yazman
-
Compteur de contenus
12 -
Inscription
-
Dernière visite
Messages posté(e)s par yazman
-
-
On a aussi ce qu'il faut sur Zebulon : Accélérer Firefox http://www.zebulon.fr/astuces/tip192/Accelerer-Firefox.html
Salut, est ce qu'on doit mettre le " browser.turbo.enabled" à true dans cette méthode ou non ? Si oui, est ce que cela aura un effet ? Car dans le tuto, tu n'as pas mentionné ce fait, d'où ma question
. -
rassure moi... tu as laissé l'antivirus au démarrage??
Euh quel antivirus ? Ne t'en fais pas je l'ai laissé
sinon je devrai refaire tout dès le début. Or cette expérience, je ne veux pas la revivre avec mon PC (des heures que pour les scans).Pour les 2 programmes, je les ai supprimé.
Parmi les parefeu, je vais installer ZoneAlarm comme tu me l'as conseillé.
Merci pour la liste des parefeu
. -
Bonjour,
Lorsque j'ai redemarré le PC j'étais entrain d'attendre que tout se termine (le chargement) mais à ma surprise tout était chargé rapidement
.Pour le démarrage, j'ai laissé seulement les fichiers correspondants à mon PC Toshiba.
Danke
-
Le PC marche très bien
.Merci beaucoup, très sympa de ta part de m'avoir accompagner tout au long de la bataille contre les troies.
Ce sera cool, si on pourra l'optimiser plus (c'est vrai lors du démarrage je dois attendre un ptit bout)
Voici le fichier uninstall_list.txt :
Adobe Acrobat 7.0 Professional - English, Français, Deutsch
Adobe Photoshop 7.0
Adobe Reader 7.0 - Français
ALPS Touch Pad Driver
ANPSEDIC
Archiveur WinRAR
ArcSoft VideoImpression 1.6
Assist TOSHIBA
Assistant Publication de sites Web Microsoft 1.53
Atheros Wireless LAN MiniPCI card Driver
AVG Free Edition
Babylon
Belltech Business Card Designer Pro 4.0
BitComet 0.71
C++test
Camtasia Studio 3
Canon MultiPASS Suite 4.40
Commandes TOSHIBA
Correctif Windows XP - KB834707
Correctif Windows XP - KB873339
Correctif Windows XP - KB885250
Correctif Windows XP - KB885835
Correctif Windows XP - KB885836
Correctif Windows XP - KB885855
Correctif Windows XP - KB885884
Correctif Windows XP - KB886185
Correctif Windows XP - KB887472
Correctif Windows XP - KB887742
Correctif Windows XP - KB888113
Correctif Windows XP - KB888302
Correctif Windows XP - KB889673
Correctif Windows XP - KB890175
Correctif Windows XP - KB890859
Correctif Windows XP - KB891781
Crystal FTP Free
Cute FTP Pro v7.1
DAEMON Tools
DHTML Menu Builder 4.9
DHTML Menu Builder 4.9
Digital Image
DivX Codec
DivX Player
EasyPHP 1.8
Espace Wanadoo Tunisie
ewido anti-spyware 4.0
Fiolex Home Studio
Folder Lock
Football Manager 2006
Formatage de carte mémoire SD TOSHIBA
FTP 2000
Gestion d'énergie TOSHIBA
GSmart Mini 3
GSmart Mini 3 WDM Video Capture
GSview et Aladdin Ghostscript
GTK+ 2.8.18-1 runtime environment
HelpNDoc Version 1.7 Personal Edition
HijackThis 1.99.1
Intel® Graphics Media Accelerator Driver for Mobile
InterVideo WinDVD for TOSHIBA
J2SE Development Kit 5.0 Update 6
J2SE Runtime Environment 5.0 Update 6
JCreator LE 3.50
KaraFun 1.10
Kazaa 3.2.2
Lecteur Windows Media 10
LFP Manager 06
Macromedia Dreamweaver 8
Macromedia Dreamweaver MX 2004
Macromedia Extension Manager
Macromedia Extension Manager
Macromedia Fireworks MX 2004
Macromedia Flash 8
Macromedia Flash 8 Video Encoder
Macromedia Flash Player
Macromedia Flash Player 8
Macromedia Flash Player 8 Plugin
Macromedia Shockwave Player
Manuels TOSHIBA
Messenger Plus! 3
MetaProducts Offline Explorer Enterprise
Microsoft .NET Framework (English) v1.0.3705
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 French Language Pack
Microsoft .NET Framework 2.0
Microsoft ASP.NET Web Matrix
Microsoft Office OneNote 2003
Microsoft Office XP Professional avec FrontPage
Microsoft Project 2000
Microsoft SQL Server 2000
Microsoft Visual J# .NET Redistributable Package 1.1
Microsoft Visual Studio .NET Enterprise Architect 2003 - Français
Microsoft Visual Studio 6.0 Édition Entreprise (Français)
Microsoft Windows Media Video 9 VCM
Microsoft Works
mIRC
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
Mise à jour de sécurité pour Windows XP (KB890046)
Mise à jour de sécurité pour Windows XP (KB893066)
Mise à jour de sécurité pour Windows XP (KB893756)
Mise à jour de sécurité pour Windows XP (KB896358)
Mise à jour de sécurité pour Windows XP (KB896422)
Mise à jour de sécurité pour Windows XP (KB896423)
Mise à jour de sécurité pour Windows XP (KB896424)
Mise à jour de sécurité pour Windows XP (KB896428)
Mise à jour de sécurité pour Windows XP (KB899587)
Mise à jour de sécurité pour Windows XP (KB899591)
Mise à jour de sécurité pour Windows XP (KB900725)
Mise à jour de sécurité pour Windows XP (KB901017)
Mise à jour de sécurité pour Windows XP (KB901190)
Mise à jour de sécurité pour Windows XP (KB901214)
Mise à jour de sécurité pour Windows XP (KB902400)
Mise à jour de sécurité pour Windows XP (KB904706)
Mise à jour de sécurité pour Windows XP (KB905414)
Mise à jour de sécurité pour Windows XP (KB905749)
Mise à jour de sécurité pour Windows XP (KB905915)
Mise à jour de sécurité pour Windows XP (KB908519)
Mise à jour de sécurité pour Windows XP (KB908531)
Mise à jour de sécurité pour Windows XP (KB911562)
Mise à jour de sécurité pour Windows XP (KB911567)
Mise à jour de sécurité pour Windows XP (KB911927)
Mise à jour de sécurité pour Windows XP (KB912812)
Mise à jour de sécurité pour Windows XP (KB912919)
Mise à jour de sécurité pour Windows XP (KB913446)
Mise à jour de sécurité pour Windows XP (KB913580)
Mise à jour de sécurité pour Windows XP (KB914388)
Mise à jour de sécurité pour Windows XP (KB914389)
Mise à jour de sécurité pour Windows XP (KB916281)
Mise à jour de sécurité pour Windows XP (KB917159)
Mise à jour de sécurité pour Windows XP (KB917344)
Mise à jour de sécurité pour Windows XP (KB917953)
Mise à jour de sécurité pour Windows XP (KB918439)
Mise à jour de sécurité pour Windows XP (KB921883)
Mise à jour pour Windows XP (KB894391)
Mise à jour pour Windows XP (KB898461)
Mise à jour pour Windows XP (KB900485)
Mise à jour pour Windows XP (KB910437)
Mise à jour pour Windows XP (KB911280)
Mise à jour pour Windows XP (KB916595)
MotionDV STUDIO 5.3E LE for DV
Mozilla Firefox (1.5.0.7)
MSN
MSN Messenger 7.5
MyEclipse Enterprise Workbench v4.0.2
MySQL Query Browser 1.1
MySQL Server 4.1
Need2Find Bar
Nero 7 Demo
NuTCRACKER Operating Environment
Outil de diagnostic PC TOSHIBA
Paint.NET v2.72
Panda ActiveScan
Passware Kit Enterprise 7.5
Picasa 2
QuickTime
Rational Rose Enterprise Edition
Readiris Pro 10
Realtek AC'97 Audio
REALTEK Gigabit and Fast Ethernet NIC Driver
Réducteur de bruit lect. CD/DVD
SAGEM F@st 800-840
SD Secure Module
Security Update pour Microsoft .NET Framework 2.0 (KB917283)
SMSC IrCC V5.1.3600.5 SP2
Son virtuel TOSHIBA
Sonic DLA
Sonic RecordNow!
