B50000 013000 5.01.2600.2180 C:\WINDOWS\system32\SAMLIB.dll
5D3F0000 0A1000 5.01.2600.2180 C:\WINDOWS\system32\DBGHELP.DLL

//==<AVG AntiSpyware 7.5.1.22>===================================
Exception code: C0000005 ACCESS_VIOLATION
Fault address: 004030A0 01:000020A0 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
Module Date: 05/30/2007 13:55:10
File Version of C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe: 7.5.1.36
Exception Date: 06/10/2007 23:02:02

MiniDump Information Saved to C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.dmp

Registers:
EAX:00000000
EBX:011CFEF4
ECX:00000000
EDX:00804000
ESI:00000000
EDI:011CFEC6
CS:EIP:001B:004030A0
SS:ESP:0023:011CFA70 EBP:011CFED0
DS:0023 ES:0023 FS:003B GS:0000
Flags:00010246

Intel specific method

Call stack:
Address Frame Param 0 Param 1 Param 2 Param 3 Logical addr Module
004030A0 011CFED0 011CFEF4 0044A888 0000008C 010CFFA0 0001:000020A0 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

ImageHelp specific method

Call stack:
Address Frame Param 0 Param 1 Param 2 Param 3 Symbol/Logical address
004030A0 011CFED0 011CFEF4 0044A888 0000008C 010CFFA0 0001:000020A0 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

Loaded Modules:
Base Size Module
00400000 04E000 7.05.0001.0036 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
7C910000 0B7000 5.01.2600.2180 C:\WINDOWS\system32\ntdll.dll
7C800000 105000 5.01.2600.2945 C:\WINDOWS\system32\kernel32.dll
10000000 0DE000 4.02.0000.0019 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll
76720000 009000 6.00.2900.2180 C:\WINDOWS\system32\SHFOLDER.dll
77BE0000 058000 7.00.2600.2180 C:\WINDOWS\system32\msvcrt.dll
77DA0000 0AC000 5.01.2600.2180 C:\WINDOWS\system32\ADVAPI32.dll
77E50000 091000 5.01.2600.2180 C:\WINDOWS\system32\RPCRT4.dll
77F40000 09D000 6.00.2900.2937 C:\WINDOWS\system32\SHLWAPI.dll
77EF0000 047000 5.01.2600.2818 C:\WINDOWS\system32\GDI32.dll
77D10000 08E000 5.01.2600.2622 C:\WINDOWS\system32\USER32.dll
76AE0000 02F000 5.01.2600.2180 C:\WINDOWS\system32\WINMM.dll
76BA0000 00B000 5.01.2600.2180 C:\WINDOWS\system32\PSAPI.DLL
77BD0000 008000 5.01.2600.2180 C:\WINDOWS\system32\VERSION.dll
76D10000 019000 5.01.2600.2912 C:\WINDOWS\system32\iphlpapi.dll
719F0000 017000 5.01.2600.2180 C:\WINDOWS\system32\WS2_32.dll
719E0000 008000 5.01.2600.2180 C:\WINDOWS\system32\WS2HELP.dll
774A0000 13D000 5.01.2600.2726 C:\WINDOWS\system32\ole32.dll
770E0000 08C000 5.01.2600.2180 C:\WINDOWS\system32\OLEAUT32.dll
77390000 102000 5.82.2900.2649 C:\WINDOWS\system32\comctl32.dll
58B50000 09A000 5.82.2900.2649 C:\WINDOWS\system32\comctl32.dll
77650000 021000 5.01.2600.2180 C:\WINDOWS\system32\NTMARTA.DLL
76F10000 02D000 5.01.2600.2180 C:\WINDOWS\system32\WLDAP32.dll
71B50000 013000 5.01.2600.2180 C:\WINDOWS\system32\SAMLIB.dll
5D3F0000 0A1000 5.01.2600.2180 C:\WINDOWS\system32\DBGHELP.DLL

Monday, June 11, 2007 12:59:03 AM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 11/06/2007
Enregistrements dans la base antivirus Kaspersky : 342097
Paramètres d'analyse
Analyser avec la base antivirus suivante étendue
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Zones critiques
C:\WINDOWS
C:\DOCUME~1\OOO_N3~1\LOCALS~1\Temp\
Statistiques de l'analyse
Total d'objets analysés 13394
Nombre de virus trouvés 2
Nombre d'objets infectés 9 / 0
Nombre d'objets suspects 0
Durée de l'analyse 00:07:29

Nom de l'objet infecté Nom du virus Dernière action
C:\WINDOWS\CSC\00000001 L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\java\java.log\hidden32.exe Infecté : not-a-virus:RiskTool.Win32.HideWindows ignoré
C:\WINDOWS\java\java.log\NewKit.exe/data.rar/JavaL.exe Infecté : Trojan-Downloader.Win32.Banload.aui ignoré
C:\WINDOWS\java\java.log\NewKit.exe/data.rar Infecté : Trojan-Downloader.Win32.Banload.aui ignoré
C:\WINDOWS\java\java.log\NewKit.exe RarSFX: infecté - 2 ignoré
C:\WINDOWS\java\java.log\NewKitStart.exe/data.rar/NewKit.exe/data.rar/JavaL.exe Infecté : Trojan-Downloader.Win32.Banload.aui ignoré
C:\WINDOWS\java\java.log\NewKitStart.exe/data.rar/NewKit.exe/data.rar Infecté : Trojan-Downloader.Win32.Banload.aui ignoré
C:\WINDOWS\java\java.log\NewKitStart.exe/data.rar/NewKit.exe Infecté : Trojan-Downloader.Win32.Banload.aui ignoré
C:\WINDOWS\java\java.log\NewKitStart.exe/data.rar Infecté : Trojan-Downloader.Win32.Banload.aui ignoré
C:\WINDOWS\java\java.log\NewKitStart.exe RarSFX: infecté - 4 ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\DEFAULT.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SOFTWARE.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SYSTEM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\atapi.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\MsDtc\MSDTC.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\MsDtc\Trace\dtctrace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
C:\DOCUME~1\OOO_N3~1\LOCALS~1\Temp\IMG28.tmp L'objet est verrouillé ignoré
C:\DOCUME~1\OOO_N3~1\LOCALS~1\Temp\~DFB003.tmp L'objet est verrouillé ignoré
C:\DOCUME~1\OOO_N3~1\LOCALS~1\Temp\~DFB4E6.tmp L'objet est verrouillé ignoré
C:\DOCUME~1\OOO_N3~1\LOCALS~1\Temp\~DFB738.tmp L'objet est verrouillé ignoré
C:\DOCUME~1\OOO_N3~1\LOCALS~1\Temp\~DFDE3F.tmp L'objet est verrouillé ignoré
C:\DOCUME~1\OOO_N3~1\LOCALS~1\Temp\~ROMFN_00000804 L'objet est verrouillé ignoré
Analyse terminée.

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 01:24:14 11/06/2007

+ Résultat de l'analyse:



C:\WINDOWS\java\java.log\hidden32.exe -> Backdoor.Hupigon.hk : Aucune action entreprise.
C:\Documents And Settings\oOo _n3o_ oOo\Cookies\ooo _n3o_ ooo@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.119:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Com : Aucune action entreprise.
C:\Documents And Settings\oOo _n3o_ oOo\Cookies\ooo _n3o_ ooo@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.187:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Esomniture : Aucune action entreprise.
:mozilla.242:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
C:\Documents And Settings\oOo _n3o_ oOo\Cookies\ooo _n3o_ ooo@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Aucune action entreprise.
:mozilla.330:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Gemius : Aucune action entreprise.
:mozilla.331:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Gemius : Aucune action entreprise.
:mozilla.332:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Gemius : Aucune action entreprise.
:mozilla.908:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.909:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.910:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.340:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Hotlog : Aucune action entreprise.
:mozilla.819:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Information : Aucune action entreprise.
:mozilla.443:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
C:\Documents And Settings\oOo _n3o_ oOo\Cookies\ooo _n3o_ ooo@mediaplex[2].txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.491:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Oewabox : Aucune action entreprise.
:mozilla.957:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Paypal : Aucune action entreprise.
:mozilla.523:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Qksrv : Aucune action entreprise.
:mozilla.524:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Qksrv : Aucune action entreprise.
:mozilla.831:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Reliablestats : Aucune action entreprise.
:mozilla.832:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Reliablestats : Aucune action entreprise.
:mozilla.833:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Reliablestats : Aucune action entreprise.
:mozilla.834:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Reliablestats : Aucune action entreprise.
:mozilla.835:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Reliablestats : Aucune action entreprise.
:mozilla.133:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Sexcounter : Aucune action entreprise.
:mozilla.134:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Sexcounter : Aucune action entreprise.
C:\Documents And Settings\oOo _n3o_ oOo\Cookies\ooo _n3o_ ooo@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.573:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.574:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.575:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.605:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Toplist : Aucune action entreprise.
C:\Documents And Settings\oOo _n3o_ oOo\Cookies\ooo _n3o_ ooo@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.608:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Trafic : Aucune action entreprise.
:mozilla.806:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Webtrends : Aucune action entreprise.
:mozilla.836:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Webtrendslive : Aucune action entreprise.
:mozilla.698:C:\Documents And Settings\oOo _n3o_ oOo\Application Data\Mozilla\Firefox\Profiles\op9x8ukq.default\cookies.txt -> TrackingCookie.Yadro : Aucune action entreprise.


Fin du rapport