Infecté par win32/cryptexe
cricri50
Messages postés
1
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
je n'arrive pas a me debarasser de ce virus
est ce que quelqu'un peut m'aider merci
Logfile of HijackThis v1.99.1
Scan saved at 21:01:18, on 13/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\MainSoft\PC TimeWatch\PTWsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\CNYHKey.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\PRISMSTA.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ONSPEED\onspeedcore.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\DitExp.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\program files\mailskinner\mailskinner.exe
C:\Program Files\Ashampoo\Ashampoo WinOptimizer Platinum 3\PopUpKiller.exe
C:\Program Files\ONSPEED\onspeedgui.exe
C:\Program Files\MainSoft\PC TimeWatch\PctwTI.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Christophe\Bureau\Nouveau dossier\HijackThis(2).exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sosconnexion.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.aldi.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5405
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\ONSPEED\PBHelper.dll
O2 - BHO: IE PopUp-Killer - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\ONSPEED\components\NOWImaging.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O3 - Toolbar: ONSPEED - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Program Files\ONSPEED\Toolband.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\ONSPEED\onspeedcore.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ASync] syshlp.exe
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [ElbyCheckAnyDVD] "C:\Program Files\SlySoft\AnyDVD\ElbyCheck.exe" /L AnyDVD
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe
O4 - HKCU\..\Run: [Ashampoo PopUpBlocker] C:\Program Files\Ashampoo\Ashampoo WinOptimizer Platinum 3\PopUpKiller.exe
O4 - Global Startup: ONSPEED.lnk = C:\Program Files\ONSPEED\onspeedgui.exe
O4 - Global Startup: PC TimeWatch Tray Icon.lnk = C:\Program Files\MainSoft\PC TimeWatch\PctwTI.exe
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Montrer l'Image Originale - res://C:\Program Files\ONSPEED\gui_resource.dll/328
O8 - Extra context menu item: Montrer toutes les Images originales - res://C:\Program Files\ONSPEED\gui_resource.dll/327
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Translate - {87680762-4A83-11B4-885B-0000E8ECA40F} - C:\Program Files\LingoCom\Translator.lnk
O9 - Extra 'Tools' menuitem: LingoWare Translator... - {87680762-4A83-11B4-885B-0000E8ECA40F} - C:\Program Files\LingoCom\Translator.lnk
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.aldi.com/
O16 - DPF: {1CD4E2DC-2DA0-4154-8723-38CB04FB6A58} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1062_XP.cab
O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) - http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/06515a6300000e48c405/netzip/RdxIE601_fr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B315CA99-F466-4822-B29C-CA3F6A19169A}: NameServer = 194.117.200.10 194.117.200.15
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: PCTimeWatch (PTWsvc) - MainSoft - C:\Program Files\MainSoft\PC TimeWatch\PTWsvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
est ce que quelqu'un peut m'aider merci
Logfile of HijackThis v1.99.1
Scan saved at 21:01:18, on 13/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\MainSoft\PC TimeWatch\PTWsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\CNYHKey.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\PRISMSTA.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ONSPEED\onspeedcore.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\DitExp.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\program files\mailskinner\mailskinner.exe
C:\Program Files\Ashampoo\Ashampoo WinOptimizer Platinum 3\PopUpKiller.exe
C:\Program Files\ONSPEED\onspeedgui.exe
C:\Program Files\MainSoft\PC TimeWatch\PctwTI.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Christophe\Bureau\Nouveau dossier\HijackThis(2).exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sosconnexion.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.aldi.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5405
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\ONSPEED\PBHelper.dll
O2 - BHO: IE PopUp-Killer - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\ONSPEED\components\NOWImaging.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O3 - Toolbar: ONSPEED - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Program Files\ONSPEED\Toolband.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\ONSPEED\onspeedcore.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ASync] syshlp.exe
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [ElbyCheckAnyDVD] "C:\Program Files\SlySoft\AnyDVD\ElbyCheck.exe" /L AnyDVD
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe
O4 - HKCU\..\Run: [Ashampoo PopUpBlocker] C:\Program Files\Ashampoo\Ashampoo WinOptimizer Platinum 3\PopUpKiller.exe
O4 - Global Startup: ONSPEED.lnk = C:\Program Files\ONSPEED\onspeedgui.exe
O4 - Global Startup: PC TimeWatch Tray Icon.lnk = C:\Program Files\MainSoft\PC TimeWatch\PctwTI.exe
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Montrer l'Image Originale - res://C:\Program Files\ONSPEED\gui_resource.dll/328
O8 - Extra context menu item: Montrer toutes les Images originales - res://C:\Program Files\ONSPEED\gui_resource.dll/327
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Translate - {87680762-4A83-11B4-885B-0000E8ECA40F} - C:\Program Files\LingoCom\Translator.lnk
O9 - Extra 'Tools' menuitem: LingoWare Translator... - {87680762-4A83-11B4-885B-0000E8ECA40F} - C:\Program Files\LingoCom\Translator.lnk
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.aldi.com/
O16 - DPF: {1CD4E2DC-2DA0-4154-8723-38CB04FB6A58} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1062_XP.cab
O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) - http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/06515a6300000e48c405/netzip/RdxIE601_fr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B315CA99-F466-4822-B29C-CA3F6A19169A}: NameServer = 194.117.200.10 194.117.200.15
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: PCTimeWatch (PTWsvc) - MainSoft - C:\Program Files\MainSoft\PC TimeWatch\PTWsvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
A voir également:
- Infecté par win32/cryptexe
- Puabundler win32 rostpay ✓ - Forum Antivirus
- Puadimanager win32/offercore ✓ - Forum Virus
- PUADlManager:Win32/OfferCore ✓ - Forum Virus
- Trojan win32 - Forum Virus
- Télécharger win32 valide pour windows 7 gratuit ✓ - Forum Réseaux sociaux
2 réponses
Salut,
désinstalle MailSkinner il contient des salopries.
Désactive le pare-feu de Windows(SP2) car il ne sert à rien et installe celui-ci à la place pour plus de sécurité
Kerio: (pare-feu, qui reste gratuit après la periode d'essai!)
Kerio Personal Firewall
-tutorial: pour configurer et comprendre l'utilisation de Kerio
https://kerio.probb.fr/
Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système et colle le rapport ici avec un nouveau rapport hijackthis
Ewido: (reste gratuit après la période d'essai)
Télécharger Ewido Security Suite
A++
désinstalle MailSkinner il contient des salopries.
Désactive le pare-feu de Windows(SP2) car il ne sert à rien et installe celui-ci à la place pour plus de sécurité
Kerio: (pare-feu, qui reste gratuit après la periode d'essai!)
Kerio Personal Firewall
-tutorial: pour configurer et comprendre l'utilisation de Kerio
https://kerio.probb.fr/
Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système et colle le rapport ici avec un nouveau rapport hijackthis
Ewido: (reste gratuit après la période d'essai)
Télécharger Ewido Security Suite
A++
Salut,
malheuresement, non, Ewido est en Anglais/Allemand pas d'autre choix..
Refais un scan complet de ton Pc avec Ewido une fois qu'il a finit choisis "delete" si tu veux traduire quelques mots pour mieux comprendre, fais la traduction ici
https://translate.google.com/
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [ElbyCheckAnyDVD] "C:\Program Files\SlySoft\AnyDVD\ElbyCheck.exe" /L AnyDVD
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O16 - DPF: {1CD4E2DC-2DA0-4154-8723-38CB04FB6A58} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1062_XP.cab
O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) - http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/06515a6300000e48c405/netzip/RdxIE601_fr.cab
Pour ce qui est de AVG c'est psa le top préfere lui Avast qui est en français ;-)
Fais ce nettoyage: (à faire réguliérement)
¤Telecharges et installes ceci:
CCleaner:
Télécharger Ccleaner
dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes
¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"
A++
malheuresement, non, Ewido est en Anglais/Allemand pas d'autre choix..
Refais un scan complet de ton Pc avec Ewido une fois qu'il a finit choisis "delete" si tu veux traduire quelques mots pour mieux comprendre, fais la traduction ici
https://translate.google.com/
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [ElbyCheckAnyDVD] "C:\Program Files\SlySoft\AnyDVD\ElbyCheck.exe" /L AnyDVD
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O16 - DPF: {1CD4E2DC-2DA0-4154-8723-38CB04FB6A58} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1062_XP.cab
O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) - http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/06515a6300000e48c405/netzip/RdxIE601_fr.cab
Pour ce qui est de AVG c'est psa le top préfere lui Avast qui est en français ;-)
Fais ce nettoyage: (à faire réguliérement)
¤Telecharges et installes ceci:
CCleaner:
Télécharger Ccleaner
dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes
¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"
A++
merci pour ton aide, j'ai fais ce que tu m'as conseillé
faut il que je change d'antivirus , j'ai cru comprendre que avast etait plus efficace que avg
est ce que ewindo existe en francais ?---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 14:36:36 17/09/2006
+ Scan result:
HKLM\SOFTWARE\Classes\WUSN.1 -> Adware.SaveNow : No action taken.
HKU\S-1-5-21-145945795-1721041148-2569398772-1008\Software\WhenU -> Adware.SaveNow : No action taken.
HKU\S-1-5-21-145945795-1721041148-2569398772-1008\Software\WhenU\Weather -> Adware.SaveNow : No action taken.
:mozilla.11:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.12:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.13:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
C:\Documents and Settings\Christophe\Cookies\christophe@247realmedia[1].txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.124:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.125:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.62:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.64:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.65:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.53:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.54:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.70:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.71:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.79:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.80:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.193:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.194:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.195:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.24:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.25:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.26:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.116:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.13:C:\Documents and Settings\Alix\Application Data\Mozilla\Firefox\Profiles\070fitkh.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.17:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Alexis\Cookies\alexis@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.44:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.48:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.49:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\Alexis\Cookies\alexis@bluestreak[1].txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.230:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.205:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Casinotropez : No action taken.
:mozilla.53:C:\Documents and Settings\Alix\Application Data\Mozilla\Firefox\Profiles\070fitkh.default\cookies.txt -> TrackingCookie.Casinotropez : No action taken.
:mozilla.88:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Clickbank : No action taken.
:mozilla.38:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Comclick : No action taken.
:mozilla.39:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Comclick : No action taken.
:mozilla.40:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Comclick : No action taken.
:mozilla.45:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Comclick : No action taken.
:mozilla.46:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Comclick : No action taken.
:mozilla.47:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Comclick : No action taken.
:mozilla.81:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Comclick : No action taken.
:mozilla.82:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Comclick : No action taken.
:mozilla.83:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Comclick : No action taken.
:mozilla.10:C:\Documents and Settings\Alix\Application Data\Mozilla\Firefox\Profiles\070fitkh.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.14:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.22:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\kxkphdg5.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.47:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.96:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Christophe\Cookies\christophe@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.162:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\kxkphdg5.default\cookies.txt -> TrackingCookie.Estat : No action taken.
:mozilla.21:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Estat : No action taken.
:mozilla.48:C:\Documents and Settings\Alix\Application Data\Mozilla\Firefox\Profiles\070fitkh.default\cookies.txt -> TrackingCookie.Estat : No action taken.
:mozilla.227:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.115:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\kxkphdg5.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.12:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.14:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.152:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\kxkphdg5.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.156:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\kxkphdg5.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.18:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.40:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.54:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.55:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.89:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.111:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.112:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.113:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.114:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Christophe\Cookies\christophe@ehg-sybaseinc.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Christophe\Cookies\christophe@hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.116:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.117:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.91:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.92:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.93:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.112:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\kxkphdg5.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.51:C:\Documents and Settings\Alix\Application Data\Mozilla\Firefox\Profiles\070fitkh.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.51:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.97:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.19:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.20:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.118:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.123:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.15:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\kxkphdg5.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.16:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\kxkphdg5.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.17:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\kxkphdg5.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.18:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\kxkphdg5.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.178:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.179:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.180:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.41:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.42:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.43:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.6:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.8:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.9:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
C:\Documents and Settings\Alexis\Cookies\alexis@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.10:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.7:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.9:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.223:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.224:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.28:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.34:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.35:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.36:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.37:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.38:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.40:C:\Documents and Settings\Alix\Application Data\Mozilla\Firefox\Profiles\070fitkh.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
C:\Documents and Settings\Christophe\Cookies\christophe@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.28:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Valueclick : No action taken.
:mozilla.29:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Valueclick : No action taken.
:mozilla.11:C:\Documents and Settings\Alix\Application Data\Mozilla\Firefox\Profiles\070fitkh.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.12:C:\Documents and Settings\Alix\Application Data\Mozilla\Firefox\Profiles\070fitkh.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.199:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.200:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.23:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.35:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.36:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.37:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\nzu3n9qs.Utilisateur par défaut\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.56:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\kxkphdg5.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.57:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\kxkphdg5.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.58:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\kxkphdg5.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
C:\Documents and Settings\Alexis\Cookies\alexis@weborama[2].txt -> TrackingCookie.Weborama : No action taken.
:mozilla.140:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.141:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.262:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.132:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Yadro : No action taken.
:mozilla.133:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Yadro : No action taken.
:mozilla.168:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.169:C:\Documents and Settings\Alexis\Application Data\Mozilla\Firefox\Profiles\fzfzse1g.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.26:C:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\d31iw048.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.51:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\kxkphdg5.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.52:C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\kxkphdg5.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
::Report end
Logfile of HijackThis v1.99.1
Scan saved at 14:43:11, on 17/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\MainSoft\PC TimeWatch\PTWsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\CNYHKey.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\DitExp.exe
C:\WINDOWS\system32\PRISMSTA.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ONSPEED\onspeedcore.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\ONSPEED\onspeedgui.exe
C:\Program Files\MainSoft\PC TimeWatch\PctwTI.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Christophe\Bureau\Nouveau dossier\HijackThis(2).exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sosconnexion.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.aldi.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\ONSPEED\PBHelper.dll
O2 - BHO: IE PopUp-Killer - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\ONSPEED\components\NOWImaging.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O3 - Toolbar: ONSPEED - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Program Files\ONSPEED\Toolband.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\ONSPEED\onspeedcore.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ASync] syshlp.exe
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [ElbyCheckAnyDVD] "C:\Program Files\SlySoft\AnyDVD\ElbyCheck.exe" /L AnyDVD
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe
O4 - HKCU\..\Run: [Ashampoo PopUpBlocker] C:\Program Files\Ashampoo\Ashampoo WinOptimizer Platinum 3\PopUpKiller.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ONSPEED.lnk = C:\Program Files\ONSPEED\onspeedgui.exe
O4 - Global Startup: PC TimeWatch Tray Icon.lnk = C:\Program Files\MainSoft\PC TimeWatch\PctwTI.exe
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Translate - {87680762-4A83-11B4-885B-0000E8ECA40F} - C:\Program Files\LingoCom\Translator.lnk
O9 - Extra 'Tools' menuitem: LingoWare Translator... - {87680762-4A83-11B4-885B-0000E8ECA40F} - C:\Program Files\LingoCom\Translator.lnk
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.aldi.com/
O16 - DPF: {1CD4E2DC-2DA0-4154-8723-38CB04FB6A58} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1062_XP.cab
O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) - http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/06515a6300000e48c405/netzip/RdxIE601_fr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B315CA99-F466-4822-B29C-CA3F6A19169A}: NameServer = 194.117.200.10 194.117.200.15
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: PCTimeWatch (PTWsvc) - MainSoft - C:\Program Files\MainSoft\PC TimeWatch\PTWsvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe