Cheval de troie
Résolu
stephmi78
Messages postés
214
Statut
Membre
-
philae83 Messages postés 12854 Statut Contributeur sécurité -
philae83 Messages postés 12854 Statut Contributeur sécurité -
Bonjour,
la dernière fois j'a été aiguillé par Marie qui m'avait donné toute une procédure à suivre, voilà c'est fait :
- ad-aware version 1.06
- spybot version 1.4
- Ccleaner
- Ewido - avg dont voici le rapport :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 21:49:45 06/01/2007
+ Résultat de l'analyse:
:mozilla.33:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.34:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.35:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.36:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.120:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.72:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.73:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.74:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.196:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.197:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.108:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.6:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.170:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.174:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.179:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.188:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@casinotropez[2].txt -> TrackingCookie.Casinotropez : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@promo.casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.154:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Centrport : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@centrport[1].txt -> TrackingCookie.Centrport : Nettoyé.
:mozilla.28:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Clickbank : Nettoyé.
:mozilla.40:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.201:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.202:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.203:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.12:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.94:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@as1.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.169:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.171:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.172:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.173:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.138:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.29:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.87:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.88:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.159:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.160:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.161:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.162:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.166:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.206:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.23:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.24:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.25:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.26:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.52:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@revenue[2].txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.54:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.55:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.56:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.57:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.58:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.59:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.13:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.14:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.15:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.62:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.63:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.64:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.30:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.90:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.92:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.93:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
Fin du rapport
- Bitdefender dont voici le rapport :
*BitDefender Online Scanner - Rapport virus en temps réel*
Généré à: Sun, Jan 07, 2007 - 12:39:15
------------------------------------------------------------------------
*Info d'analyse*
Fichiers scannés
539378
Infectés Fichiers
0
* *
*Virus Détectés*
Aucun virus trouvé.
------------------------------------------------------------------------
Ce sommaire du processus d'analyse sera utilisé par les laboratoires
Antivirus BitDefender pour créer des statistiques agréguées sur
l'activité des virus dans le monde.
- Hijackthis dont voici le rapport :
Logfile of HijackThis v1.99.1
Scan saved at 12:49:00, on 07/01/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\htpatch.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Apps\ActivBoard\MMKeybd.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Pack Sécurité\Common\FSM32.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\Apps\ActivBoard\TrayMon.exe
C:\Apps\ActivBoard\OSD.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Exif Launcher\QuickDCF.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Micro Application\9 DICOS Indispensables\MediaDICO9.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Micro Application\9 DICOS Indispensables\Rac9.EXE
C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
C:\Program Files\Pack Sécurité\backweb\361343\Program\fspex.exe
C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Pack Sécurité\Common\FCH32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
C:\Program Files\Pack Sécurité\FSPC\fspc.exe
C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Microsoft Money\System\urlmap.exe
C:\Documents and Settings\MINIER Stéphane\Local Settings\Temp\Répertoire temporaire 2 pour hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [ActivSurf] C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Config System] config.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Sécurité\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunServices: [Windows Config System] config.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MediaDico9] C:\Program Files\Micro Application\9 DICOS Indispensables\LanceMediaDICO9.exe Lancement
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\Exif Launcher\QuickDCF.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Pack Sécurité.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6127F793-D9E4-4FC5-9F57-41E6038CBF6C}: NameServer = 84.103.237.144 86.64.145.144
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Pack Sécurité (BackWeb Plug-in - 361343) - Pack Securite - C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
O23 - Service: FSBWSYS - F-Secure Corp. - C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Merci à toute personne qui pourrait m'aiguiller sur la suite où me dire si le cheval de troie est détruit.
Rappel, je débute dans le domaine des virus.
la dernière fois j'a été aiguillé par Marie qui m'avait donné toute une procédure à suivre, voilà c'est fait :
- ad-aware version 1.06
- spybot version 1.4
- Ccleaner
- Ewido - avg dont voici le rapport :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 21:49:45 06/01/2007
+ Résultat de l'analyse:
:mozilla.33:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.34:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.35:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.36:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.120:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.72:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.73:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.74:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.196:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.197:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.108:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.6:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.170:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.174:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.179:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.188:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@casinotropez[2].txt -> TrackingCookie.Casinotropez : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@promo.casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.154:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Centrport : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@centrport[1].txt -> TrackingCookie.Centrport : Nettoyé.
:mozilla.28:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Clickbank : Nettoyé.
:mozilla.40:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.201:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.202:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.203:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.12:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.94:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@as1.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.169:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.171:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.172:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.173:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.138:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.29:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.87:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.88:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.159:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.160:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.161:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.162:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.166:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.206:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.23:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.24:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.25:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.26:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.52:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@revenue[2].txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.54:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.55:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.56:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.57:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.58:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.59:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.13:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.14:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.15:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.62:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.63:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.64:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.30:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.90:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.92:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.93:C:\Documents and Settings\MINIER Stéphane\Application Data\Mozilla\Firefox\Profiles\d6yl6krm.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\MINIER Stéphane\Cookies\minier stéphane@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
Fin du rapport
- Bitdefender dont voici le rapport :
*BitDefender Online Scanner - Rapport virus en temps réel*
Généré à: Sun, Jan 07, 2007 - 12:39:15
------------------------------------------------------------------------
*Info d'analyse*
Fichiers scannés
539378
Infectés Fichiers
0
* *
*Virus Détectés*
Aucun virus trouvé.
------------------------------------------------------------------------
Ce sommaire du processus d'analyse sera utilisé par les laboratoires
Antivirus BitDefender pour créer des statistiques agréguées sur
l'activité des virus dans le monde.
- Hijackthis dont voici le rapport :
Logfile of HijackThis v1.99.1
Scan saved at 12:49:00, on 07/01/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\htpatch.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Apps\ActivBoard\MMKeybd.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Pack Sécurité\Common\FSM32.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\Apps\ActivBoard\TrayMon.exe
C:\Apps\ActivBoard\OSD.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Exif Launcher\QuickDCF.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Micro Application\9 DICOS Indispensables\MediaDICO9.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Micro Application\9 DICOS Indispensables\Rac9.EXE
C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
C:\Program Files\Pack Sécurité\backweb\361343\Program\fspex.exe
C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Pack Sécurité\Common\FCH32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
C:\Program Files\Pack Sécurité\FSPC\fspc.exe
C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Microsoft Money\System\urlmap.exe
C:\Documents and Settings\MINIER Stéphane\Local Settings\Temp\Répertoire temporaire 2 pour hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [ActivSurf] C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Config System] config.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Sécurité\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunServices: [Windows Config System] config.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MediaDico9] C:\Program Files\Micro Application\9 DICOS Indispensables\LanceMediaDICO9.exe Lancement
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\Exif Launcher\QuickDCF.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Pack Sécurité.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6127F793-D9E4-4FC5-9F57-41E6038CBF6C}: NameServer = 84.103.237.144 86.64.145.144
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Pack Sécurité (BackWeb Plug-in - 361343) - Pack Securite - C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
O23 - Service: FSBWSYS - F-Secure Corp. - C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Merci à toute personne qui pourrait m'aiguiller sur la suite où me dire si le cheval de troie est détruit.
Rappel, je débute dans le domaine des virus.
A voir également:
- Cheval de troie
- Antivirus cheval de troie gratuit - Télécharger - Antivirus & Antimalwares
- Ordinateur bloqué cheval de troie - Accueil - Arnaque
- Qu'est ce que le cheval au poker - Forum Virus
- Comment se débarrasser d'un cheval de troie ✓ - Forum Virus
- Retrouver son cheval skyrim - Forum Jeux PC
4 réponses
re
Lance HijackThis pour un scan seulement coche et fixe :
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [Windows Config System] config.exe
O4 - HKLM\..\RunServices: [Windows Config System] config.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
puis
* Assure toi d'avoir accès à tous les fichiers
-démarrer
-poste de travail ou autre dossier
-menu outils
-options de dossier
-onglet affichage
puis
- activer la case : Afficher les fichiers et dossiers cachés
- désactiver la case : Masquer les extensions des fichiers dont le type est connu
- désactiver la case : Masquer les fichier protégés du système d'exploitation
Puis - Appliquer
* et Supprime le(s) fichier(s) ci dessous si il(s) est (sont) présent(s) :
config.exe vraisemblablement dans
c:\windows\system32
* Dans l'Explorateur Windows recache les fichiers système afin de ne pas faire d'erreur à l'avenir. Retourne à la fenêtre Paramètres de dossiers et sélectionne Ne pas afficher les fichiers cachés ou les fichiers système
* puis reposte un nouveau rapport HijackThis
Lance HijackThis pour un scan seulement coche et fixe :
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [Windows Config System] config.exe
O4 - HKLM\..\RunServices: [Windows Config System] config.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
puis
* Assure toi d'avoir accès à tous les fichiers
-démarrer
-poste de travail ou autre dossier
-menu outils
-options de dossier
-onglet affichage
puis
- activer la case : Afficher les fichiers et dossiers cachés
- désactiver la case : Masquer les extensions des fichiers dont le type est connu
- désactiver la case : Masquer les fichier protégés du système d'exploitation
Puis - Appliquer
* et Supprime le(s) fichier(s) ci dessous si il(s) est (sont) présent(s) :
config.exe vraisemblablement dans
c:\windows\system32
* Dans l'Explorateur Windows recache les fichiers système afin de ne pas faire d'erreur à l'avenir. Retourne à la fenêtre Paramètres de dossiers et sélectionne Ne pas afficher les fichiers cachés ou les fichiers système
* puis reposte un nouveau rapport HijackThis
Merci pour les info voici le rapport
Logfile of HijackThis v1.99.1
Scan saved at 19:16:27, on 07/01/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\htpatch.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Apps\ActivBoard\MMKeybd.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Pack Sécurité\Common\FSM32.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\Apps\ActivBoard\TrayMon.exe
C:\Apps\ActivBoard\OSD.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Exif Launcher\QuickDCF.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Micro Application\9 DICOS Indispensables\MediaDICO9.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Micro Application\9 DICOS Indispensables\Rac9.EXE
C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
C:\Program Files\Pack Sécurité\backweb\361343\Program\fspex.exe
C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Pack Sécurité\Common\FCH32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
C:\Program Files\Pack Sécurité\FSPC\fspc.exe
C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\WINDOWS\explorer.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Money\System\urlmap.exe
C:\Documents and Settings\MINIER Stéphane\Local Settings\Temp\Répertoire temporaire 3 pour hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [ActivSurf] C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Sécurité\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MediaDico9] C:\Program Files\Micro Application\9 DICOS Indispensables\LanceMediaDICO9.exe Lancement
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\Exif Launcher\QuickDCF.exe
O4 - Global Startup: Pack Sécurité.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3afbef5b688c44d8a9e8efd0a461c7ec
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3afbef5b688c44d8a9e8efd0a461c7ec
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6127F793-D9E4-4FC5-9F57-41E6038CBF6C}: NameServer = 84.103.237.145 86.64.145.145
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Pack Sécurité (BackWeb Plug-in - 361343) - Pack Securite - C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
O23 - Service: FSBWSYS - F-Secure Corp. - C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Logfile of HijackThis v1.99.1
Scan saved at 19:16:27, on 07/01/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\htpatch.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Apps\ActivBoard\MMKeybd.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Pack Sécurité\Common\FSM32.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\Apps\ActivBoard\TrayMon.exe
C:\Apps\ActivBoard\OSD.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Exif Launcher\QuickDCF.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Micro Application\9 DICOS Indispensables\MediaDICO9.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Micro Application\9 DICOS Indispensables\Rac9.EXE
C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
C:\Program Files\Pack Sécurité\backweb\361343\Program\fspex.exe
C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Pack Sécurité\Common\FCH32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
C:\Program Files\Pack Sécurité\FSPC\fspc.exe
C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\WINDOWS\explorer.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Money\System\urlmap.exe
C:\Documents and Settings\MINIER Stéphane\Local Settings\Temp\Répertoire temporaire 3 pour hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [ActivSurf] C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Sécurité\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MediaDico9] C:\Program Files\Micro Application\9 DICOS Indispensables\LanceMediaDICO9.exe Lancement
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\Exif Launcher\QuickDCF.exe
O4 - Global Startup: Pack Sécurité.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3afbef5b688c44d8a9e8efd0a461c7ec
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3afbef5b688c44d8a9e8efd0a461c7ec
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\pack sécurité\fsps\program\fslsp.dll
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6127F793-D9E4-4FC5-9F57-41E6038CBF6C}: NameServer = 84.103.237.145 86.64.145.145
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Pack Sécurité (BackWeb Plug-in - 361343) - Pack Securite - C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
O23 - Service: FSBWSYS - F-Secure Corp. - C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