SPSS pour Windows 10.0
Spybot - Search & Destroy 1.4
StuffPlug-NG (Messenger Plus! Plugins)
Texas Instruments PCIxx21/x515 drivers.
The Best Offers
The GIMP 2.2.10
Together Workflow Editor
TOSHIBA Accessibility
TOSHIBA ConfigFree
TOSHIBA Hardware Setup
TOSHIBA Mot de passe responsable
TOSHIBA Software Modem
Touch and Launch
Trojan Remover 6.5.2
Ulead GIF Animator 5 ESD
Utilitaire de zoom TOSHIBA
Utilitaire Hotkey TOSHIBA
Utilitaire TouchPad ON/OFF
Video Stream Driver for Panasonic DVC
VideoLAN VLC media player 0.8.4a
VirtualCloneDrive
Visual J# .NET Redistributable 1.1- French Language Pack
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Yahoo! Extras
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Toolbar avec bloqueur de fenêtres pop-up
ZipLine 1.5
-
Bonsoir, quel boulot ! ça ne finit jamais
J'ai supprimé les fichiers que Panda a trouvé.
Voici le rapport de HiJackThis :
Logfile of HijackThis v1.99.1
Scan saved at 00:22:18, on 19/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe
C:\WINDOWS\system32\nutsrv4.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Canon\MultiPASS4\MPTBox.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Digital Image\Monitor.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Yazman\Bureau\WinPFind\WinPFind\winpfind.exe
C:\WINDOWS\notepad.exe
C:\Program Files\hijackthis\yazman.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.tn/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo / Internet avec Planet Tunisie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [NuTCSetupEnviron] C:\PROGRA~1\RATIONAL\RATION~1\NUTCROOT\bin\ncoeenv.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [MPTBox] C:\Program Files\Canon\MultiPASS4\MPTBox.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [Eyeball Chat] "C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe" -min
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: DKMessenger.lnk = C:\Program Files\DKware\DKMessenger\DKMessenger.exe
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Startup: WkCalRem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Image Monitor.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Enterprise\Add_UrlO.htm
O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Enterprise\Add_AllO.htm
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7B856455-4B25-4709-8077-7870CEF040CB}: NameServer = 193.95.122.40 193.95.93.77
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: NuTCRACKER Service (NuTCRACKERService) - DataFocus, Inc. - C:\WINDOWS\system32\nutsrv4.exe
Voici le rapport de WinPFind :
WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding.
If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows sometimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly.
»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Logfile created on: 19/09/2006 00:08:03
WinPFind v1.5.0 Folder = C:\Documents and Settings\Yazman\Bureau\WinPFind\WinPFind\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)
»»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»
Checking %SystemDrive% folder...
WSUD 25/03/2006 12:51:46 108459237 C:\eclipse-SDK-3.1.2-win32.zip ()
Checking %ProgramFilesDir% folder...
Checking %WinDir% folder...
UPX! 22/08/2004 18:04:56 69120 C:\WINDOWS\daemon.dll ()
FSG! 08/04/2005 19:10:40 7572683 C:\WINDOWS\dmbsetup.exe ()
PEC2 08/04/2005 19:10:40 7572683 C:\WINDOWS\dmbsetup.exe ()
PECompact2 08/04/2005 19:10:40 7572683 C:\WINDOWS\dmbsetup.exe ()
qoologic 13/08/2006 20:05:46 89452544 C:\WINDOWS\MEMORY.DMP ()
WSUD 13/08/2006 20:05:46 89452544 C:\WINDOWS\MEMORY.DMP ()
Checking %System% folder...
WSUD 27/10/2004 18:42:44 16179200 C:\WINDOWS\SYSTEM32\alsndmgr.cpl (Realtek Semiconductor Corp.)
PEC2 19/03/2003 05:05:48 2052096 C:\WINDOWS\SYSTEM32\atl71.pdb ()
PEC2 14/02/2005 20:08:46 31232 C:\WINDOWS\SYSTEM32\ColorPicker.ocx (xFX JumpStart)
PECompact2 14/02/2005 20:08:46 31232 C:\WINDOWS\SYSTEM32\ColorPicker.ocx (xFX JumpStart)
PEC2 05/08/2004 13:00:00 41131 C:\WINDOWS\SYSTEM32\dfrg.msc ()
PEC2 22/03/2005 22:44:26 49664 C:\WINDOWS\SYSTEM32\DMBSampleControl.ocx ( )
PECompact2 22/03/2005 22:44:26 49664 C:\WINDOWS\SYSTEM32\DMBSampleControl.ocx ( )
PEC2 11/06/2002 04:35:20 12800 C:\WINDOWS\SYSTEM32\FormShaper.ocx (xFX JumpStart)
PEC2 15/02/2005 00:40:20 21504 C:\WINDOWS\SYSTEM32\HREF.OCX (xFX JumpStart)
PECompact2 15/02/2005 00:40:20 21504 C:\WINDOWS\SYSTEM32\HREF.OCX (xFX JumpStart)
PEC2 27/06/2003 00:02:36 20480 C:\WINDOWS\SYSTEM32\ICONTAINER.OCX (xFX JumpStart)
PEC2 07/05/2004 05:54:00 11776 C:\WINDOWS\SYSTEM32\LINE3D.OCX (xFX JumpStart)
PEC2 18/06/1998 01:00:00 8015872 C:\WINDOWS\SYSTEM32\MFC42.PDB ()
PEC2 18/06/1998 01:00:00 3944448 C:\WINDOWS\SYSTEM32\MFC42D.PDB ()
PEC2 19/03/2003 07:20:00 10357760 C:\WINDOWS\SYSTEM32\mfc71.pdb ()
PEC2 19/03/2003 06:28:40 8252416 C:\WINDOWS\SYSTEM32\MFC71d.pdb ()
PEC2 19/03/2003 07:12:12 10333184 C:\WINDOWS\SYSTEM32\mfc71u.pdb ()
PEC2 19/03/2003 06:31:58 8293376 C:\WINDOWS\SYSTEM32\mfc71ud.pdb ()
PEC2 18/06/1998 01:00:00 2052096 C:\WINDOWS\SYSTEM32\MFCD42D.PDB ()
PEC2 18/06/1998 01:00:00 1454080 C:\WINDOWS\SYSTEM32\MFCN42D.PDB ()
PEC2 18/06/1998 01:00:00 4395008 C:\WINDOWS\SYSTEM32\MFCO42D.PDB ()
PECompact2 09/08/2006 21:03:04 8325544 C:\WINDOWS\SYSTEM32\MRT.exe (Microsoft Corporation)
aspack 09/08/2006 21:03:04 8325544 C:\WINDOWS\SYSTEM32\MRT.exe (Microsoft Corporation)
aspack 05/08/2004 13:00:00 733184 C:\WINDOWS\SYSTEM32\ntdll.dll (Microsoft Corporation)
WSUD 05/08/2004 13:00:00 261120 C:\WINDOWS\SYSTEM32\nusrmgr.cpl (Microsoft Corporation)
WSUD 02/09/2001 12:29:22 13107200 C:\WINDOWS\SYSTEM32\oembios.bin ()
Umonitor 05/08/2004 13:00:00 685056 C:\WINDOWS\SYSTEM32\rasdlg.dll (Microsoft Corporation)
PEC2 11/02/2003 23:17:24 11776 C:\WINDOWS\SYSTEM32\SmartSubClass.dll (VBSmart)
aspack 02/05/2006 23:55:10 53248 C:\WINDOWS\SYSTEM32\suppdll.dll ()
UPX! 29/08/2006 15:52:54 248832 C:\WINDOWS\SYSTEM32\trjscan.trb (Simply Super Software)
aspack 17/06/2006 01:46:58 345088 C:\WINDOWS\SYSTEM32\trupd.trb (Simply Super Software)
PEC2 14/04/2004 18:42:32 13312 C:\WINDOWS\SYSTEM32\tsys.dll (xFX JumpStart)
winsync 05/08/2004 13:00:00 1309184 C:\WINDOWS\SYSTEM32\wbdbase.deu ()
PEC2 30/10/2002 02:02:04 17920 C:\WINDOWS\SYSTEM32\xfxbinimg.dll ()
PEC2 26/05/2004 00:24:12 35840 C:\WINDOWS\SYSTEM32\xFXSlider.ocx (xFX JumpStart)
PECompact2 26/05/2004 00:24:12 35840 C:\WINDOWS\SYSTEM32\xFXSlider.ocx (xFX JumpStart)
Checking %System%\Drivers folder and sub-folders...
UPX! 13/09/2006 15:16:46 777472 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys (GRISOFT, s.r.o.)
FSG! 13/09/2006 15:16:46 777472 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys (GRISOFT, s.r.o.)
PEC2 13/09/2006 15:16:46 777472 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys (GRISOFT, s.r.o.)
aspack 13/09/2006 15:16:46 777472 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys (GRISOFT, s.r.o.)
Items found in C:\WINDOWS\SYSTEM32\drivers\etc\hosts
Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
18/09/2006 23:55:28 S 2048 C:\WINDOWS\bootstat.dat ()
07/09/2006 15:10:36 RH 0 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\index27.dat ()
07/09/2006 15:10:36 RH 0 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\index28.dat ()
28/07/2006 22:21:24 H 626422 C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\1369c6d3d1e461b8f6eb4aab4a0a2c8a\download\BIT18.tmp ()
02/08/2006 01:36:22 H 1079032 C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\813393cacabba48c35f9d086fb3055ff\download\BIT1A.tmp ()
28/07/2006 23:38:22 H 155879 C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\8a7f7c98df0a30ead57d10a0a13cfc46\download\BIT17.tmp ()
28/07/2006 23:30:06 H 36246 C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\9d141fe443dceca575dc6e6f2f0eca89\download\BIT19.tmp ()
28/07/2006 23:27:20 H 69744 C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\c40c0e3d7dcfb5be7fb7777a31340af0\download\BIT1C.tmp ()
28/07/2006 23:54:10 H 24986 C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\d8661e60d3aee3a77c6330f550a29252\download\BIT1D.tmp ()
08/08/2006 07:11:34 H 560028 C:\WINDOWS\system32\mlfcache.dat ()
18/09/2006 23:57:52 H 1024 C:\WINDOWS\system32\config\default.LOG ()
18/09/2006 23:56:16 H 1024 C:\WINDOWS\system32\config\SAM.LOG ()
18/09/2006 23:58:42 H 1024 C:\WINDOWS\system32\config\SECURITY.LOG ()
19/09/2006 00:19:04 H 1024 C:\WINDOWS\system32\config\software.LOG ()
19/09/2006 00:02:56 H 1024 C:\WINDOWS\system32\config\system.LOG ()
04/09/2006 12:53:30 H 1024 C:\WINDOWS\system32\config\systemprofile\NTUSER.DAT.LOG ()
22/08/2006 01:14:18 HS 388 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\960ebf89-073c-453b-a1fd-c2225581237b ()
22/08/2006 01:14:18 HS 24 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred ()
18/09/2006 23:55:42 H 6 C:\WINDOWS\Tasks\SA.DAT ()
Checking for CPL files...
05/08/2004 13:00:00 71680 C:\WINDOWS\SYSTEM32\access.cpl (Microsoft Corporation)
27/10/2004 18:42:44 16179200 C:\WINDOWS\SYSTEM32\alsndmgr.cpl (Realtek Semiconductor Corp.)
05/08/2004 13:00:00 555008 C:\WINDOWS\SYSTEM32\appwiz.cpl (Microsoft Corporation)
05/08/2004 13:00:00 110592 C:\WINDOWS\SYSTEM32\bthprops.cpl (Microsoft Corporation)
05/08/2004 13:00:00 138240 C:\WINDOWS\SYSTEM32\desk.cpl (Microsoft Corporation)
05/08/2004 13:00:00 80384 C:\WINDOWS\SYSTEM32\firewall.cpl (Microsoft Corporation)
05/08/2004 13:00:00 157184 C:\WINDOWS\SYSTEM32\hdwwiz.cpl (Microsoft Corporation)
25/02/2005 16:31:38 364544 C:\WINDOWS\SYSTEM32\HWSetup.cpl (TOSHIBA CO.,LTD.)
02/11/2004 10:01:34 94208 C:\WINDOWS\SYSTEM32\igfxcpl.cpl (Intel Corporation)
05/08/2004 13:00:00 359936 C:\WINDOWS\SYSTEM32\inetcpl.cpl (Microsoft Corporation)
05/08/2004 13:00:00 134144 C:\WINDOWS\SYSTEM32\intl.cpl (Microsoft Corporation)
05/08/2004 13:00:00 380928 C:\WINDOWS\SYSTEM32\irprops.cpl (Microsoft Corporation)
05/08/2004 13:00:00 70144 C:\WINDOWS\SYSTEM32\joy.cpl (Microsoft Corporation)
10/11/2005 13:03:50 49265 C:\WINDOWS\SYSTEM32\jpicpl32.cpl (Sun Microsystems, Inc.)
05/08/2004 13:00:00 189952 C:\WINDOWS\SYSTEM32\main.cpl (Microsoft Corporation)
05/08/2004 13:00:00 626176 C:\WINDOWS\SYSTEM32\mmsys.cpl (Microsoft Corporation)
05/08/2004 13:00:00 35840 C:\WINDOWS\SYSTEM32\ncpa.cpl (Microsoft Corporation)
05/08/2004 13:00:00 25600 C:\WINDOWS\SYSTEM32\netsetup.cpl (Microsoft Corporation)
05/08/2004 13:00:00 261120 C:\WINDOWS\SYSTEM32\nusrmgr.cpl (Microsoft Corporation)
27/05/1999 15:47:42 606720 C:\WINDOWS\SYSTEM32\NutCPApp.cpl (DataFocus, Inc.)
05/08/2004 13:00:00 32768 C:\WINDOWS\SYSTEM32\odbccp32.cpl (Microsoft Corporation)
05/08/2004 13:00:00 118272 C:\WINDOWS\SYSTEM32\powercfg.cpl (Microsoft Corporation)
30/09/2004 17:07:26 324608 C:\WINDOWS\SYSTEM32\QuickTime.cpl (Apple Computer, Inc.)
05/08/2004 13:00:00 305152 C:\WINDOWS\SYSTEM32\sysdm.cpl (Microsoft Corporation)
05/08/2004 13:00:00 28160 C:\WINDOWS\SYSTEM32\telephon.cpl (Microsoft Corporation)
05/08/2004 13:00:00 94208 C:\WINDOWS\SYSTEM32\timedate.cpl (Microsoft Corporation)
15/03/2005 18:39:32 495616 C:\WINDOWS\SYSTEM32\TOSCDSPD.cpl ()
21/01/2005 11:28:28 1171456 C:\WINDOWS\SYSTEM32\TPwrSave.cpl (TOSHIBA Corporation)
05/08/2004 13:00:00 148480 C:\WINDOWS\SYSTEM32\wscui.cpl (Microsoft Corporation)
26/05/2005 05:16:32 175896 C:\WINDOWS\SYSTEM32\wuaucpl.cpl (Microsoft Corporation)
26/05/2005 05:16:32 175896 C:\WINDOWS\SYSTEM32\dllcache\wuaucpl.cpl (Microsoft Corporation)
02/11/2004 10:01:34 94208 C:\WINDOWS\SYSTEM32\ReinstallBackups\0013\DriverFiles\igfxcpl.cpl (Intel Corporation)
02/11/2004 10:01:34 94208 C:\WINDOWS\SYSTEM32\ReinstallBackups\0015\DriverFiles\igfxcpl.cpl (Intel Corporation)
Checking for Downloaded Program Files...
{00000055-9980-0010-8000-00AA00389B71} - - CodeBase = http://codecs.microsoft.com/codecs/i386/fhg.CAB
{166B1BCA-3F9C-11CF-8075-444553540000} - Shockwave ActiveX Control - CodeBase = http://download.macromedia.com/pub/shockwa...director/sw.cab
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - YInstStarter Class - CodeBase = C:\Program Files\Yahoo!\Common\yinsthelper.dll
{33564D57-9980-0010-8000-00AA00389B71} - - CodeBase = http://download.microsoft.com/download/D/0...D0C/wmv9dmo.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} - Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - ActiveScan Installer Class - CodeBase = http://acs.pandasoftware.com/activescan/as5free/asinst.cab
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} - - CodeBase = http://download.macromedia.com/pub/shockwa...ash/swflash.cab
{F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - MSN Chat Control 4.5 - CodeBase = http://chat.msn.com/controls/msnchat45.cab
Microsoft XML Parser for Java - - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab
»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»
Checking files in %ALLUSERSPROFILE%\Startup folder...
06/12/2005 22:14:28 1014 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk ()
17/03/2005 09:21:28 HS 84 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini ()
23/12/2005 11:20:22 483 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Digital Image Monitor.lnk ()
01/04/2006 10:58:32 836 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk ()
18/09/2006 23:57:20 2335 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk ()
06/12/2005 22:03:26 1757 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk ()
25/11/2005 19:31:00 1740 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk ()
Checking files in %ALLUSERSPROFILE%\Application Data folder...
15/09/2006 00:47:46 305 C:\Documents and Settings\All Users\Application Data\addr_file.html ()
17/03/2005 10:13:24 HS 62 C:\Documents and Settings\All Users\Application Data\desktop.ini ()
Checking files in %USERPROFILE%\Startup folder...
17/03/2005 09:21:28 HS 84 C:\Documents and Settings\Yazman\Menu Démarrer\Programmes\Démarrage\desktop.ini ()
23/03/2006 11:08:14 813 C:\Documents and Settings\Yazman\Menu Démarrer\Programmes\Démarrage\DKMessenger.lnk ()
24/11/2005 22:29:46 899 C:\Documents and Settings\Yazman\Menu Démarrer\Programmes\Démarrage\Lancement rapide de Microsoft Office OneNote 2003.lnk ()
25/11/2005 21:52:18 950 C:\Documents and Settings\Yazman\Menu Démarrer\Programmes\Démarrage\WkCalRem.LNK ()
Checking files in %USERPROFILE%\Application Data folder...
17/03/2005 10:13:24 HS 62 C:\Documents and Settings\Yazman\Application Data\desktop.ini ()
01/06/2006 10:49:08 553256 C:\Documents and Settings\Yazman\Application Data\GDIPFONTCACHEV1.DAT ()
25/11/2005 21:53:26 0 C:\Documents and Settings\Yazman\Application Data\wklnhst.dat ()
»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»
>>> Internet Explorer Settings <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
\\Start Page - http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home
\\Search Page - http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
\\Default_Page_URL - http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
\\Default_Search_URL - http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
\\Local Page - %SystemRoot%\system32\blank.htm
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
\\Start Page - http://www.wanadoo.tn/
\\Search Bar -
\\Search Page - http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
\\Local Page - C:\WINDOWS\system32\blank.htm
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
\\CustomizeSearch - http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
\\SearchAssistant - http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
\\{08C06D61-F1F3-4799-86F8-BE1A89362C85} - Search Class = C:\PROGRA~1\Wanadoo\SEARCH~1.DLL ()
\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
>>> BHO's <<<
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
\{02478D38-C3F9-4EFB-9B51-7695ECA05670} - Yahoo! Toolbar Helper = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - AcroIEHlprObj Class = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
\{53707962-6F74-2D53-2644-206D7942484F} - = C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
\{5CA3D70E-1895-11CF-8E15-001234567890} - DriveLetterAccess = C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - SSVHelper Class = C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
\{AE7CD045-E861-484f-8273-0445EE161910} - AcroIEToolbarHelper Class = C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
>>> Internet Explorer Bars, Toolbars and Extensions <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
\{182EC0BE-5110-49C8-A062-BEB1D02A220B} - Adobe PDF = C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
\{4528BBE0-4E08-11D5-AD55-00010333D0AD} - &Yahoo! Messenger = C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll (Yahoo! Inc.)
\{4D5C8C25-D075-11d0-B416-00C04FB90376} - &Astuce du jour = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
\{4528BBE0-4E08-11D5-AD55-00010333D0AD} - &Yahoo! Messenger = C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll (Yahoo! Inc.)
\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} - Bandeau de recherche de l'Explorateur = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
\{EFA24E62-B078-11D0-89E4-00C04FC9E26E} - History Band = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation)
\{EFA24E64-B078-11D0-89E4-00C04FC9E26E} - Explorer Band = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF = C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
\ShellBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Adresse = %SystemRoot%\system32\browseui.dll (Microsoft Corporation)
\ShellBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} - &Liens = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
\WebBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Adresse = %SystemRoot%\system32\browseui.dll (Microsoft Corporation)
\WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} - &Liens = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - = ()
\WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - = ()
\WebBrowser\\{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - = ()
\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF = C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\CmdMapping]
\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - 8192 = Console Java (Sun)
\\NEXTID - 8195
\\{4528BBE0-4E08-11D5-AD55-00010333D0AD} - 8193 = Yahoo! Messenger
\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} - 8194 =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
\-{FB5F1910-F110-11d2-BB9E-00C04F795683} - ButtonText: Messenger = C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - MenuText: Console Java (Sun) = C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll (Sun Microsystems, Inc.)
\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - MenuText: Console Java (Sun) = C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)(HKCU CLSID)
\{4528BBE0-4E08-11D5-AD55-00010333D0AD} - ButtonText: Messenger =
\{92780B25-18CC-41C8-B9BE-3C9C571A8263} - ButtonText: Recherche =
>>> Approved Shell Extensions (Non-Microsoft Only) <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
\\{42071714-76d4-11d1-8b24-00a0c9068ff3} - Extension Affichage Panorama du Panneau de configuration = deskpan.dll ()
\\{764BF0E1-F219-11ce-972D-00AA00A14F56} - Extensions de l'environnement de compression de fichiers = ()
\\{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} - Menu contextuel de cryptage = ()
\\{88895560-9AA2-1069-930E-00AA0030EBC8} - Extension icône HyperTerminal = C:\WINDOWS\system32\hticons.dll (Hilgraeve, Inc.)
\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} - Barre des tâches et menu Démarrer = ()
\\{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} - Autoplay for SlideShow = ()
\\{7A9D77BD-5403-11d2-8785-2E0420524153} - Comptes d'utilisateurs = ()
\\{9ED66769-A198-41FE-8615-601691C68846} - TouchPad Property Sheet = C:\WINDOWS\system32\TPprop.dll (COMPAL ELECTRONIC INC.)
\\{DEE12703-6333-4D4E-8F34-738C4DCC2E04} - RecordNow! SendToExt = C:\Program Files\Sonic\RecordNow!\shlext.dll ()
\\{5CA3D70E-1895-11CF-8E15-001234567890} - DriveLetterAccess = C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
\\{32020A01-506E-484D-A2A8-BE3CF17601C3} - AlcoholShellEx = ()
\\{B41DB860-8EE4-11D2-9906-E49FADC173CA} - WinRAR shell extension = C:\Program Files\WinRAR\rarext.dll ()
\\{4B4604E0-8961-11D4-A0EC-009099164712} - Mon MultiPASS = C:\Program Files\Canon\MultiPASS4\DTM4.DLL (Canon Inc.)
\\{B7056B8E-4F99-44f8-8CBD-282390FE5428} - VirtualCloneDrive = C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll (Elaborate Bytes AG)
\\{B327765E-D724-4347-8B16-78AE18552FC3} - NeroDigitalIconHandler = C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll (Nero AG)
\\{7F1CF152-04F8-453A-B34C-E609530A9DC8} - NeroDigitalPropSheetHandler = C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll (Nero AG)
\\{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} - Adobe.Acrobat.ContextMenu = C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll (Adobe Systems Inc.)
\\{5464D816-CF16-4784-B9F3-75C0DB52B499} - Yahoo! Mail = C:\PROGRA~1\Yahoo!\Common\ymmapi.dll (Yahoo! Inc.)
\\{52B87208-9CCF-42C9-B88E-069281105805} - Trojan Remover Shell Extension = C:\PROGRA~1\TROJAN~1\Trshlex.dll (Simply Super Software)
\\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} - AVG7 Shell Extension = C:\PROGRA~1\Grisoft\AVGFRE~1\avgse.dll (GRISOFT, s.r.o.)
\\{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} - AVG7 Find Extension = C:\PROGRA~1\Grisoft\AVGFRE~1\avgse.dll (GRISOFT, s.r.o.)
\\{45AC2688-0253-4ED8-97DE-B5370FA7D48A} - Shell Extension for Malware scanning = ()
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
>>> Context Menu Handlers (Non-Microsoft Only) <<<
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers]
\Adobe.Acrobat.ContextMenu - {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} = C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll (Adobe Systems Inc.)
\AVG7 Shell Extension - {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\PROGRA~1\Grisoft\AVGFRE~1\avgse.dll (GRISOFT, s.r.o.)
\ewido anti-spyware - {8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\ewido anti-spyware 4.0\context.dll (Anti-Malware Development a.s.)
\Trojan Remover - {52B87208-9CCF-42C9-B88E-069281105805} = C:\PROGRA~1\TROJAN~1\Trshlex.dll (Simply Super Software)
\WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll ()
\Yahoo! Mail - {5464D816-CF16-4784-B9F3-75C0DB52B499} = C:\PROGRA~1\Yahoo!\Common\ymmapi.dll (Yahoo! Inc.)
\{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} - = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll (Nero AG)
[HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers]
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers]
\ewido anti-spyware - {8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\ewido anti-spyware 4.0\context.dll (Anti-Malware Development a.s.)
\WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll ()
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\BackGround\shellex\ContextMenuHandlers]
\igfxcui - {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} = C:\WINDOWS\system32\igfxpph.dll (Intel Corporation)
[HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers]
\AVG7 Shell Extension - {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\PROGRA~1\Grisoft\AVGFRE~1\avgse.dll (GRISOFT, s.r.o.)
\Trojan Remover - {52B87208-9CCF-42C9-B88E-069281105805} = C:\PROGRA~1\TROJAN~1\Trshlex.dll (Simply Super Software)
\WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll ()
\{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} - = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll (Nero AG)
>>> Column Handlers (Non-Microsoft Only) <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
\{7D4D6379-F301-4311-BEBA-E26EB0561882} - NeroDigitalExt.NeroDigitalColumnHandler = C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll (Nero AG)
\{F9DB5320-233E-11D1-9F84-707F02C10627} - PDF Column Info = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll (Adobe Systems, Inc.)
>>> Registry Run Keys <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Apoint - C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
PadTouch - C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe (TOSHIBA)
LtMoh - C:\Program Files\ltmoh\Ltmoh.exe (Agere Systems)
AGRSMMSG - C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
CeEKEY - C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)
- Reg Data missing or invalid ()
TPNF - C:\Program Files\TOSHIBA\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.)
TOSHIBA Accessibility - C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe (TOSHIBA)
HWSetup - C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe (TOSHIBA CO.,LTD.)
SVPWUTIL - C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe (TOSHIBA)
Zooming - C:\WINDOWS\SYSTEM32\ZoomingHook.exe (TOSHIBA)
TCtryIOHook - C:\WINDOWS\SYSTEM32\TCtrlIOHook.exe (TOSHIBA)
TPSMain - C:\WINDOWS\SYSTEM32\TPSMain.exe (TOSHIBA Corporation)
SmoothView - C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe (TOSHIBA Corporation)
Tvs - C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation)
NDSTray.exe - NDSTray.exe ()
dla - C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
IgfxTray - C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
HotKeysCmds - C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
TFncKy - TFncKy.exe ()
CFSServ.exe - CFSServ.exe ()
NuTCSetupEnviron - C:\PROGRA~1\RATIONAL\RATION~1\NUTCROOT\bin\ncoeenv.exe ()
DAEMON Tools-1033 - C:\Program Files\D-Tools\daemon.exe (DAEMON'S HOME)
QuickTime Task - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
WOOWATCH - C:\PROGRA~1\Wanadoo\Watch.exe (France Télécom R&D)
WOOTASKBARICON - C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe ()
MessengerPlus3 - C:\Program Files\MessengerPlus! 3\MsgPlus.exe (Patchou)
MPTBox - C:\Program Files\Canon\MultiPASS4\MPTBox.exe (Canon Inc.)
SunJavaUpdateSched - C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.)
VirtualCloneDrive - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
Babylon Client - C:\Program Files\Babylon\Babylon-Pro\Babylon.exe (Babylon Ltd.)
NeroFilterCheck - C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe (Nero AG)
Acrobat Assistant 7.0 - C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
AVG7_CC - C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe (GRISOFT, s.r.o.)
!ewido - C:\Program Files\ewido anti-spyware 4.0\ewido.exe (Anti-Malware Development a.s.)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
IMAIL Installed = 1
MAPI Installed = 1
MSFS Installed = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
CTFMON.EXE - C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
TOSCDSPD - C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe (TOSHIBA)
Eyeball Chat - C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe ()
MSMSGS - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MessengerPlus3 - C:\Program Files\MessengerPlus! 3\MsgPlus.exe (Patchou)
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe (Nero AG)
Yahoo! Pager - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
msnmsgr - C:\Program Files\MSN Messenger\msnmsgr.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]
>>> Startup Links <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\\Common Startup]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini ()
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Digital Image Monitor.lnk - C:\Program Files\Digital Image\Monitor.exe ()
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe ()
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000002}\SC_Acrobat.exe ()
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\\Startup]
C:\Documents and Settings\Yazman\Menu Démarrer\Programmes\Démarrage\desktop.ini ()
C:\Documents and Settings\Yazman\Menu Démarrer\Programmes\Démarrage\DKMessenger.lnk - C:\Program Files\DKware\DKMessenger\DKMessenger.exe ()
C:\Documents and Settings\Yazman\Menu Démarrer\Programmes\Démarrage\Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation)
C:\Documents and Settings\Yazman\Menu Démarrer\Programmes\Démarrage\WkCalRem.LNK - C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)
>>> MSConfig Disabled Items <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]
[All Users Startup Folder Disabled Items]
[Current User Startup Folder Disabled Items]
>>> User Agent Post Platform <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
\\SV1 -
>>> AppInit Dll's <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs]
>>> Image File Execution Options <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
\Your Image File Name Here without a path - Debugger = ntsd -d
>>> Shell Service Object Delay Load <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
\\PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
\\CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
\\WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\system32\webcheck.dll (Microsoft Corporation)
\\SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
\\UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} = C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)
>>> Shell Execute Hooks <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} - URL Exec Hook = shell32.dll (Microsoft Corporation)
\\{57B86673-276A-48B2-BAE7-C6DBB3020EB8} - CShellExecuteHookImpl Object = C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll (Anti-Malware Development a.s.)
>>> Shared Task Scheduler <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
\\{438755C2-A8BA-11D1-B96B-00A0C90312E1} - Pré-chargeur Browseui = %SystemRoot%\system32\browseui.dll (Microsoft Corporation)
\\{8C7461EF-2B13-11d2-BE35-3078302C2030} - Démon de cache des catégories de composant = %SystemRoot%\system32\browseui.dll (Microsoft Corporation)
>>> Winlogon <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
\\UserInit = C:\WINDOWS\system32\userinit.exe,
\\Shell = Explorer.exe
\\System =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
\crypt32chain - crypt32.dll = (Microsoft Corporation)
\cryptnet - cryptnet.dll = (Microsoft Corporation)
\cscdll - cscdll.dll = (Microsoft Corporation)
\igfxcui - igfxsrvc.dll = (Intel Corporation)
\ScCertProp - wlnotify.dll = (Microsoft Corporation)
\Schedule - wlnotify.dll = (Microsoft Corporation)
\sclgntfy - sclgntfy.dll = (Microsoft Corporation)
\SensLogn - WlNotify.dll = (Microsoft Corporation)
\termsrv - wlnotify.dll = (Microsoft Corporation)
\wlballoon - wlnotify.dll = (Microsoft Corporation)
>>> DNS Name Servers <<<
{01E58180-65A3-4DB5-B76D-F2711A038FFC} - ()
{28B1FF32-8123-4D7E-AE95-86CC5336B5A9} - (SMC ADSL2 Barricade)
-
Salut, merci pour ton aide
.J'ai pas trouvé ce que tu voulais que je supprimer (donc peut être déjà supprimés):
C:\WINDOWS\NDNUNI~1.EXEas tu bien éliminé le dossier suivant ?(si ce n'est pas fait, fais le!)=>
C:\Program Files\RXToolBar
(tant mieux peut être
)Voici le rapport de HiJackThis comme tu le voulais :
StartupList report, 18/09/2006, 18:07:07
StartupList version: 1.52.2
Started from : C:\Program Files\hijackthis\yazman.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Using default options
==================================================
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe
C:\WINDOWS\system32\nutsrv4.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Canon\MultiPASS4\MPTBox.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Digital Image\Monitor.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\hijackthis\yazman.exe
--------------------------------------------------
Listing of startup folders:
Shell folders Startup:
[C:\Documents and Settings\Yazman\Menu Démarrer\Programmes\Démarrage]
DKMessenger.lnk = C:\Program Files\DKware\DKMessenger\DKMessenger.exe
Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
WkCalRem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
Shell folders Common Startup:
[C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage]
Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
Digital Image Monitor.lnk = ?
DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
Lancement rapide d'Adobe Acrobat.lnk = ?
Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Apoint = C:\Program Files\Apoint2K\Apoint.exe
PadTouch = C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
LtMoh = C:\Program Files\ltmoh\Ltmoh.exe
AGRSMMSG = AGRSMMSG.exe
CeEKEY = C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
(Default) =
TPNF = C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
TOSHIBA Accessibility = C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
HWSetup = C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
SVPWUTIL = C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
Zooming = ZoomingHook.exe
TCtryIOHook = TCtrlIOHook.exe
TPSMain = TPSMain.exe
SmoothView = C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
Tvs = C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
NDSTray.exe = NDSTray.exe
dla = C:\WINDOWS\system32\dla\tfswctrl.exe
IgfxTray = C:\WINDOWS\system32\igfxtray.exe
HotKeysCmds = C:\WINDOWS\system32\hkcmd.exe
TFncKy = TFncKy.exe
CFSServ.exe = CFSServ.exe -NoClient
NuTCSetupEnviron = C:\PROGRA~1\RATIONAL\RATION~1\NUTCROOT\bin\ncoeenv.exe
DAEMON Tools-1033 = "C:\Program Files\D-Tools\daemon.exe" -lang 1033
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
WOOWATCH = C:\PROGRA~1\Wanadoo\Watch.exe
WOOTASKBARICON = C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
MessengerPlus3 = "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
MPTBox = C:\Program Files\Canon\MultiPASS4\MPTBox.exe
SunJavaUpdateSched = C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
VirtualCloneDrive = "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
Babylon Client = C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
NeroFilterCheck = C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
Acrobat Assistant 7.0 = "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
AVG7_CC = C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
!ewido = "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
CTFMON.EXE = C:\WINDOWS\system32\ctfmon.exe
TOSCDSPD = C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
Eyeball Chat = "C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe" -min
MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background
MessengerPlus3 = "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} = "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
Yahoo! Pager = "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
msnmsgr = "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
--------------------------------------------------
Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=C:\PROGRA~1\Picasa2\Picasa2.scr
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll - {02478D38-C3F9-4EFB-9B51-7695ECA05670}
(no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - C:\WINDOWS\system32\dla\tfswshx.dll - {5CA3D70E-1895-11CF-8E15-001234567890}
(no name) - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
(no name) - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll - {AE7CD045-E861-484f-8273-0445EE161910}
--------------------------------------------------
Enumerating Task Scheduler jobs:
Rappel d'enregistrement 2.job
Rappel d'enregistrement 3.job
--------------------------------------------------
Enumerating Download Program Files:
[shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\system32\macromed\Director\SwDir.dll
CODEBASE = http://download.macromedia.com/pub/shockwa...director/sw.cab
[YInstStarter Class]
InProcServer32 = C:\Program Files\Yahoo!\Common\yinsthelper.dll
CODEBASE = C:\Program Files\Yahoo!\Common\yinsthelper.dll
[{33564D57-9980-0010-8000-00AA00389B71}]
CODEBASE = http://download.microsoft.com/download/D/0...D0C/wmv9dmo.cab
[shockwave Flash Object]
InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx
CODEBASE = http://download.macromedia.com/pub/shockwa...ash/swflash.cab
[MSN Chat Control 4.5]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\MSNChat45.ocx
CODEBASE = http://chat.msn.com/controls/msnchat45.cab
--------------------------------------------------
Enumerating Winsock LSP files:
Protocol #7: C:\WINDOWS\system32\nutafun4.dll
Protocol #8: C:\WINDOWS\system32\nutafun4.dll
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll
UPnPMonitor: C:\WINDOWS\system32\upnpui.dll
--------------------------------------------------
End of report, 10 519 bytes
Report generated in 1,641 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
Voici le rapport de Panda :
Incident Statut Analyse
Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.tradedoubler.com/]
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.xiti.com/]
Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.advertising.com/]
Spyware:Cookie/Com.com No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.com.com/]
Spyware:Cookie/FastClick No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.fastclick.net/]
Spyware:Cookie/Tribalfusion No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/RealMedia No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.realmedia.com/]
Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.doubleclick.net/]
Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.bluestreak.com/]
Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/YieldManager No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[as1.falkag.de/]
Spyware:Cookie/Casalemedia No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.casalemedia.com/]
Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.mediaplex.com/]
Adware:Adware/nCase No Désinfecté C:\Documents and Settings\Yazman\Bureau\New QoS\EZ-Emoticons.exe[saap.exe]
Spyware:Spyware/New.net No Désinfecté C:\Documents and Settings\Yazman\Bureau\New QoS\Install-Animated-Emoticons.exe[sHNT288.exe]
Adware:Adware/WebHancer No Désinfecté C:\Documents and Settings\Yazman\Bureau\New QoS\Install-Animated-Emoticons.exe[wh.exe]
Adware:Adware/WebHancer No Désinfecté C:\Documents and Settings\Yazman\Bureau\New QoS\Install-Animated-Emoticons.exe[wh.exe][whAgent.inf]
Adware:Adware/WebHancer No Désinfecté C:\Documents and Settings\Yazman\Bureau\New QoS\Install-Animated-Emoticons.exe[wh.exe][whAgent.exe]
Adware:Adware/WebHancer No Désinfecté C:\Documents and Settings\Yazman\Bureau\New QoS\Install-Animated-Emoticons.exe[wh.exe][whInstaller.exe]
Adware:Adware/WebHancer No Désinfecté C:\Documents and Settings\Yazman\Bureau\New QoS\Install-Animated-Emoticons.exe[wh.exe][whSurvey.exe]
Adware:Adware/WebHancer No Désinfecté C:\Documents and Settings\Yazman\Bureau\New QoS\Install-Animated-Emoticons.exe[wh.exe][webhdll.dll]
Adware:Adware/WebHancer No Désinfecté C:\Documents and Settings\Yazman\Bureau\New QoS\Install-Animated-Emoticons.exe[wh.exe][whiehlpr.dll]
Adware:Adware/WinAD No Désinfecté C:\Documents and Settings\Yazman\Bureau\New QoS\Install-Animated-Emoticons.exe[MGW_SH.exe]
Pour l'autre (DiagHelp), j'ai pas pu de nouveau de le télécharger mais je vais réessayer.
Merci.
-
Bonjour,
voici le rapport d'Ewido :
---------------------------------------------------------
ewido anti-spyware - Scan-Bericht
---------------------------------------------------------
+ Erstellt um: 23:32:16 15/09/2006
+ Scan-Ergebnis:
C:\Documents and Settings\Yazman\Mes documents\cherif.medjeljeli\kazaa_setup.exe -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Documents and Settings\Yazman\Mes documents\cherif.medjeljeli\kazaa_setup2.exe -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\ceva_vfs.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\ceva_vfs.cvd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.ivd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.rvd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cran.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cran.ivd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\emalware.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\emalware.ivd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\html.xmd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\jpeg.xmd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mdx_97.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mdx_97.ivd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\nelf.cvd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\sdx.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\sdx.ivd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\unpack.cvd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\unpack.ivd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Classes\ADM25.ADM25 -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Classes\ADM25.ADM25.1 -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Classes\ADM25.ADM25\CurVer -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Classes\ADM4.ADM4 -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Classes\ADM4.ADM4.1 -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Classes\ADM4.ADM4\CurVer -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Classes\TopSearch.TSLink -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Classes\TopSearch.TSLink.1 -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Classes\TopSearch.TSLink\CLSID -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Classes\TopSearch.TSLink\CurVer -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Microsoft\VisualStudio\Analyzer\Events\{6C736D71-BCBF-11D0-8A23-00AA00B58E10} -> Adware.CoolWebSearch : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\WINDOWS\system32\AdCache -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\WINDOWS\system32\AdCache\B_329_0_0_106800.htm -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\WINDOWS\system32\AdCache\B_329_0_0_107400.htm -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\WINDOWS\system32\AdCache\B_329_1_0_449200.gif -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\WINDOWS\system32\AdCache\B_329_1_0_449600.gif -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\WINDOWS\system32\AdCache\B_329_1_0_454300.gif -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\WINDOWS\system32\AdCache\B_329_2_0_106800.htm -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\WINDOWS\system32\AdCache\B_329_2_0_107400.htm -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\WINDOWS\system32\AdCache\B_329_3_0_106800.htm -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\WINDOWS\system32\AdCache\B_329_3_0_107400.htm -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\WINDOWS\system32\AdCache\B_329_4_0_111600.htm -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\WINDOWS\system32\AdCache\B_329_4_0_152400.htm -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\WINDOWS\system32\AdCache\B_329_4_0_155300.htm -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\WINDOWS\system32\AdCache\B_329_4_0_164100.htm -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0\Level_0 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0\Level_0\Seqn_1068 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0\Seqn_4492 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0\Seqn_4496 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0\Seqn_4543 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2\Level_0 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2\Level_0\Seqn_1068 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3\Level_0 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3\Level_0\Seqn_1068 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0\Seqn_1116 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0\Seqn_1524 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0\Seqn_1553 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0\Seqn_1641 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Services -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Services\Queue -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Services\Status -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Gator.com -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Gator.com\AppInfo -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Gator.com\CMEII -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Gator.com\Gator -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Gator.com\Gator\dyn -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_gs -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Gator.com\trickles -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Gator.com\trickles\TRICKLER_6106 -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Gator.com\trickles\TRICKLER_6106\Trickler -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Gator.com\trickles\TRICKLER_6106\Trickler\trickle.gator.com:80/download/trickler6.cfg -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Gator.com\trickles\Trickle Thread -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Gator.com\trickles\Trickle Thread\cmeii -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Gator.com\trickles\Trickle Thread\cmeii\gatorcme.gator.com:80/gatorcme/appsenc/gotsmiley_appver2105_libver2101.zip -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Classes\instafink.INSTAFINK -> Adware.InstaFinder : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Classes\instafink.INSTAFINK\Clsid -> Adware.InstaFinder : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Mit Backup gesäubert (unter Quarantäne gestellt).
[1148] C:\WINDOWS\NDNUNI~1.EXE -> Adware.NewDotNet : Fehler während der Säuberung.
[1232] C:\WINDOWS\NDNUNI~1.EXE -> Adware.NewDotNet : Fehler während der Säuberung.
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer -> Adware.P2PNetworking : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer.1 -> Adware.P2PNetworking : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer\CLSID -> Adware.P2PNetworking : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer\CurVer -> Adware.P2PNetworking : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\WINDOWS\system32\WebP2PInstaller.dl$ -> Adware.PeerNet : Mit Backup gesäubert (unter Quarantäne gestellt).
HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\whInstall -> Adware.Webhancer : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\whInstall\whAgent.inf -> Adware.Webhancer : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Program Files\whInstall\whInstaller.ini -> Adware.Webhancer : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\webHancer -> Adware.WebHancer : Mit Backup gesäubert (unter Quarantäne gestellt).
HKLM\SOFTWARE\webHancer\CC -> Adware.WebHancer : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.863:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.2o7 : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.89:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.2o7 : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.934:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.2o7 : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.188:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Adbrite : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.189:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Adbrite : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.771:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Adjuggler : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.772:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Adjuggler : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.161:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Adtech : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.162:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Adtech : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.103:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Atdmt : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.100:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Bluestreak : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.19:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Doubleclick : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.196:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Estat : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.428:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Etracker : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.76:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Falkag : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.77:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Falkag : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.78:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Falkag : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.79:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Falkag : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.80:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Falkag : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.81:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Falkag : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.185:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Fastclick : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.186:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Fastclick : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.881:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Hitbox : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.18:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Ivwbox : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.761:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Liveperson : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.112:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Mediaplex : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.962:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Need2find : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.662:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Onestat : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.665:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Onestat : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.666:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Onestat : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.667:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Onestat : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.668:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Onestat : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.669:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Onestat : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.145:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Overture : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.146:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Overture : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.147:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Overture : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.115:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Popularix : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.816:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Qksrv : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.817:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Qksrv : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.822:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Questionmarket : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.823:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Questionmarket : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.767:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Revenue : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.116:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Serving-sys : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.117:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Serving-sys : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.118:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Serving-sys : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.119:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Serving-sys : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.120:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Serving-sys : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.633:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Sitestat : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.639:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Sitestat : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.763:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Sitestat : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.164:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Smartadserver : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.165:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Smartadserver : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.166:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Smartadserver : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.167:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Smartadserver : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.168:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Smartadserver : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.648:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Spylog : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.211:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Starware : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.634:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.635:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.636:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.637:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.638:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.640:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.641:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.644:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.645:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.646:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.652:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.656:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.657:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.658:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.679:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.680:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.681:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.682:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.683:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.696:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.642:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Tacoda : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.643:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Tacoda : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.711:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Targetnet : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.39:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Tradedoubler : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.40:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Tradedoubler : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.41:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Tradedoubler : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.42:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Tradedoubler : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.43:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Tradedoubler : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.580:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Trafficcenter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.581:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Trafficcenter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.582:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Trafficcenter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.583:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Trafficcenter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.584:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Trafficcenter : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.569:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Trafic : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.599:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Tribalfusion : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.557:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Valueclick : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.592:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Valueclick : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.718:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Valueclick : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.753:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Valueclick : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.558:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Web-stat : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.559:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Web-stat : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.577:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Web-stat : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.578:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Web-stat : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.579:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Web-stat : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.124:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Weborama : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.125:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Weborama : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.126:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Weborama : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.127:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Weborama : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.128:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Weborama : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.632:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Webtrendslive : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.226:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Yadro : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.230:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Yadro : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.239:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Zedo : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.240:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Zedo : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.246:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Zedo : Mit Backup gesäubert (unter Quarantäne gestellt).
::Berichtende
Voici le rapport de HiJackThis (je l'ai renommé en yazman):
Logfile of HijackThis v1.99.1
Scan saved at 23:45:25, on 15/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe
C:\WINDOWS\system32\nutsrv4.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Canon\MultiPASS4\MPTBox.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Digital Image\Monitor.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\hijackthis\yazman.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.tn/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo / Internet avec Planet Tunisie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [NuTCSetupEnviron] C:\PROGRA~1\RATIONAL\RATION~1\NUTCROOT\bin\ncoeenv.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [MPTBox] C:\Program Files\Canon\MultiPASS4\MPTBox.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [Eyeball Chat] "C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe" -min
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: DKMessenger.lnk = C:\Program Files\DKware\DKMessenger\DKMessenger.exe
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Startup: WkCalRem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Image Monitor.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Enterprise\Add_UrlO.htm
O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Enterprise\Add_AllO.htm
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7B856455-4B25-4709-8077-7870CEF040CB}: NameServer = 193.95.122.40 193.95.93.77
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: NuTCRACKER Service (NuTCRACKERService) - DataFocus, Inc. - C:\WINDOWS\system32\nutsrv4.exe
O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe (file missing)
Concernant le rapport de DiagHelp, le site ne voulait pas s'ouvrir pas chez moi. Si c'est nécessaire je t'envoyerai par un mp mon mail et tu pourras si tu as le temps et l'envis de m'envoyer le zip
.Merci en tout cas pour l'aide.
-
Merci, très sympa.
-
Salut, j'ai effectué les 4 phases que vous avez conseillé et voilà le rapport que j'ai obtenu de la part de Hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 14:36:39, on 15/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\WINDOWS\system32\nutsrv4.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\webHancer\Programs\whAgent.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\TBONBin\tbon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.tn/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo / Internet avec Planet Tunisie
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [NuTCSetupEnviron] C:\PROGRA~1\RATIONAL\RATION~1\NUTCROOT\bin\ncoeenv.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [instaFinderK] C:\Program Files\INSTAFINK\InstaFinderK_inst.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [MPTBox] C:\Program Files\Canon\MultiPASS4\MPTBox.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [webHancer Agent] "C:\Program Files\webHancer\Programs\whAgent.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [semanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [tbon] C:\Program Files\TBONBin\tbon.exe /r
O4 - HKCU\..\Run: [Eyeball Chat] "C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe" -min
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Startup: DKMessenger.lnk = C:\Program Files\DKware\DKMessenger\DKMessenger.exe
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Startup: WkCalRem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Image Monitor.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Enterprise\Add_UrlO.htm
O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Enterprise\Add_AllO.htm
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by WebHancer
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: NuTCRACKER Service (NuTCRACKERService) - DataFocus, Inc. - C:\WINDOWS\system32\nutsrv4.exe
O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe
J'espère que vous pouvez m'aider
. Merci. -
Merci, je vais faire les 4 phases
-
Salut,
Depuis ce matin, j'ai des problèmes avec la vitesse de ma connexion. En effet, normalement la vitesse est de 262 Kb/s or cette vitesse n'est jamais atteinte (max jusqu'à 104 Kb/o). Malgré qu'elle fonctionnait tout le temps normal.
Notons que depuis hier, j'ai eu la visite de trojans download.zobler et un autre generic2.(qlq chose). AVG me l'a signalé et il les a effacé mais à chaque fois que je me connactais, ils réapparaissent. Ce problème a été résolu (je le crois), j'ai désinstallé beaucoup de programmes (peers to peers) et j'ai installé Trojan Remover.
En tout cas, je crains que ces 2 actions ont une relation.
J'espère que vous avez compris mon problème : débit très bas et que vous pouvez m'aider.
Merci.
Rapport hijackthis
dans Analyses et éradication malwares
Posté(e)
Merci et grâce à toi, je suis tombé amoureux
de ce site que je ne connaissais pas aupparavant.