[Résolu] Virus msn (encore ... =o)
Dernière réponse : dans Sécurité
Salut à tous !
Alors voilà, bon je suis atteinte du mal qui sévit sur msn ...
Voilà les rapports :
MSNFix 1.495
C:\Documents and Settings\NGUYENNGOC\Bureau\MSNFix
Fix exécuté le 10/09/2007 - 22:20:46,67 By NGUYENNGOC
mode normal
************************ Recherche les fichiers présents
... C:\WINDOWS\wdfmgr.exe
... C:\WINDOWS\Z058_jpg.zip
... C:\WINDOWS\system32\microsoft\backup.ftp
... C:\WINDOWS\system32\microsoft\backup.tftp
... C:\WINDOWS\Z058_jpg.zip
************************ Recherche les dossiers présents
... C:\Temp\
************************ Suppression des fichiers
/!\ ... C:\WINDOWS\wdfmgr.exe
.. OK ... C:\WINDOWS\Z058_jpg.zip
.. OK ... C:\WINDOWS\system32\microsoft\backup.ftp
.. OK ... C:\WINDOWS\system32\microsoft\backup.tftp
.. OK ... C:\WINDOWS\Z058_jpg.zip
************************ Suppression des dossiers
.. OK ... C:\Temp\
************************ Nettoyage du registre
Les fichiers encore présents seront supprimés au prochain redémarrage
************************ Suppression des fichiers
.. OK ... C:\WINDOWS\wdfmgr.exe
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[C:\WINDOWS\system32\FFF-CHOCOBO01.scr] 0BDE2DCE865BB04204DD535916B95F7A
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 10092007_22290203.zip
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
Et pour Hijackthis :
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 22:37:18, on 10/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\notepad.exe
C:\PROGRA~1\FBMSOF~1\ZEROSP~1\ZeroSpyware.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\PHILIPS\HDDDMM\DMM\bin\AutoLaunchHDD70.exe
C:\Program Files\JustWrite Office\ScreenMark.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\PROGRA~1\FICHIE~1\PHILIP~1\USBCON~1.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
C:\Documents and Settings\NGUYENNGOC\Bureau\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.fri.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Easy Gif Animator Toolbar - {8AAE1BCA-A973-423F-9232-7007D8CED2C7} - C:\Program Files\Easy Gif Animator Extension\v3.1.0.0\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [/AutoLaunchHDD70] C:\Program Files\PHILIPS\HDDDMM\DMM\bin\AutoLaunchHDD70.exe
O4 - HKLM\..\Run: [JWOSetup] JWOSetup.exe -en
O4 - HKLM\..\Run: [SMKRun] C:\Program Files\JustWrite Office\ScreenMark.exe -i
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [zsscheduler] rundll32.exe "C:\PROGRA~1\FBMSOF~1\ZEROSP~1\zsscheduler.dll", runScheduler C:\PROGRA~1\FBMSOF~1\ZEROSP~1\
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\APPS\skype\phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [ZSScheduler] RunDll32.exe "C:\Program Files\FBM Software\ZeroSpyware\ZSScheduler.dll", runScheduler C:\Program Files\FBM Software\ZeroSpyware\
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
--
End of file - 12330 bytes
Que dois-je faire ensuite ?
Merci beaucoup pour votre aide, savoir mon pc exposé me fait frémir =s.
Alors voilà, bon je suis atteinte du mal qui sévit sur msn ...
Voilà les rapports :
MSNFix 1.495
C:\Documents and Settings\NGUYENNGOC\Bureau\MSNFix
Fix exécuté le 10/09/2007 - 22:20:46,67 By NGUYENNGOC
mode normal
************************ Recherche les fichiers présents
... C:\WINDOWS\wdfmgr.exe
... C:\WINDOWS\Z058_jpg.zip
... C:\WINDOWS\system32\microsoft\backup.ftp
... C:\WINDOWS\system32\microsoft\backup.tftp
... C:\WINDOWS\Z058_jpg.zip
************************ Recherche les dossiers présents
... C:\Temp\
************************ Suppression des fichiers
/!\ ... C:\WINDOWS\wdfmgr.exe
.. OK ... C:\WINDOWS\Z058_jpg.zip
.. OK ... C:\WINDOWS\system32\microsoft\backup.ftp
.. OK ... C:\WINDOWS\system32\microsoft\backup.tftp
.. OK ... C:\WINDOWS\Z058_jpg.zip
************************ Suppression des dossiers
.. OK ... C:\Temp\
************************ Nettoyage du registre
Les fichiers encore présents seront supprimés au prochain redémarrage
************************ Suppression des fichiers
.. OK ... C:\WINDOWS\wdfmgr.exe
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[C:\WINDOWS\system32\FFF-CHOCOBO01.scr] 0BDE2DCE865BB04204DD535916B95F7A
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 10092007_22290203.zip
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
Et pour Hijackthis :
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 22:37:18, on 10/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\notepad.exe
C:\PROGRA~1\FBMSOF~1\ZEROSP~1\ZeroSpyware.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\PHILIPS\HDDDMM\DMM\bin\AutoLaunchHDD70.exe
C:\Program Files\JustWrite Office\ScreenMark.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\PROGRA~1\FICHIE~1\PHILIP~1\USBCON~1.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
C:\Documents and Settings\NGUYENNGOC\Bureau\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.fri.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Easy Gif Animator Toolbar - {8AAE1BCA-A973-423F-9232-7007D8CED2C7} - C:\Program Files\Easy Gif Animator Extension\v3.1.0.0\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [/AutoLaunchHDD70] C:\Program Files\PHILIPS\HDDDMM\DMM\bin\AutoLaunchHDD70.exe
O4 - HKLM\..\Run: [JWOSetup] JWOSetup.exe -en
O4 - HKLM\..\Run: [SMKRun] C:\Program Files\JustWrite Office\ScreenMark.exe -i
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [zsscheduler] rundll32.exe "C:\PROGRA~1\FBMSOF~1\ZEROSP~1\zsscheduler.dll", runScheduler C:\PROGRA~1\FBMSOF~1\ZEROSP~1\
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\APPS\skype\phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [ZSScheduler] RunDll32.exe "C:\Program Files\FBM Software\ZeroSpyware\ZSScheduler.dll", runScheduler C:\Program Files\FBM Software\ZeroSpyware\
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
--
End of file - 12330 bytes
Que dois-je faire ensuite ?
Merci beaucoup pour votre aide, savoir mon pc exposé me fait frémir =s.
Autres pages sur : resolu virus msn
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge Clean.zip (de Malekal),
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.
&
Désinstalle correctement Avast! pour le remplacer par Antivir.
Pourquoi changer ? : Avast! vs Antivir
Télécharge Clean.zip (de Malekal),
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.
&
Désinstalle correctement Avast! pour le remplacer par Antivir.
Pourquoi changer ? : Avast! vs Antivir
Bonjour, merci de votre réponse !
Voici le rapport, donc.
11/09/2007 a 16:18:52,11
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\SpoonUninstall.exe FOUND
*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Dynamic Toolbar\" FOUND
"C:\Program Files\Viewpoint\" FOUND
*** Fin du rapport !
Je vais m'occuper de ce pas à remplacer avast par antivir, merci de vos conseils. =)
Voici le rapport, donc.
11/09/2007 a 16:18:52,11
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\SpoonUninstall.exe FOUND
*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Dynamic Toolbar\" FOUND
"C:\Program Files\Viewpoint\" FOUND
*** Fin du rapport !
Je vais m'occuper de ce pas à remplacer avast par antivir, merci de vos conseils. =)
Re,
Ok![;)]( ";)")
Télécharge puis installe AVG Anti-Spyware (AVG AS)
Fais les mises à jour mais ne lance pas de scan pour le moment.
AIDE : Tuto sur AVG Anti-Spyware (Malekal)
Redémarre en mode sans échec
Relance AVG AS :
- Choisis l'onglet "Analyse"
- Puis l'onglet "Paramètres"
- Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
- Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
[#ff0000]Si un fichier est infecté en fin d'analyse, clique sur "Appliquer toutes les actions"[/#f]
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 2 puis patiente.
Redémarre normalement.
Poste le rapport AVG AS ainsi qu'un rapport Hijackthis.
Poste le rapport clean : C:\rapport_clean.txt
Ok
Télécharge puis installe AVG Anti-Spyware (AVG AS)
Fais les mises à jour mais ne lance pas de scan pour le moment.
AIDE : Tuto sur AVG Anti-Spyware (Malekal)
Redémarre en mode sans échec
Relance AVG AS :
- Choisis l'onglet "Analyse"
- Puis l'onglet "Paramètres"
- Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
- Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
[#ff0000]Si un fichier est infecté en fin d'analyse, clique sur "Appliquer toutes les actions"[/#f]
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 2 puis patiente.
Redémarre normalement.
Poste le rapport AVG AS ainsi qu'un rapport Hijackthis.
Poste le rapport clean : C:\rapport_clean.txt
Re ! Bonsoir ...
Mon rapport AVG AS :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 20:30:59 11/09/2007
+ Résultat de l'analyse:
HKLM\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-3802968087-826521611-1376616963-1008\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-3802968087-826521611-1376616963-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\NGUYENNGOC\Bureau\MSNFix\10092007_22290203.zip/backup/Z058_jpg.zip/www.Z058_jpg-msn.com -> Backdoor.SdBot.bti : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\NGUYENNGOC\Bureau\MSNFix\10092007_22290203.zip/backup/wdfmgr.exe -> Backdoor.SdBot.bti : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP377\A0066359.exe -> Backdoor.SdBot.bti : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP377\A0066374.exe -> Backdoor.SdBot.bti : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\NGUYENNGOC\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\java.class-3f551d86-7f217c70.class -> Not-A-Virus.Exploit.Java.Gimsh.a : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.99:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.255:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.438:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.82:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.83:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.84:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.85:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.211:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.212:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.186:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.188:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.190:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.192:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.193:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.39:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Local Settings\Temp\Cookies\nguyenngoc@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.128:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Local Settings\Temp\Cookies\nguyenngoc@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.309:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyé.
:mozilla.314:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyé.
:mozilla.315:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyé.
:mozilla.316:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.317:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.318:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.319:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.127:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.349:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.350:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.351:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.74:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Local Settings\Temp\Cookies\nguyenngoc@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.220:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@estat[2].txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.100:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.101:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.102:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.103:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.104:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.105:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.106:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.137:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.480:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.86:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.87:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.88:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.89:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.285:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.286:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.279:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.25:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.170:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.175:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.176:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.177:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.178:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.179:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.180:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@serving-sys[3].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.38:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.40:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.41:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.45:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Local Settings\Temp\Cookies\nguyenngoc@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.320:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.321:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.322:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.323:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.341:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.310:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.311:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.312:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.313:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.116:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.117:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.308:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.121:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@weborama[3].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@weborama[4].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Local Settings\Temp\Cookies\nguyenngoc@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.108:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.138:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.139:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.140:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.141:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.142:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.143:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
Fin du rapport
Mon rapport AVG AS :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 20:30:59 11/09/2007
+ Résultat de l'analyse:
HKLM\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-3802968087-826521611-1376616963-1008\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-3802968087-826521611-1376616963-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\NGUYENNGOC\Bureau\MSNFix\10092007_22290203.zip/backup/Z058_jpg.zip/www.Z058_jpg-msn.com -> Backdoor.SdBot.bti : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\NGUYENNGOC\Bureau\MSNFix\10092007_22290203.zip/backup/wdfmgr.exe -> Backdoor.SdBot.bti : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP377\A0066359.exe -> Backdoor.SdBot.bti : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP377\A0066374.exe -> Backdoor.SdBot.bti : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\NGUYENNGOC\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\java.class-3f551d86-7f217c70.class -> Not-A-Virus.Exploit.Java.Gimsh.a : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.99:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.255:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.438:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.82:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.83:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.84:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.85:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.211:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.212:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.186:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.188:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.190:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.192:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.193:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.39:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Local Settings\Temp\Cookies\nguyenngoc@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.128:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Local Settings\Temp\Cookies\nguyenngoc@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.309:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyé.
:mozilla.314:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyé.
:mozilla.315:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyé.
:mozilla.316:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.317:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.318:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.319:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.127:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.349:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.350:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.351:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.74:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Local Settings\Temp\Cookies\nguyenngoc@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.220:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@estat[2].txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.100:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.101:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.102:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.103:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.104:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.105:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.106:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.137:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.480:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.86:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.87:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.88:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.89:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.285:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.286:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.279:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.25:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.170:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.175:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.176:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.177:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.178:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.179:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.180:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@serving-sys[3].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.38:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.40:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.41:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.45:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Local Settings\Temp\Cookies\nguyenngoc@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.320:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.321:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.322:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.323:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.341:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.310:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.311:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.312:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.313:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.116:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.117:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.308:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.121:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@weborama[3].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@weborama[4].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Local Settings\Temp\Cookies\nguyenngoc@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.108:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.138:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.139:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.140:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.141:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.142:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.143:C:\Documents and Settings\NGUYENNGOC\Application Data\Mozilla\Firefox\Profiles\hmvj5m59.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\NGUYENNGOC\Cookies\nguyenngoc@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
Fin du rapport
Puis Hijackthis :
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 20:40:26, on 11/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\FBMSOF~1\ZEROSP~1\ZeroSpyware.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\PHILIPS\HDDDMM\DMM\bin\AutoLaunchHDD70.exe
C:\Program Files\JustWrite Office\ScreenMark.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\FICHIE~1\PHILIP~1\USBCON~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\NGUYENNGOC\Bureau\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.fri.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Easy Gif Animator Toolbar - {8AAE1BCA-A973-423F-9232-7007D8CED2C7} - C:\Program Files\Easy Gif Animator Extension\v3.1.0.0\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [/AutoLaunchHDD70] C:\Program Files\PHILIPS\HDDDMM\DMM\bin\AutoLaunchHDD70.exe
O4 - HKLM\..\Run: [JWOSetup] JWOSetup.exe -en
O4 - HKLM\..\Run: [SMKRun] C:\Program Files\JustWrite Office\ScreenMark.exe -i
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [zsscheduler] rundll32.exe "C:\PROGRA~1\FBMSOF~1\ZEROSP~1\zsscheduler.dll", runScheduler C:\PROGRA~1\FBMSOF~1\ZEROSP~1\
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\APPS\skype\phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [ZSScheduler] RunDll32.exe "C:\Program Files\FBM Software\ZeroSpyware\ZSScheduler.dll", runScheduler C:\Program Files\FBM Software\ZeroSpyware\
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
--
End of file - 12229 bytes
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 20:40:26, on 11/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\FBMSOF~1\ZEROSP~1\ZeroSpyware.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\PHILIPS\HDDDMM\DMM\bin\AutoLaunchHDD70.exe
C:\Program Files\JustWrite Office\ScreenMark.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\FICHIE~1\PHILIP~1\USBCON~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\NGUYENNGOC\Bureau\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.fri.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Easy Gif Animator Toolbar - {8AAE1BCA-A973-423F-9232-7007D8CED2C7} - C:\Program Files\Easy Gif Animator Extension\v3.1.0.0\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [/AutoLaunchHDD70] C:\Program Files\PHILIPS\HDDDMM\DMM\bin\AutoLaunchHDD70.exe
O4 - HKLM\..\Run: [JWOSetup] JWOSetup.exe -en
O4 - HKLM\..\Run: [SMKRun] C:\Program Files\JustWrite Office\ScreenMark.exe -i
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [zsscheduler] rundll32.exe "C:\PROGRA~1\FBMSOF~1\ZEROSP~1\zsscheduler.dll", runScheduler C:\PROGRA~1\FBMSOF~1\ZEROSP~1\
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\APPS\skype\phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [ZSScheduler] RunDll32.exe "C:\Program Files\FBM Software\ZeroSpyware\ZSScheduler.dll", runScheduler C:\Program Files\FBM Software\ZeroSpyware\
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
--
End of file - 12229 bytes
Enfin, Clean :
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 11/09/2007 a 20:32:22,46
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\SpoonUninstall.exe
*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\Dynamic Toolbar\"
tentative de suppression de "C:\Program Files\Viewpoint\"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 11/09/2007 a 20:32:22,46
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\SpoonUninstall.exe
*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\Dynamic Toolbar\"
tentative de suppression de "C:\Program Files\Viewpoint\"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
Ok, je le fais de suite.
Ah oui, un dernier détail : après avoir désinstallé Avast, Windows m'a averti que je n'avais plus de protection anti-virus : http://i19.tinypic.com/4q874mv.png . Seulement, même après avoir installé Antivir, il m'affiche toujours cette petite bulle jaune qui m'averti de ceci.
=o
Ah oui, un dernier détail : après avoir désinstallé Avast, Windows m'a averti que je n'avais plus de protection anti-virus : http://i19.tinypic.com/4q874mv.png . Seulement, même après avoir installé Antivir, il m'affiche toujours cette petite bulle jaune qui m'averti de ceci.
=o
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumVirus cafards qui mangent mon ecran
- ForumVirus de son
- ForumVirus avec windows live messenger
- ForumVirus dans windows live messenger
- ForumProbleme window memoire virtuelle insuffisant
- ForumGros virus pc windows anti spaware 2010
- ForumTelecharger msns 2009
- ForumVirus windows live messenger photos myspace
- ForumWindows xp résolution écran
- ForumWindows live messenger virus
- Voir plus
