Sujet Précédent Sujet Suivant

Problemen virus

siisii17 -  
 Utilisateur anonyme -
Bonjour,
probleme pub qui s'ouvre toute seule sur internet voici

mon rapport HijackThis v2.0.2
Scan saved at 20:04:38, on 03/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Acer\Empowering Technology\awServ.exe
C:\WINDOWS\vphc600.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\windows\system\t.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\NTR global\NTRconnect\NTRconnect.exe
C:\Program Files\Trust\Trust MD3100 USB ADSL MODEM\CnxDslTb.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\svchost.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Acer\Empowering Technology\awtray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\SPC 600NC PC Camera\TrayMin.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Call HoverToCall class - {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Program Files\MSN Messenger\htc.8.1.0178.00.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [phc600] C:\WINDOWS\vphc600.exe
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\Trust\Trust MD3100 USB ADSL MODEM\CnxDslTb.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [AdminWorks Tray] "C:\Acer\Empowering Technology\awtray.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: TrayMin.lnk = ?
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AdminWorks Agent X6 (AWService) - OSA Technologies Inc., An Avocent Company - C:\Acer\Empowering Technology\awServ.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: d - Unknown owner - c:\windows\system\t.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NTRconnect (ntrconnect) - Net Transmit & Receive - C:\Program Files\NTR global\NTRconnect\NTRconnect.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

mon rapport Anti-Spyware

Ad-Aware 2007 Build
Log File Created on: 2008-09-04 19:44:59
Using Definitions File: C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware 2007\core.aawdef
Computer name: ACER-C0C61A7A2A
Name of user performing scan: SYSTEM

System information
===========================
Number of processors: 2
Processor type: Intel(R) Pentium(R) 4 CPU 2.80GHz
Memory Available: 15%
Total Physical Memory: 401977344 Bytes
Available Physical Memory: 58900480 Bytes
Total Page File Size: 965779456 Bytes
Available On Page File: 267964416 Bytes
Total Virtual Memory: 2147352576 Bytes
Available Virtual Memory: 1994539008 Bytes
OS: Microsoft Windows XP Service Pack 2 (Build 2600)

Ad-Aware 2007 Settings
===========================
Skipping files larger than 1048576 kB
Ignoring infections with lower TAI than: 3

Extended Ad-Aware 2007 Settings
===========================
Unloading known modules during scan
Ignoring spanned files when scanning cab archives
Reanalyzing results after scanning before displaying results
Trying to unload modules prior to removal
Let Windows remove files currently in use at next reboot
Removing quarantined objects after restore
Deactivating Ad-Watch during scans
Writeprotecting system files after repairs
Include info about ignored objects in log file
Including basic settings in log file
Including advanced settings in log file
Including user and computer name in log file
Create and save WebUpdate log file

Databaseinfo
===========================
Version number: 31
Build Number: 0
Build Date and Time: 2007/11/05 09:13:33

Scan Statistics
===========================
Method: Smart
Scan tracking cookies.............................: On
Scan ADS filestreams..............................: Off

Item Scanned: 121137
Infections Detected: 0
Infections Ignored: 2

Scan detailed statistics
===========================
Type Critical Total
Process Scan....: 0 0
Registry Scan...: 0 0
Registry PE Scan: 0 0
Hosts File Scan.: 0 0
File Scan.......: 0 0
Folder Scan.....: 0 0
LSP Scan........: 0 0
ADS Scan........: 0 0
Cookie Scan.....: 0 0
File Hash Scan..: 0 0

Infections Found
===========================

Items Ignored During Scan
===========================
Family Id: 725 Name: Tracking Cookie Category: DataMiner TAI:3
Item Id: 600000225 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\jj\Cookies\index.dat weborama.fr AFFICHE_W /
Item Id: 600000142 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\jj\Cookies\index.dat estat.com e /
Item Id: 600000212 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\jj\Cookies\index.dat msnportal.112.2o7.net s_vi /
Item Id: 600000179 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\jj\Cookies\index.dat atdmt.com AA002 /
Item Id: 600000173 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\jj\Cookies\index.dat bluestreak.com id /
Item Id: 600000144 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\jj\Cookies\index.dat doubleclick.net test_cookie /
Item Id: 600000225 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt weborama.fr aimfarcapping /
Item Id: 600000225 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt weborama.fr AFFICHE_W /
Item Id: 600000225 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt weborama.fr wous /
Item Id: 600000234 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt tradedoubler.com TD_POOL /
Item Id: 600000234 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt tradedoubler.com TD_UNIQUE_IMP /
Item Id: 600000234 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt tradedoubler.com TD_PIC /
Item Id: 600000173 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt bluestreak.com id /
Item Id: 600000101 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt overture.com CMUserData /
Item Id: 600000142 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt estat.com e /
Item Id: 600000295 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt adtech.de JEB2 /
Item Id: 600000138 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt fastclick.net pop /
Item Id: 600000138 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt fastclick.net pjw /
Item Id: 600000447 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt apmebf.com S /
Item Id: 600000138 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt fastclick.net adv_ic /
Item Id: 600000138 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt fastclick.net pluto /
Item Id: 600000179 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt atdmt.com AA002 /
Item Id: 600000001 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt smartadserver.com pid /
Item Id: 600000001 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt smartadserver.com pbw /
Item Id: 600000001 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt smartadserver.com TestIfCookieP /
Item Id: 600000001 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt smartadserver.com pbwmaj /
Item Id: 600000201 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt media.adrevolver.com uid /adrevolver/
Item Id: 600000201 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt media.adrevolver.com gai /adrevolver/
Item Id: 600000201 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt media.adrevolver.com freq /adrevolver/
Item Id: 600000201 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt adrevolver.com prefs /
Item Id: 600000201 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt media.adrevolver.com BIGipServerar-slave /
Item Id: 600000201 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt media.adrevolver.com adrevid /
Item Id: 600000144 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt doubleclick.net id /
Item Id: 600000408 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt serving-sys.com E2 /
Item Id: 600000408 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt serving-sys.com D3 /
Item Id: 600000408 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt serving-sys.com C3 /
Item Id: 600000408 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt serving-sys.com B2 /
Item Id: 600000408 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt serving-sys.com A2 /
Item Id: 600000408 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt serving-sys.com U /
Item Id: 600000171 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt bs.serving-sys.com eyeblaster /
Item Id: 600000083 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt 247realmedia.com RMFD /
Item Id: 600000083 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt 247realmedia.com RMID /
Item Id: 600000083 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt 247realmedia.com pixmania /
Item Id: 600000083 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt 247realmedia.com orangepav /
Item Id: 600000293 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt adviva.net ansv4_uid /
Item Id: 600000263 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt mediaplex.com svid /
Item Id: 600000187 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt advertising.com F1 /
Item Id: 600000187 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt advertising.com ACID /
Item Id: 600000187 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt advertising.com ROLL /
Item Id: 600000187 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt advertising.com BASE /
Item Id: 600000212 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt msnaccountservices.112.2o7.net s_vi /
Item Id: 600000126 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt hitbox.com CTG /
Item Id: 600000460 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt ad.yieldmanager.com ih /
Item Id: 600000126 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt hitbox.com WSS_GW /
Item Id: 600000126 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt ehg-veohnetworksinc.hitbox.com DM561110FDDNV6 /
Item Id: 600000460 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt ad.yieldmanager.com uid /
Item Id: 600000460 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt ad.yieldmanager.com fl_inst /
Item Id: 600000050 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt tribalfusion.com ANON_ID /
Item Id: 600000513 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt adbrite.com Apache /
Item Id: 600000513 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt adbrite.com b /
Item Id: 600000392 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt web-stats.org wso_6117 /
Item Id: 600000363 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt fl01.ct2.comclick.com CKA /
Item Id: 600000363 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt fl01.ct2.comclick.com comTrackIdSurfeur /
Item Id: 600000363 Value: Browser: Firefox Cookie: C:\Documents and Settings\jj\Application Data\Mozilla\Firefox\Profiles/gxri9w5e.default\cookies.txt fl01.ct2.comclick.com CKA_SIZE /
Family Id: 9999 Name: MRU Object Category: MRU Object TAI:0
Item Id: 1 Value: MRU Path: C:\Documents and Settings\jj\Recent Count: 38
Item Id: 3 Value: MRU Registry Key: S-1-5-21-3256499087-3372281932-2171129266-1005\Software\Microsoft\Internet Explorer\TypedURLs Count: 1
Item Id: 2 Value: MRU Registry Key: S-1-5-21-3256499087-3372281932-2171129266-1005\Software\Microsoft\Search Assistant\ACMru\5603 Count: 1

Listing of running processes
===========================
C:\WINDOWS\SYSTEM32\SMSS.EXE
c:\windows\system32\smss.exe

c:\windows\system32\ntdll.dll

C:\WINDOWS\SYSTEM32\CSRSS.EXE
c:\windows\system32\csrss.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\csrsrv.dll

c:\windows\system32\basesrv.dll

c:\windows\system32\winsrv.dll

c:\windows\system32\user32.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\lpk.dll

c:\windows\system32\usp10.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\sxs.dll

C:\WINDOWS\SYSTEM32\WINLOGON.EXE
c:\windows\system32\winlogon.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\authz.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\nddeapi.dll

c:\windows\system32\profmap.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\userenv.dll

c:\windows\system32\psapi.dll

c:\windows\system32\regapi.dll

c:\windows\system32\secur32.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\version.dll

c:\windows\system32\winsta.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\imm32.dll

c:\windows\system32\lpk.dll

c:\windows\system32\usp10.dll

c:\windows\system32\msgina.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\odbc32.dll

c:\windows\system32\comdlg32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\odbcint.dll

c:\windows\system32\shsvcs.dll

c:\windows\system32\sfc.dll

c:\windows\system32\sfc_os.dll

c:\windows\system32\ole32.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\winscard.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\sxs.dll

c:\windows\system32\winmm.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\ati2evxx.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\catsrvut.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\mfcsubs.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\mpr.dll

c:\windows\system32\msi.dll

c:\windows\system32\cabinet.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\catsrv.dll

c:\windows\system32\comsvcs.dll

c:\windows\system32\mtxclu.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\colbact.dll

c:\windows\system32\clusapi.dll

c:\windows\system32\resutils.dll

c:\windows\system32\cscdll.dll

c:\windows\system32\wlnotify.dll

c:\windows\system32\winspool.drv

c:\windows\system32\wgalogon.dll

c:\windows\system32\ntmarta.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\samlib.dll

c:\windows\system32\winhttp.dll

c:\windows\system32\msv1_0.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\cscui.dll

c:\windows\system32\mprapi.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\atl.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\wdmaud.drv

c:\windows\system32\msacm32.drv

c:\windows\system32\msacm32.dll

c:\windows\system32\midimap.dll

c:\windows\system32\xpsp2res.dll

C:\WINDOWS\SYSTEM32\SERVICES.EXE
c:\windows\system32\services.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\userenv.dll

c:\windows\system32\scesrv.dll

c:\windows\system32\authz.dll

c:\windows\system32\umpnpmgr.dll

c:\windows\system32\winsta.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\ncobjapi.dll

c:\windows\system32\msvcp60.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acadproc.dll

c:\windows\system32\imm32.dll

c:\windows\system32\lpk.dll

c:\windows\system32\usp10.dll

c:\windows\system32\secur32.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\version.dll

c:\windows\system32\eventlog.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\psapi.dll

c:\windows\system32\wtsapi32.dll

C:\WINDOWS\SYSTEM32\LSASS.EXE
c:\windows\system32\lsass.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\lsasrv.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\secur32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\samsrv.dll

c:\windows\system32\cryptdll.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\samlib.dll

c:\windows\system32\mpr.dll

c:\windows\system32\ntdsapi.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acgenral.dll

c:\windows\system32\winmm.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\version.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\imm32.dll

c:\windows\system32\lpk.dll

c:\windows\system32\usp10.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\msprivs.dll

c:\windows\system32\kerberos.dll

c:\windows\system32\msv1_0.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\netlogon.dll

c:\windows\system32\w32time.dll

c:\windows\system32\msvcp60.dll

c:\windows\system32\schannel.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\wdigest.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\scecli.dll

c:\windows\system32\pstorsvc.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\psbase.dll

c:\windows\system32\msapsspc.dll

c:\windows\system32\msvcrt40.dll

c:\windows\system32\digest.dll

c:\windows\system32\msnsspc.dll

c:\windows\system32\dssenh.dll

c:\windows\system32\xpsp2res.dll

C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
c:\windows\system32\ati2evxx.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\ole32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\imm32.dll

c:\windows\system32\lpk.dll

c:\windows\system32\usp10.dll

c:\windows\system32\secur32.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\ati2edxx.dll

c:\windows\system32\uxtheme.dll

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
c:\windows\system32\svchost.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acgenral.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\ole32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\version.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\imm32.dll

c:\windows\system32\lpk.dll

c:\windows\system32\usp10.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\ntmarta.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\samlib.dll

c:\windows\system32\rpcss.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\secur32.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\msv1_0.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\termsrv.dll

c:\windows\system32\icaapi.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\authz.dll

c:\windows\system32\mstlsapi.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\atl.dll

c:\windows\system32\regapi.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\svchost.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acgenral.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\ole32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\version.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\imm32.dll

c:\windows\system32\lpk.dll

c:\windows\system32\usp10.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\rpcss.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\secur32.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\wship6.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\wldap32.dll

c:\program files\bonjour\mdnsnsp.dll

c:\windows\system32\rasadhlp.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\msi.dll

c:\windows\system32\svchost.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acgenral.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\ole32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\version.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\imm32.dll

c:\windows\system32\lpk.dll

c:\windows\system32\usp10.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\ntmarta.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\samlib.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\shsvcs.dll

c:\windows\system32\winsta.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\dhcpcsvc.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\secur32.dll

c:\windows\system32\wzcsvc.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\wmi.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\esent.dll

c:\windows\system32\atl.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\cryptui.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\wininet.dll

c:\windows\system32\mprapi.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\msvcp60.dll

c:\windows\system32\wzcsapi.dll

c:\windows\system32\msv1_0.dll

c:\windows\system32\schedsvc.dll

c:\windows\system32\ntdsapi.dll

c:\windows\system32\msidle.dll

c:\windows\system32\audiosrv.dll

c:\windows\system32\cryptsvc.dll

c:\windows\system32\certcli.dll

c:\windows\system32\dmserver.dll

c:\windows\system32\ersvc.dll

c:\windows\pchealth\helpctr\binaries\pchsvc.dll

c:\windows\system32\hidserv.dll

c:\windows\system32\hid.dll

c:\windows\system32\es.dll

c:\windows\system32\srvsvc.dll

c:\windows\system32\netman.dll

c:\windows\system32\netshell.dll

c:\windows\system32\credui.dll

c:\windows\system32\seclogon.dll

c:\windows\system32\tapisrv.dll

c:\windows\system32\psapi.dll

c:\windows\system32\w32time.dll

c:\windows\system32\wbem\wmisvc.dll

c:\windows\system32\vssapi.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\trkwks.dll

c:\windows\system32\srsvc.dll

c:\windows\system32\powrprof.dll

c:\windows\system32\wuauserv.dll

c:\windows\system32\upnp.dll

c:\windows\system32\winhttp.dll

c:\windows\system32\ssdpapi.dll

c:\windows\system32\wuaueng.dll

c:\windows\system32\winspool.drv

c:\windows\system32\cabinet.dll

c:\windows\system32\mspatcha.dll

c:\windows\system32\sens.dll

c:\windows\system32\msi.dll

c:\windows\system32\sxs.dll

c:\windows\system32\wbem\wbemcomn.dll

c:\windows\system32\netcfgx.dll

c:\windows\system32\clusapi.dll

c:\windows\system32\wscsvc.dll

c:\windows\system32\wbem\wbemcore.dll

c:\windows\system32\wbem\esscli.dll

c:\windows\system32\wbem\fastprox.dll

c:\windows\system32\sfc.dll

c:\windows\system32\sfc_os.dll

c:\windows\system32\6to4svc.dll

c:\windows\system32\comsvcs.dll

c:\windows\system32\mtxclu.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\colbact.dll

c:\windows\system32\resutils.dll

c:\windows\system32\ipnathlp.dll

c:\windows\system32\authz.dll

c:\windows\system32\wbem\wbemsvc.dll

c:\program files\bonjour\mdnsnsp.dll

c:\windows\system32\rasadhlp.dll

c:\windows\system32\wbem\wmiutils.dll

c:\windows\system32\wship6.dll

c:\windows\system32\wbem\repdrvfs.dll

c:\windows\system32\rasmans.dll

c:\windows\system32\winipsec.dll

c:\windows\system32\wbem\wmiprvsd.dll

c:\windows\system32\ncobjapi.dll

c:\windows\system32\wbem\wbemess.dll

c:\windows\system32\wbem\ncprov.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\rastapi.dll

c:\windows\system32\unimdm.tsp

c:\windows\system32\uniplat.dll

c:\windows\system32\dssenh.dll

c:\windows\system32\unimdmat.dll

c:\windows\system32\modemui.dll

c:\windows\system32\kmddsp.tsp

c:\windows\system32\ndptsp.tsp

c:\windows\system32\ipconf.tsp

c:\windows\system32\h323.tsp

c:\windows\system32\hidphone.tsp

c:\windows\system32\rasppp.dll

c:\windows\system32\ntlsapi.dll

c:\windows\system32\kerberos.dll

c:\windows\system32\cryptdll.dll

c:\windows\system32\raschap.dll

c:\windows\system32\rastls.dll

c:\windows\system32\schannel.dll

c:\windows\system32\winscard.dll

c:\windows\system32\rasdlg.dll

c:\windows\system32\msxml3.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\advpack.dll

c:\windows\system32\svchost.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acgenral.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\ole32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\version.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\imm32.dll

c:\windows\system32\lpk.dll

c:\windows\system32\usp10.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\wudfsvc.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\wudfplatform.dll

c:\windows\system32\secur32.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\svchost.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acgenral.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\ole32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\version.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\imm32.dll

c:\windows\system32\lpk.dll

c:\windows\system32\usp10.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\dnsrslvr.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\svchost.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acgenral.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\ole32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\version.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\imm32.dll

c:\windows\system32\lpk.dll

c:\windows\system32\usp10.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\ntmarta.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\samlib.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\lmhsvc.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\webclnt.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\secur32.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\regsvc.dll

c:\windows\system32\ssdpsrv.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\upnphost.dll

c:\windows\system32\winhttp.dll

c:\windows\system32\ssdpapi.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\httpapi.dll

c:\windows\system32\wship6.dll

C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE
c:\program files\lavasoft\ad-aware 2007\aawservice.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\program files\lavasoft\ad-aware 2007\ceapi.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\program files\lavasoft\ad-aware 2007\pkarchive84cb.dll

c:\windows\system32\shell32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\ole32.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\psapi.dll

c:\windows\system32\version.dll

c:\windows\system32\wininet.dll

c:\windows\system32\oleaut32.dll

c:\program files\lavasoft\ad-aware 2007\update.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\userenv.dll

c:\windows\system32\imm32.dll

c:\windows\system32\lpk.dll

c:\windows\system32\usp10.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\rsaenh.dll

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE
c:\program files\alwil software\avast4\aswupdsv.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\program files\alwil software\avast4\aswcmns.dll

c:\program files\alwil software\avast4\aswcmnos.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\msvcp71.dll

c:\windows\system32\msvcr71.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\ws2help.dll

c:\program files\alwil software\avast4\aswcmnb.dll

c:\windows\system32\imm32.dll

c:\windows\system32\lpk.dll

c:\windows\system32\usp10.dll

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
c:\program files\alwil software\avast4\ashserv.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\advapi32.dll

c:\program files\alwil software\avast4\aswaux.dll

c:\windows\system32\msvcp71.dll

c:\windows\system32\msvcr71.dll

c:\program files\alwil software\avast4\aswcmnb.dll

c:\program files\alwil software\avast4\aswcmnos.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\ws2help.dll

c:\program files\alwil software\avast4\aswengin.dll

c:\program files\alwil software\avast4\aswscan.dll

c:\program files\alwil software\avast4\aswcmns.dll

c:\program files\alwil software\avast4\ashbase.dll

c:\windows\system32\version.dll

c:\program files\alwil software\avast4\ashtask.dll

c:\program files\alwil software\avast4\aswinteg.dll

c:\program files\alwil software\avast4\aswidle.dll

c:\program files\alwil software\avast4\aavm4h.dll

c:\program files\alwil software\avast4\aavmrpch.dll

c:\windows\system32\imm32.dll

c:\windows\system32\lpk.dll

c:\windows\system32\usp10.dll

c:\windows\system32\dbghelp.dll

c:\program files\alwil software\avast4\french\base.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\system32\netapi32.dll

c:\program files\alwil software\avast4\ahresmai.dll

c:\program files\alwil software\avast4\ahresmes.dll

c:\program files\alwil software\avast4\ahresns.dll

c:\program files\alwil software\avast4\ahresout.dll

c:\program files\alwil software\avast4\ahresp2p.dll

c:\program files\alwil software\avast4\ahresstd.dll

c:\program files\alwil software\avast4\ahresws.dll

c:\program files\alwil software\avast4\ashssqlt.dll

c:\windows\system32\ole32.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\comres.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\icmp.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\winrnr.dll

c:\windows\system32\wldap32.dll

c:\program files\bonjour\mdnsnsp.dll

c:\windows\system32\rasadhlp.dll

c:\windows\system32\perfos.dll

c:\windows\system32\secur32.dll

c:\program files\alwil software\avast4\aswres.dll

C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
c:\windows\system32\ati2evxx.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\ole32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\imm32.dll

c:\windows\system32\lpk.dll

c:\windows\system32\usp10.dll

c:\windows\system32\secur32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\ati2edxx.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\version.dll

c:\windows\system32\msctf.dll

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
c:\windows\system32\spoolsv.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acgenral.dll

c:\windows\system32\winmm.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\version.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\imm32.dll

c:\windows\system32\lpk.dll

c:\windows\system32\usp10.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\spoolss.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\rasadhlp.dll

c:\windows\system32\localspl.dll

c:\windows\system32\secur32.dll

c:\windows\system32\sfc_os.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\winspool.drv

c:\windows\system32\netapi32.dll

c:\windows\system32\cnbjmon.dll

c:\windows\system32\hptcpmon.dll

c:\windows\system32\hpzjrd01.dll

c:\windows\system32\clusapi.dll

c:\windows\system32\hptcpmui.dll

c:\windows\system32\hptcpmib.dll

c:\windows\system32\mgmtapi.dll

c:\windows\system32\snmpapi.dll

c:\windows\system32\wsnmp32.dll

c:\windows\system32\hpzlnt12.dll

c:\windows\system32\fxsmon.dll

c:\windows\system32\fxsevent.dll

c:\windows\system32\pjlmon.dll

c:\windows\system32\tcpmon.dll

c:\windows\system32\usbmon.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\wldap32.dll

c:\program files\bonjour\mdnsnsp.dll

c:\windows\system32\inetpp.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\xpsp2res.dll

C:\WINDOWS\EXPLORER.EXE
c:\windows\explorer.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\shell32.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\browseui.dll

c:\windows\system32\shdocvw.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\cryptui.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\version.dll
A voir également:

3 réponses

Réponse 1 / 3
Utilisateur anonyme
 
Salut ,

● Télécharge AD-R.zip sur ton bureau. AD-Remover.zip] sur ton bureau.
● Dézippe-le ( clique droit -> ' extraire tout ' )
● Ouvre le dossier Ad-remover , et double clique sur Ad-remover.exe.
● A l'écran Warning tape 'Y' et valide par [ENTREE]
● Au menu principal choisi l'option "A"
● Poste le rapport qui apparait à la fin.

( le rapport est sauvegardé aussi sous C:\Ad-report.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note :

Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

++
0
Réponse 2 / 3
siisii17
 
-------- AD-Remover 1.0.0.1 by C_XX ---------

[ START at 20:22:21 | 04/09/2008 ][ A ]
[ ON Windows_NT (Windows XP) ]
[ INSTALL LOCATION : C:\DOCUME~1\jj\LOCALS~1\Temp\Rar$EX01.391\Ad-remover\AD-Remover.bat ]
[ USER : jj | PC : ACER-C0C61A7A2A ]
[ BOOT MODE : Normal ]
[ DRIVES : C:\ D:\ ]

-- [ PROCESSES ] --

smss.exe
csrss.exe
winlogon.exe
services.exe
lsass.exe
ati2evxx.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
aawservice.exe
aswUpdSv.exe
ashServ.exe
ati2evxx.exe
spoolsv.exe
explorer.exe
AppleMobileDeviceService.exe
awServ.exe
BTNtService.exe
mDNSResponder.exe
t.exe
NMSAccessU.exe
NTRconnect.exe
svchost.exe
vphc600.exe
Monitor.exe
CnxDslTb.exe
ashDisp.exe
admtray.exe
awtray.exe
hpwuSchd2.exe
realsched.exe
RTHDCPL.exe
QTTask.exe
iTunesHelper.exe
jusched.exe
ctfmon.exe
msmsgs.exe
BlueSoleil.exe
hpqtra08.exe
TrayMin.exe
WLANUTL.EXE
RocketDock.exe
ashMaiSv.exe
soffice.exe
ashWebSv.exe
msnmsgr.exe
hpqste08.exe
iPodService.exe
alg.exe
svchost.exe
usnsvc.exe
livecall.exe
firefox.exe
WinRAR.exe
wuauclt.exe
b2e.exe
cmd.exe
Process.exe

--------- [ 61 ]

>>>>>>>>>>>>>>>> CHECKING SERVICES

Boonty Games - found !
Mywebsearchservice - found !

>>>>>>>>>>>>>>>> REGISTRY

"HKEY_LOCAL_MACHINE\Software\Classes\boontybox " - found !
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Boonty Games " - found !
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Boonty Games " - found !
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Boonty Games " - found !
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BOONTY_GAMES " - found !
"HKEY_CURRENT_USER\SOFTWARE\EoRezo " - found !
"HKEY_CURRENT_USER\SOFTWARE\Boonty " - found !
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350} " - found !
"HKEY_CLASSES_ROOT\boontybox " - found !
"HKEY_CLASSES_ROOT\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F} " - found !
"HKEY_CLASSES_ROOT\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A} " - found !

>>>>>>>>>>>>>>>> FILES\FOLDERS

"C:\WINDOWS\Prefetch\BOONTY.EXE-1C9DCFB8.pf" - found !
"C:\DOCUME~1\jj\LOCALS~1\Temp\53.tmp" - found !
"C:\DOCUME~1\jj\LOCALS~1\Temp\54.tmp" - found !
"C:\DOCUME~1\jj\LOCALS~1\Temp\D653F3EC.TMP" - found !
"C:\DOCUME~1\jj\LOCALS~1\Temp\DIO13.tmp" - found !
"C:\DOCUME~1\jj\LOCALS~1\Temp\DIO4.tmp" - found !
"C:\DOCUME~1\jj\LOCALS~1\Temp\DIOE.tmp" - found !
"C:\DOCUME~1\jj\LOCALS~1\Temp\MAR2.tmp" - found !
"C:\DOCUME~1\jj\LOCALS~1\Temp\MAR3.tmp" - found !
"C:\DOCUME~1\jj\LOCALS~1\Temp\MAR4.tmp" - found !
"C:\DOCUME~1\jj\LOCALS~1\Temp\MAR5.tmp" - found !
"C:\DOCUME~1\jj\LOCALS~1\Temp\STS13.tmp" - found !
"C:\DOCUME~1\jj\LOCALS~1\Temp\STS19.tmp" - found !
"C:\DOCUME~1\jj\LOCALS~1\Temp\STS6.tmp" - found !
"C:\DOCUME~1\jj\LOCALS~1\Temp\STS8.tmp" - found !
"C:\DOCUME~1\jj\LOCALS~1\Temp\~DF253A.tmp" - found !
"C:\DOCUME~1\jj\LOCALS~1\Temp\~DF254C.tmp" - found !
"C:\DOCUME~1\jj\LOCALS~1\Temp\~DF5A13.tmp" - found !
"C:\DOCUME~1\jj\LOCALS~1\Temp\~DF5A29.tmp" - found !
"C:\WINDOWS\temp\e4j1.tmp_dir14203" - found !
"C:\WINDOWS\temp\e4j1.tmp_dir16350" - found !
"C:\WINDOWS\temp\e4j1.tmp_dir18529" - found !
"C:\WINDOWS\temp\e4j1.tmp_dir20169" - found !
"C:\WINDOWS\temp\e4j1.tmp_dir28090" - found !

>>>>>>>>>>>>>>>> [ EOF ]

[ END at 20:23:05 | 04/09/2008 ] - [ Time elapsed : ]
0
Réponse 3 / 3
Utilisateur anonyme
 
Re ,

Leger bug sur les services ... rien de grave ne t'inquiète pas.

Sinon j'ai dit de le télécharger SUR TON BUREAU.
Il faut lire des fois ...

● Relance Ad-remover , au menu principal choisi l'option "B"

-- le programme va travailler --

● Poste le rapport qui apparait à la fin.

( le rapport est sauvegardé aussi sous C:\Ad-report.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

/!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide) /!\

++
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses