Sujet Précédent Sujet Suivant

VIRUS Firefox ; nouveau virus ?

ioulkos -  
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   -
voili voilou

jai deja eu big problems avec mon pc depuis qqs anées...

jai kaspersky et zonealamr de brancher en permanence...

mais malgré ça... j'arrive encore à avoir des saloperies ! me direz-vous: comment ? ... j'en sais rien.

En tout cas, depuis peu je n'arrivais plus à avoir acces au net par IE, je lançais donc systematiquement FIREFOX. Mais voilà que depuis hier j'ai remarqué que 1) un nouveau processus était lancé appelé USNSVC.exe, après recherches dans google il s'avère que c'est processus lancé par MSN... il parait quil est inonoffensif. 2) je décidais de terminer ce processus inutile, comme c'était conseillé dans les forums du net... 3) à partir de là ? FIREFOX a commencé a déconné : il me bouffait la totalité du processeur alors qu'une seule ou deux fenetres etaient affichées.

C'est pour cela que je suis convaincu d'etre infecté par un nouveau VIRUS ou MALWARE ou ce que vous voulez qui fait chier mon ordi et reduit l'esperance de vie de mon processeur, ce qui est tres embetant pour l'avenir.

C'est pourquoi je vous demande chers confrères combattanst des virus ce que vous pouvez faire pour m'aider à éliminer cette saloperie, sachant que Zonealarm avait détecté un malware au début qu'il est censé l'avoir effacé mais que ca continue à déconner quand meme... et que bien sur que KASPERSKY n'a rien détecté après analyse complète et totale de l'ordi.

Merci d'avance.
A voir également:

12 réponses

Réponse 1 / 12
ioulkos
 
Logfile of HijackThis v1.99.1
Scan saved at 20:04:10, on 13/02/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\wam\Bureau\programmes bien sympas\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 192.168.0
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [kav] "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{422EDC99-4D30-4A84-BC79-9AB73A78E106}: NameServer = 85.255.115.26,85.255.112.166
O17 - HKLM\System\CCS\Services\Tcpip\..\{47FD4825-B786-46FF-B1B3-11B00E6F2CD4}: NameServer = 85.255.115.26,85.255.112.166
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD2B1EA1-3B84-423A-91CE-62D6BB954E0D}: NameServer = 85.255.115.26,85.255.112.166
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.26 85.255.112.166
O17 - HKLM\System\CS2\Services\Tcpip\..\{422EDC99-4D30-4A84-BC79-9AB73A78E106}: NameServer = 85.255.115.26,85.255.112.166
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.26 85.255.112.166
O17 - HKLM\System\CS3\Services\Tcpip\..\{422EDC99-4D30-4A84-BC79-9AB73A78E106}: NameServer = 85.255.115.26,85.255.112.166
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.26 85.255.112.166
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: klogon - D:\WINDOWS\System32\klogon.dll
O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - D:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - D:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)
1
Réponse 2 / 12
easyclyner57 Messages postés 292 Date d'inscription   Statut Membre Dernière intervention   10
 
salut fait deja cela stp

télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html

Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif

Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum

Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm

Bon courage
0
Réponse 3 / 12
easyclyner57 Messages postés 292 Date d'inscription   Statut Membre Dernière intervention   10
 
Fais un nettoyage complet

Il est important d’effectuer la manip dans sa totalité et dans l’ordre :

Télécharge (sauf si tu les as) et colle les 3 rapports dans l’ordre

A - ad-aware version 1.06
(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo
http://pageperso.aol.fr/balltrap34/adwseflash.zip

B - spybot version 1.4
(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo d utilisation
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

C - Ccleaner : ( nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc..)
Télécharge ici :
https://www.ccleaner.com/ccleaner/download
Tutorial ici:
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
et
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

D – Ewido – AVG
AVG Anti-Spyware :

https://www.avg.com/en-ww/free-antivirus-download

Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente!

Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
/!\ Si un fichier est infecté en fin d'analyse /!\
choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Copie/colle le rapport

E - Scan online avec BitDefender (fonctionne uniquement sous Internet Explorer en acceptant l’ activX)
https://assiste.com/404_La_page_demandee_n_existe_pas.php
http://www.bitdefender.fr/scan8/ie.html
Copie/COLLE le rapport entier

F - Hijackthis - Outil de diagnostic et réparation
lire démo
http://pageperso.aol.fr/balltrap34/Hijenr.gif
http://pageperso.aol.fr/balltrap34/demohijack.htm
Télécharge version française ici
http://telechargement.zebulon.fr/160-patch-francais-pour-hijackthis-1991.html
Copie/colle le rapport

Bon courage

A++
0
Réponse 4 / 12
ioulkos
 
Rapport Hijack :

Logfile of HijackThis v1.99.1
Scan saved at 01:51:14, on 14/02/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\MSN Messenger\usnsvc.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\wam\Bureau\programmes bien sympas\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 192.168.0
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [kav] "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{422EDC99-4D30-4A84-BC79-9AB73A78E106}: NameServer = 85.255.115.26,85.255.112.166
O17 - HKLM\System\CCS\Services\Tcpip\..\{47FD4825-B786-46FF-B1B3-11B00E6F2CD4}: NameServer = 85.255.115.26,85.255.112.166
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD2B1EA1-3B84-423A-91CE-62D6BB954E0D}: NameServer = 85.255.115.26,85.255.112.166
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.26 85.255.112.166
O17 - HKLM\System\CS2\Services\Tcpip\..\{422EDC99-4D30-4A84-BC79-9AB73A78E106}: NameServer = 85.255.115.26,85.255.112.166
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.26 85.255.112.166
O17 - HKLM\System\CS3\Services\Tcpip\..\{422EDC99-4D30-4A84-BC79-9AB73A78E106}: NameServer = 85.255.115.26,85.255.112.166
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.26 85.255.112.166
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: klogon - D:\WINDOWS\System32\klogon.dll
O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - D:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - D:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)

Rapport Adware :

Ad-Aware SE Build 1.06r1
Logfile Created on:mardi 13 février 2007 23:47:40
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R152 13.02.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie(TAC index:3):2 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects

13-02-2007 23:47:40 - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 732
ThreadCreationTime : 13-02-2007 22:18:45
BasePriority : Normal

#:2 [csrss.exe]
FilePath : \??\D:\WINDOWS\system32\
ProcessID : 784
ThreadCreationTime : 13-02-2007 22:18:48
BasePriority : Normal

#:3 [winlogon.exe]
FilePath : \??\D:\WINDOWS\system32\
ProcessID : 808
ThreadCreationTime : 13-02-2007 22:18:50
BasePriority : High

#:4 [services.exe]
FilePath : D:\WINDOWS\system32\
ProcessID : 852
ThreadCreationTime : 13-02-2007 22:18:50
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Applications Services et Contrôleur
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : D:\WINDOWS\system32\
ProcessID : 864
ThreadCreationTime : 13-02-2007 22:18:50
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : D:\WINDOWS\system32\
ProcessID : 1032
ThreadCreationTime : 13-02-2007 22:18:51
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 1124
ThreadCreationTime : 13-02-2007 22:18:51
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 1272
ThreadCreationTime : 13-02-2007 22:18:52
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 1292
ThreadCreationTime : 13-02-2007 22:18:52
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [vsmon.exe]
FilePath : D:\WINDOWS\system32\ZoneLabs\
ProcessID : 1336
ThreadCreationTime : 13-02-2007 22:18:53
BasePriority : Normal
FileVersion : 6.5.737.000
ProductVersion : 6.5.737.000
ProductName : TrueVector Service
CompanyName : Zone Labs, LLC
FileDescription : TrueVector Service
InternalName : vsmon
LegalCopyright : Copyright © 1998-2006, Zone Labs, LLC
OriginalFilename : vsmon.exe

#:11 [spoolsv.exe]
FilePath : D:\WINDOWS\system32\
ProcessID : 1788
ThreadCreationTime : 13-02-2007 22:19:08
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [avp.exe]
FilePath : D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\
ProcessID : 244
ThreadCreationTime : 13-02-2007 22:19:26
BasePriority : Normal
FileVersion : 6.0.0.299
ProductVersion : 6.0.0.299
ProductName : Kaspersky Anti-Virus
CompanyName : Kaspersky Lab
FileDescription : Kaspersky Anti-Virus
InternalName : AVP
LegalCopyright : Copyright © Kaspersky Lab 1996-2006.
LegalTrademarks : Kaspersky™ Anti-Virus ® is registered trademark of Kaspersky Lab.
OriginalFilename : AVP.EXE

#:13 [explorer.exe]
FilePath : D:\WINDOWS\
ProcessID : 320
ThreadCreationTime : 13-02-2007 22:19:26
BasePriority : Normal
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorateur Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : EXPLORER.EXE

#:14 [starwindservice.exe]
FilePath : D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\
ProcessID : 512
ThreadCreationTime : 13-02-2007 22:19:28
BasePriority : Normal
FileVersion : 2.6.1 Build 0x20050401
ProductVersion : 2.6.1 Build 0x20050401
ProductName : StarWind
CompanyName : Rocket Division Software
FileDescription : StarWind iSCSI Target (Alcohol Edition)
InternalName : StarWind
LegalCopyright : Copyright (c) Rocket Division Software 2003-2005. All rights reserved.
OriginalFilename : StarWind

#:15 [avp.exe]
FilePath : D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\
ProcessID : 688
ThreadCreationTime : 13-02-2007 22:19:33
BasePriority : Normal
FileVersion : 6.0.0.299
ProductVersion : 6.0.0.299
ProductName : Kaspersky Anti-Virus
CompanyName : Kaspersky Lab
FileDescription : Kaspersky Anti-Virus
InternalName : AVP
LegalCopyright : Copyright © Kaspersky Lab 1996-2006.
LegalTrademarks : Kaspersky™ Anti-Virus ® is registered trademark of Kaspersky Lab.
OriginalFilename : AVP.EXE

#:16 [jusched.exe]
FilePath : D:\Program Files\Java\jre1.5.0_10\bin\
ProcessID : 700
ThreadCreationTime : 13-02-2007 22:19:34
BasePriority : Normal

#:17 [zlclient.exe]
FilePath : D:\Program Files\Zone Labs\ZoneAlarm\
ProcessID : 708
ThreadCreationTime : 13-02-2007 22:19:34
BasePriority : Normal
FileVersion : 6.5.737.000
ProductVersion : 6.5.737.000
ProductName : Zone Labs Client
CompanyName : Zone Labs, LLC
FileDescription : Zone Labs Client
InternalName : zlclient
LegalCopyright : Copyright © 1998-2006, Zone Labs, LLC
OriginalFilename : zlclient.exe

#:18 [msnmsgr.exe]
FilePath : D:\Program Files\MSN Messenger\
ProcessID : 756
ThreadCreationTime : 13-02-2007 22:19:36
BasePriority : Normal
FileVersion : 8.1.0178.00
ProductVersion : 8.1.0178
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msnmsgr.exe
LegalCopyright : Copyright (c) Microsoft Corporation. All rights reserved.
OriginalFilename : msnmsgr.exe

#:19 [svchost.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 1024
ThreadCreationTime : 13-02-2007 22:19:38
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:20 [wdfmgr.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 1180
ThreadCreationTime : 13-02-2007 22:19:44
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:21 [firefox.exe]
FilePath : D:\Program Files\Mozilla Firefox\
ProcessID : 856
ThreadCreationTime : 13-02-2007 22:21:35
BasePriority : Normal

#:22 [usnsvc.exe]
FilePath : D:\Program Files\MSN Messenger\
ProcessID : 3316
ThreadCreationTime : 13-02-2007 22:22:03
BasePriority : Normal
FileVersion : 8.1.0178.00
ProductVersion : 8.1.0178
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger Sharing USN Journal Reader Service
InternalName : usnsvc.exe
LegalCopyright : Copyright (c) Microsoft Corporation. All rights reserved.
OriginalFilename : usnsvc.exe

#:23 [spybotsd.exe]
FilePath : D:\Program Files\Spybot - Search & Destroy\
ProcessID : 2404
ThreadCreationTime : 13-02-2007 22:32:30
BasePriority : Normal
FileVersion : 1.4.0.3
ProductVersion : 1, 4, 0, 3
ProductName : SpyBot-S&D
CompanyName : Safer Networking Limited
FileDescription : Spybot - Search & Destroy
InternalName : SpybotSD
LegalCopyright : © 2000-2005 Patrick M. Kolla / Safer Networking Limited. Alle Rechte vorbehalten.
LegalTrademarks : "Spybot" und "Spybot - Search & Destroy" sind registrierte Warenzeichen.
OriginalFilename : SpyBotSD.exe
Comments : Software zum Entfernen von Spyware und ähnlichen Bedrohungen.

#:24 [aawsepersonal.exe]
FilePath : D:\DOCUMENTS AND SETTINGS\WAM\BUREAU\
ProcessID : 2040
ThreadCreationTime : 13-02-2007 22:35:51
BasePriority : Normal

#:25 [msiexec.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 3336
ThreadCreationTime : 13-02-2007 22:35:54
BasePriority : Normal

#:26 [msiexec.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 3652
ThreadCreationTime : 13-02-2007 22:35:56
BasePriority : Normal

#:27 [ad-aware.exe]
FilePath : D:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 268
ThreadCreationTime : 13-02-2007 22:36:38
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : invité@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : D:\Documents and Settings\Invité\Cookies\invité@doubleclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : invité@estat[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : D:\Documents and Settings\Invité\Cookies\invité@estat[1].txt

Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2

Deep scanning and examining files (F:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for F:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2

Scanning Hosts file......
Hosts file location:"D:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 2

Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2

00:14:34 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:26:54.361
Objects scanned:149333
Objects identified:2
Objects ignored:0
New critical objects:2


Rapport Spybot :


--- Search result list ---
Contrôle de service.: Le fichier Services.sbs manque. Svp utilisez la mise à jour pour en obtenir une nouvelle copie! ()

EverestPoker: Réglages désinstallation (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker

EverestPoker: Dossier Programme (Répertoire, nothing done)
D:\Program Files\Everest Poker\

EverestPoker: Exécutable (Fichier, nothing done)
D:\Program Files\Everest Poker\casino.exe

EverestPoker: Bibliothèque (Fichier, nothing done)
D:\Program Files\Everest Poker\gvcrt.dll

EverestPoker: Exécutable (Fichier, nothing done)
D:\Program Files\Everest Poker\gvmain.exe

EverestPoker: Donnée (Fichier, nothing done)
D:\Program Files\Everest Poker\data\shared\shared\bitmaps\btn_scroll.gvt

EverestPoker: Image (Fichier, nothing done)
D:\Program Files\Everest Poker\data\shared\shared\bitmaps\check.art

EverestPoker: Image (Fichier, nothing done)
D:\Program Files\Everest Poker\data\shared\shared\bitmaps\chips.art

EverestPoker: Fichier son (Fichier, nothing done)
D:\Program Files\Everest Poker\data\shared\shared\sounds\button.ogg

EverestPoker: Fichier son (Fichier, nothing done)
D:\Program Files\Everest Poker\data\shared\shared\sounds\carddeal.ogg

EverestPoker: Fichier son (Fichier, nothing done)
D:\Program Files\Everest Poker\data\shared\shared\sounds\cardflip.ogg

EverestPoker: Fichier son (Fichier, nothing done)
D:\Program Files\Everest Poker\data\shared\shared\sounds\chipclick.ogg

EverestPoker: Image (Fichier, nothing done)
D:\Program Files\Everest Poker\data\startup\shared\icons\ep.ico

EverestPoker: Fichier son (Fichier, nothing done)
D:\Program Files\Everest Poker\data\startup\shared\sounds\alert.ogg

MyWay.MyBar: Réglages (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\MyWay

MyWay.MyBar: Réglages globaux (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\Software\MyWay\myBar

Alexa Related: Lien (Remplacer le fichier, nothing done)
D:\WINDOWS\Web\related.htm

--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2007-02-13 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-01-02 Tools.dll (2.0.1.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-12-08 Includes\Dialer.sbi (*)
2006-10-27 Includes\Keyloggers.sbi (*)
2007-01-12 Includes\Malware.sbi (*)
2007-01-19 Includes\PUPS.sbi (*)
2006-12-08 Includes\Security.sbi (*)
2007-02-02 Includes\Spybots.sbi (*)
2006-12-08 Includes\Trojans.sbi (*)

--- System information ---
Windows XP (Build: 2600)
/ Internet Explorer 6 / SP0: Correctif Windows XP - Article Base de Connaissances 834707
/ MSXML4: Patch Available For XMLHTTP Vulnerability
/ Windows XP / SP1: Windows XP Hotfix (SP1) [See Q329048 for more information]
/ Windows XP / SP1: Windows XP Hotfix (SP1) Q329170
/ Windows XP / SP1: Windows XP Hotfix (SP1) [See Q329390 for more information]
/ Windows XP / SP1: Windows XP Hotfix (SP1) [See Q329441 for more information]
/ Windows XP / SP1: Windows XP Hotfix (SP1) [See Q329834 for more information]
/ Windows XP / SP1: Windows XP Hotfix (SP1) Q810577
/ Windows XP / SP1: Windows XP Hotfix (SP1) Q810833
/ Windows XP / SP1: Windows XP Hotfix (SP1) Q811630
/ Windows XP / SP1: Windows XP Hotfix (SP1) Q815021
/ Windows XP / SP1: Windows XP Hotfix (SP1) Q817606
/ Windows XP / SP2: Correctif Windows XP - KB823559
/ Windows XP / SP2: Correctif Windows XP - KB828741
/ Windows XP / SP2: Correctif Windows XP - KB835732
/ Windows XP / SP2: Correctif Windows XP - KB842773
/ Windows XP / SP2: Package du correctif Windows XP [voir Q323255 pour plus de détails]
/ Windows XP / SP2: Package du correctif Windows XP [voir Q329115 pour plus de détails]

--- Startup entries list ---
Located: HK_LM:Run,
command:
file:

Located: HK_LM:Run, kav
command: "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
file: D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
size: 139367
MD5: 69c7be814a10a6d9e584a297d76bb859

Located: HK_LM:Run, KernelFaultCheck
command: %systemroot%\system32\dumprep 0 -k
file: D:\WINDOWS\system32\dumprep.exe
size: 30208
MD5: aeed3f03a5869d0774bf8c75be4ba7a0

Located: HK_LM:Run, SunJavaUpdateSched
command: "D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
file: D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
size: 49263
MD5: 3aa5d60b77ce19b1f2521f532ab986e7

Located: HK_LM:Run, Zone Labs Client
command: "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
file: D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
size: 968696
MD5: 71514e2c74d554f5902dc184046eca3b

Located: HK_CU:Run, msnmsgr
command: "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
file: D:\Program Files\MSN Messenger\msnmsgr.exe
size: 5674352
MD5: a7efc7ea7ef6fb022a8a95813edcbe5d

Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll

Located: System.ini, klogon
command: D:\WINDOWS\System32\klogon.dll
file: D:\WINDOWS\System32\klogon.dll
size: 28778
MD5: 7072750eb5c0f0cd54b48f972855ca61

Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll

Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll

--- Browser helper object list ---
{7E853D72-626A-48EC-A868-BA8D5E23E045} ()
BHO name:
CLSID name:

--- ActiveX list ---
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_10
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
Path: D:\Program Files\Java\jre1.5.0_10\bin\
Long name: NPJPI150_10.dll
Short name: NPJPI1~1.DLL
Date (created): 09/11/2006 15:07:34
Date (last access): 06/02/2007 01:01:52
Date (last write): 09/11/2006 15:21:54
Filesize: 75528
Attributes: archive
MD5: 635F4B3A0F1C661B5CEDE628BA85E46B
CRC32: 0C9B7145
Version: 5.0.100.3

--- Process list ---
PID: 0 ( 0) [System]
PID: 732 ( 4) \SystemRoot\System32\smss.exe
PID: 784 ( 732) \??\D:\WINDOWS\system32\csrss.exe
PID: 808 ( 732) \??\D:\WINDOWS\system32\winlogon.exe
PID: 852 ( 808) D:\WINDOWS\system32\services.exe
size: 101888
MD5: FC0691097471EE374907E1024EDCBD43
PID: 864 ( 808) D:\WINDOWS\system32\lsass.exe
size: 11776
MD5: 2C2431B30A629123C1757582C9D93F38
PID: 1032 ( 852) D:\WINDOWS\system32\svchost.exe
size: 12800
MD5: 333A4DB8410D8E24DB06D6AEBECDC7C2
PID: 1124 ( 852) D:\WINDOWS\System32\svchost.exe
size: 12800
MD5: 333A4DB8410D8E24DB06D6AEBECDC7C2
PID: 1272 ( 852) D:\WINDOWS\System32\svchost.exe
size: 12800
MD5: 333A4DB8410D8E24DB06D6AEBECDC7C2
PID: 1292 ( 852) D:\WINDOWS\System32\svchost.exe
size: 12800
MD5: 333A4DB8410D8E24DB06D6AEBECDC7C2
PID: 1336 ( 852) D:\WINDOWS\system32\ZoneLabs\vsmon.exe
size: 75768
MD5: A9062968DF9419FA45ACF044B4D9F5AC
PID: 1788 ( 852) D:\WINDOWS\system32\spoolsv.exe
size: 51200
MD5: B1CE5287F096895D9BE26EB86F4D5FAF
PID: 244 ( 852) D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
size: 139367
MD5: 69C7BE814A10A6D9E584A297D76BB859
PID: 320 (2004) D:\WINDOWS\Explorer.EXE
size: 1005056
MD5: 9E20A8EF0CA524446AFEE29F4423CC8F
PID: 512 ( 852) D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
size: 217600
MD5: AB2B9349ADA4AC5EC74B622B8303FE23
PID: 688 ( 320) D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
size: 139367
MD5: 69C7BE814A10A6D9E584A297D76BB859
PID: 700 ( 320) D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
size: 49263
MD5: 3AA5D60B77CE19B1F2521F532AB986E7
PID: 708 ( 320) D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
size: 968696
MD5: 71514E2C74D554F5902DC184046ECA3B
PID: 756 ( 320) D:\Program Files\MSN Messenger\msnmsgr.exe
size: 5674352
MD5: A7EFC7EA7EF6FB022A8A95813EDCBE5D
PID: 1024 ( 852) D:\WINDOWS\System32\svchost.exe
size: 12800
MD5: 333A4DB8410D8E24DB06D6AEBECDC7C2
PID: 1180 ( 852) D:\WINDOWS\System32\wdfmgr.exe
size: 38912
MD5: AB0A7CA90D9E3D6A193905DC1715DED0
PID: 856 ( 320) D:\Program Files\Mozilla Firefox\firefox.exe
size: 6621808
MD5: 9164AF68AC4ACCC74BD384C72F4DEA42
PID: 3316 ( 852) D:\Program Files\MSN Messenger\usnsvc.exe
size: 97136
MD5: C5B70A6AA947667CE0E5FC84A05EC8B6
PID: 3652 ( 852) D:\WINDOWS\System32\msiexec.exe
size: 63488
MD5: 50BD35AAB565E12E4E85BDD4252A5FA2
PID: 3596 (2340) D:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System

--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 14/02/2007 00:46:35

--- Winsock Layered Service Provider list ---

--- Uninstall list ---
(AddressBook)

Adobe Download Manager 1.2 (Supprimer uniquement) (AdobeESD)
uninstall cmd: "D:\Program Files\Fichiers communs\Adobe\ESD\uninst.exe"

Advanced WMA Workshop version 2.1 2.1 (Advanced WMA Workshop_is1)
uninstall cmd: "D:\Program Files\LitexMedia\Advanced WMA Workshop\unins000.exe"
publisher: Advanced WMA Workshop
help link: https://www.litexmedia.com/support.html

Alcohol Toolbar 3.2.0.0 (Alcohol Toolbar)
version (major): 1
version (minor): 9
install location: D:\Program Files\Alcohol Toolbar
uninstall cmd: "D:\WINDOWS\Alcohol_Toolbar_Uninstaller_1205.exe" _?=D:\Program Files\Alcohol Toolbar

ATI Display Driver (ATI Display Driver)
uninstall cmd: rundll32 D:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean

Boilsoft ASF Converter 2.68 (Boilsoft ASF Converter_is1)
install location: D:\Program Files\Boilsoft ASF Converter\
uninstall cmd: "D:\Program Files\Boilsoft ASF Converter\unins000.exe"
publisher: Boilsoft
help link: https://www.boilsoft.com/

(Branding)

BSPlayer (BSPlayer1)
uninstall cmd: "D:\Program Files\Webteh\BSPlayer\uninstall.exe"

CCleaner (remove only) (CCleaner)
uninstall cmd: "D:\Program Files\CCleaner\uninst.exe"

CloneCD (CloneCD)
install location: D:\Program Files\SlySoft\CloneCD
uninstall cmd: "D:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D="D:\Program Files\SlySoft\CloneCD"
publisher: SlySoft

CloneDVD2 (CloneDVD2)
install location: D:\Program Files\Elaborate Bytes\CloneDVD2
uninstall cmd: "D:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="D:\Program Files\Elaborate Bytes\CloneDVD2"
publisher: Elaborate Bytes

(Connection Manager)

(DirectAnimation)

(DirectDrawEx)

DVD Shrink 3.2 (DVD Shrink_is1)
install location: D:\Program Files\DVD Shrink\
uninstall cmd: "D:\Program Files\DVD Shrink\unins000.exe"
publisher: DVD Shrink
help link: http://www.dvdshrink.org

eMule (eMule)
uninstall cmd: "D:\Program Files\eMule\Uninstall.exe"

EVEREST Home Edition v2.20 2.20 (EVEREST Home Edition_is1)
install location: D:\Program Files\Lavalys\EVEREST Home Edition\
uninstall cmd: "D:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
publisher: Lavalys Inc
help link: http://www.lavalys.com

Everest Poker (Remove Only) (Everest Poker)
uninstall cmd: D:\Program Files\Everest Poker\cstart.exe /uninstall

(Fontcore)

Gif Movie Gear 4 4.0.2 (GifMovieGear 4)
version (major): 4
install location: D:\Program Files\Visicom Media\GifMovieGear 4
uninstall cmd: "D:\Program Files\Visicom Media\GifMovieGear 4\uninst-gmg.exe"

Google Video Player (GoogleVideoPlayer)
uninstall cmd: "D:\Program Files\Google\Google Video Player\Uninstall.exe"

Half-Life (Half-Life)
uninstall cmd: C:\SIERRA\HALF-L~1\UNWISE.EXE C:\SIERRA\HALF-L~1\INSTALL.LOG

HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: D:\Documents and Settings\wam\Bureau\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.

(ICW)

(IE40)

(IE4Data)

(IE5BAKEX)

(IEData)

(InstallShield Uninstall Information)

Belkin Wireless Setup utility 2.4.6(H3010D56) (InstallShield_{A0BBC906-9A33-4C79-A26A-758ED3503769})
version (major): 2
version (minor): 4
estimated size: 2965
install date: 20040922
install source: E:\Files\
uninstall cmd: D:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{A0BBC906-9A33-4C79-A26A-758ED3503769} /l1036 REMOVEREMOVEREMOVEREMOVEREMOVE
publisher: Belkin
comments: Belkin wireless card
contact: Customer Support Department
help link: https://www.belkin.com/fr/
help telephone: N/A
readme: Readme.txt

QuickTime 7.1 (InstallShield_{C21D5524-A970-42FA-AC8A-59B8C7CDCA31})
version: 117506048
version (major): 7
version (minor): 1
estimated size: 71615
install date: 20060911
install location: D:\Program Files\QuickTime\
install source: D:\DOCUME~1\wam\LOCALS~1\Temp\_is234\
uninstall cmd: D:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1036
publisher: Apple Computer, Inc.
contact: Assistance AppleCare
help link: https://support.apple.com/fr-fr
help telephone: (33) 0825 888 024

Kaspersky Anti-Virus 6.0 6.0.0.303 (InstallWIX_{75193929-9A52-4CA4-98DE-8C7296940920})
uninstall cmd: MsiExec.exe /I{75193929-9A52-4CA4-98DE-8C7296940920}
publisher: Kaspersky Lab
help link: http://www.kaspersky.com/fr/service

IsoBuster 2.0 2.0 (IsoBuster_is1)
install date: 20070206
install location: D:\Program Files\Smart Projects\IsoBuster\
uninstall cmd: "D:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
publisher: Smart Projects
help link: https://www.isobuster.com/

JavaScript FH Plus Demo 1.0.2 (JavaScript FH Plus Demo)
uninstall cmd: "C:\Program Files\Emtec.No\Javascriptfhplusdemo\Uninstall\uninst.exe"

Correctif Windows XP - KB823559 20030701.220507 (KB823559)
uninstall cmd: D:\WINDOWS\$NtUninstallKB823559$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/823559

Correctif Windows XP - KB828741 20040305.180728 (KB828741)
uninstall cmd: D:\WINDOWS\$NtUninstallKB828741$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/828741/ms04-012-cumulative-update-for-microsoft-rpc-dcom

Correctif Windows XP - Article Base de Connaissances 834707 20040929.115007 (KB834707-IE6-20040929.115007)
uninstall cmd: D:\WINDOWS\$NtUninstallKB834707-IE6-20040929.115007$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/834707

Correctif Windows XP - KB835732 20040329.172648 (KB835732)
uninstall cmd: D:\WINDOWS\$NtUninstallKB835732$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/835732/ms04-011-security-update-for-microsoft-windows

Correctif Windows XP - KB842773 20040805.140010 (KB842773)
uninstall cmd: D:\WINDOWS\$NtUninstallKB842773$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/842773

Lexmark 2300 Series (Lexmark 2300 Series)
uninstall cmd: D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxcgUNST.EXE -NOLICENSE

Solutions de télécopie Lexmark (Lexmark Fax Solutions)
uninstall cmd: D:\Program Files\Lexmark Fax Solutions\Install\x86\Uninst.exe
publisher: Lexmark International, Inc.
help link: http://support.lexmark.com/index?page=productSelection&channel=supportAndDownloads&locale=en&userlocale=EN_US

Logitech Print Service (Logitech Print Service)
uninstall cmd: D:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE D:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG

(Microsoft NetShow Player 2.0)

(MobileOptionPack)

Mozilla Firefox (1.0) 1.0 (fr-FR) (Mozilla Firefox (1.0))
install location: D:\Program Files\Mozilla Firefox
uninstall cmd: D:\WINDOWS\UninstallFirefox.exe /ua "1.0 (fr-FR)"
publisher: Mozilla

Mozilla Firefox (1.5) 1.5 (fr) (Mozilla Firefox (1.5))
install location: D:\Program Files\Mozilla Firefox
uninstall cmd: D:\Program Files\Mozilla Firefox\uninstall\uninstall.exe /ua "1.5 (fr)"
publisher: Mozilla

(MPlayer2)

(MSMSGS)

(NetMeeting)

NVIDIA Drivers (NVIDIA Drivers)
uninstall cmd: D:\WINDOWS\System32\nvudisp.exe UninstallGUI

OSS Video Converter 5.5.0.5 (OSS Video Converter_is1)
install location: D:\Program Files\OSS\Video Converter\
uninstall cmd: "D:\Program Files\OSS\Video Converter\unins000.exe"
publisher: OneStopSoft
help link: http://www.OneStopSoft.com

(OutlookExpress)

(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf

PrimoPDF 2.0 (PrimoPDF2.0)
uninstall cmd: "D:\WINDOWS\PrimoPDF\uninstall.exe" "/U:D:\Program Files\activePDF\PrimoPDF\Uninstall\uninstall.xml"
publisher: activePDF
contact: activePDF Support Department
help link: https://www.primopdf.com/

Windows XP Hotfix (SP1) [See Q329048 for more information] (Q329048)
uninstall cmd: D:\WINDOWS\$NtUninstallQ329048$\spuninst\spuninst.exe

Package du correctif Windows XP [voir Q329115 pour plus de détails] (Q329115)
uninstall cmd: D:\WINDOWS\$NtUninstallQ329115$\spuninst\spuninst.exe

Windows XP Hotfix (SP1) Q329170 20030102.115458 (Q329170)
uninstall cmd: D:\WINDOWS\$NtUninstallQ329170$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: Pour plus d'informations, consultez Q329170 à l'adresse https://support.microsoft.com/en-us

Windows XP Hotfix (SP1) [See Q329390 for more information] (Q329390)
uninstall cmd: D:\WINDOWS\$NtUninstallQ329390$\spuninst\spuninst.exe

Windows XP Hotfix (SP1) [See Q329441 for more information] (Q329441)
uninstall cmd: D:\WINDOWS\$NtUninstallQ329441$\spuninst\spuninst.exe
publisher: Microsoft Corporation

Windows XP Hotfix (SP1) [See Q329834 for more information] (Q329834)
uninstall cmd: D:\WINDOWS\$NtUninstallQ329834$\spuninst\spuninst.exe

Windows XP Hotfix (SP1) Q810577 20021118.133626 (Q810577)
uninstall cmd: D:\WINDOWS\$NtUninstallQ810577$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: Pour plus d'informations, consultez Q810577 à l'adresse https://support.microsoft.com/en-us

Windows XP Hotfix (SP1) Q810833 20021203.200852 (Q810833)
uninstall cmd: D:\WINDOWS\$NtUninstallQ810833$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: Pour plus d'informations, consultez Q810833 à l'adresse https://support.microsoft.com/en-us

Windows XP Hotfix (SP1) Q815021 20030502.110434 (Q815021)
uninstall cmd: D:\WINDOWS\$NtUninstallQ815021$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/815021

Windows XP Hotfix (SP1) Q817606 20030331.103325 (Q817606)
uninstall cmd: D:\WINDOWS\$NtUninstallQ817606$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/817606

Programme de gestion Camera de Logitech® (QcDrv)
install location: D:\Program Files\Fichiers communs\Logitech\QCDRV
install source: G:\Drivers\Bin\
uninstall cmd: "D:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT

(RealJukebox 1.0)
uninstall cmd: D:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

RealPlayer (RealPlayer 6.0)
uninstall cmd: D:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

(SchedulingAgent)

Shadow Force: Razor Unit (Shadow Force: Razor Unit)
uninstall cmd: D:\WINDOWS\IsUninst.exe -f"D:\Program Files\Activision Value\FUN labs\Razor Unit\Uninst.isu"

Adobe Flash Player 9 ActiveX 9 (ShockwaveFlash)
uninstall cmd: D:\WINDOWS\System32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
publisher: Adobe Systems Incorporated
help link: https://helpx.adobe.com/flash-player.html

Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: D:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "D:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited

Steam (Steam)
uninstall cmd: D:\PROGRA~1\Valve\Steam\UNWISE.EXE D:\PROGRA~1\Valve\Steam\INSTALL.LOG
publisher: Valve
help link: https://store.steampowered.com/

TVUPlayer 2.2.1.23 Beta 2.2.1.23 (TVUPlayer)
uninstall cmd: D:\Program Files\TVUPlayer\uninst.exe
publisher: TVU networks, Inc.

UltimateBet (UltimateBet)
uninstall cmd: D:\PROGRA~1\ULTIMA~1\UNWISE.EXE D:\PROGRA~1\ULTIMA~1\INSTALL.LOG

UltraSnap Trial 1.8 (UltraSnap Trial_is1)
uninstall cmd: "D:\Program Files\UltraSnap\unins000.exe"
publisher: MediaChance
help link: https://www.mediachance.com/

Unlocker 1.8.5 1.8.5 (Unlocker)
uninstall cmd: D:\Program Files\Unlocker\uninst.exe
publisher: Cedrick Collomb

VideoLAN VLC media player 0.8.5 0.8.5 (VLC media player)
uninstall cmd: D:\Program Files\VideoLAN\VLC\uninstall.exe
publisher: VideoLAN Team

Windows Genuine Advantage Notifications (KB905474) 1.5.0540.0 (WgaNotify)
install date: 20060721
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us/help/905474

William Hill Poker (WilliamHillPokerXP)
uninstall cmd: D:\WINDOWS\System32\UnPoker.exe WilliamHillPokerXP

Winamp (remove only) (Winamp)
uninstall cmd: "D:\Program Files\Winamp\UninstWA.exe"

Windows Media Format Runtime (Windows Media Format Runtime)
uninstall cmd: "D:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Lecteur Windows Media 10 (Windows Media Player)
uninstall cmd: "D:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

WinISO 5.3 (WinISO_is1)
uninstall cmd: "D:\Program Files\WinISO\unins000.exe"
publisher: WinISO Computing Inc.
help link: http://www.winiso.com

Archiveur WinRAR (WinRAR archiver)
uninstall cmd: D:\Program Files\WinRAR\uninstall.exe

ZoneAlarm Pro 6.5.737.000 (ZoneAlarm Pro)
uninstall cmd: D:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
publisher: Zone Labs, Inc
help link: D:\Program Files\Zone Labs\ZoneAlarm\Aide\zaclients.chm

Microsoft Office 2000 Premium 9.00.2720 ({0000040C-78E1-11D2-B60F-006097C998E7})
version: 150997664
version (major): 9
estimated size: 204118
install date: 20040922
install source: F:\
uninstall cmd: MsiExec.exe /I{0000040C-78E1-11D2-B60F-006097C998E7}
publisher: Microsoft Corporation
help link: https://support.microsoft.com/en-us
readme: D:\Program Files\Microsoft Office\Office\ofread9.txt

Google Toolbar for Internet Explorer ({2318C2B1-4965-11d4-9B18-009027A5CD4F})
uninstall cmd: regsvr32 /u /s "d:\program files\google\googletoolbar3.dll"

J2SE Runtime Environment 5.0 Update 10 1.5.0.100 ({3248F0A8-6813-11D6-A77B-00B0D0150100})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 123021
install date: 20070205
install source: http://javadl.sun.com/webapps/download/GetFile/1.5.0_10-b03/windows-i586//
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
publisher: Sun Microsystems, Inc.
contact: https://www.java.com/en/
help link: https://www.java.com/en/
readme: D:\Program Files\Java\jre1.5.0_10\README.txt

WebFldrs XP 9.50.5318 ({350C97B8-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154277062
version (major): 9
version (minor): 50
estimated size: 2668
install date: 20040922
install source: D:\WINDOWS\System32\
publisher: Microsoft Corporation
help link: https://www.microsoft.com/en-us/windows/

Google Earth 4.0.1693 ({3DE5E7D4-7B88-403C-A3FD-2017A8240C5B})
version: 67110557
install date: 20060803
install location: D:\Program Files\Google\Google Earth
install source: C:\Downloads\GoogleEarthWin.exe
uninstall cmd: RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x40c -removeonly
publisher: Google

Analyseur et SDK XML Microsoft 4.10.9406.0 ({3E908702-AF35-4611-9518-955DA24B7E07})
version: 67773630
version (major): 4
version (minor): 10
estimated size: 4435
install date: 20060721
install source: D:\DOCUME~1\wam\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{3E908702-AF35-4611-9518-955DA24B7E07}
publisher: Microsoft Corporation
help link: http://www.msdn.microsoft.com/xml

Logitech QuickCam 8.20.0000 ({466B21EE-2858-4845-B2B3-056FC544DAA3})
version: 135528448
version (major): 8
version (minor): 20
estimated size: 249517
install date: 20040922
install location: D:\Program Files\Logitech\Video\
install source: G:\QuickCam\fra\
uninstall cmd: MsiExec.exe /I{466B21EE-2858-4845-B2B3-056FC544DAA3}
publisher: Logitech, Inc.
contact: Service clientèle de Logitech®
help link: https://support.logi.com/hc/en-001
help telephone: +33-(0) 1-43 62 34 14
readme: D:\Program Files\Logitech\Video\Readme.txt

Adobe® Photoshop® Album Edition Découverte 3.0 3.00.000 ({4BDFD2CE-6329-42E4-9801-9B3D1F10D79B})
version: 50331648
version (major): 3
estimated size: 18465
install date: 20060910
install location: D:\Program Files\Adobe\Photoshop Album Edition Découverte\
install source: D:\WINDOWS\Downloaded Installations\{8379D168-79F6-4394-81A2-BB1944E8F892}\
uninstall cmd: MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
publisher: Adobe Systems, Inc.
readme: D:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\LisezMoi.txt

Battlefield 1942 ({698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65})
install location: D:\Program Files\EA GAMES\Battlefield 1942
uninstall cmd: RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}\setup.exe" -l0x40c

Kaspersky Anti-Virus 6.0 ({75193929-9A52-4CA4-98DE-8C7296940920})
estimated size: 11228

Ad-Aware SE Personal 1.0.6 ({78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747})
version: 16777222
version (major): 1
estimated size: 3065
install date: 20070213
install source: D:\Program Files\Fichiers communs\Wise Installation Wizard\
uninstall cmd: MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}
publisher: Lavasoft AB
help link: https://forum.adaware.com/

({8851E12C-0EF9-11D4-A788-009027ABA5D0})

CDBurnerXP Pro 3 3.0.116 ({896D642C-7125-44F0-AC49-A23ABF82209C})
version: 50331764
version (major): 3
estimated size: 26336
install date: 20060803
install location: D:\Program Files\CDBurnerXP Pro 3\
install source: D:\DOCUME~1\wam\LOCALS~1\Temp\_is4D\
uninstall cmd: MsiExec.exe /I{896D642C-7125-44F0-AC49-A23ABF82209C}
publisher: Free Software
contact: stha64@telia.com
help link: http://web.cdburnerxp.se/forums/

Logitech Desktop Messenger 2.30.04 ({900B1197-53F5-4F46-A882-2CFFFE2EEDCB})
uninstall cmd: RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
publisher: Logitech, Inc.
contact: Logitech Customer Support
help link: www.logitech.com/support

Belkin Wireless Setup utility 2.4.6(H3010D56) ({A0BBC906-9A33-4C79-A26A-758ED3503769})
version (major): 2
version (minor): 4
estimated size: 2965
install date: 20040922
install source: E:\Files\
publisher: Belkin
comments: Belkin wireless card
contact: Customer Support Department
help link: https://www.belkin.com/fr/
help telephone: N/A
readme: Readme.txt

Adobe Reader 7.0.8 - Français 7.0.8 ({AC76BA86-7AD7-1036-7B44-A70000000000})
version: 117440520
version (major): 7
estimated size: 80222
install date: 20060723
install source: D:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\FRA\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000}
publisher: Adobe Systems Incorporated
comments:
contact:
help link: https://helpx.adobe.com/support.html
help telephone:
readme: D:\Program Files\Adobe\Acrobat 7.0\Reader\Readme.htm

ABBYY FineReader 6.0 Sprint 6.00.1395.41612 ({ACF60000-22B9-4CE9-98D6-2CCF359BAC07})
version: 100664691
version (major): 6
estimated size: 122401
install date: 20060722
install location: D:\Program Files\Abbyy FineReader 6.0 Sprint\
install source: E:\OCR\Abbyy\
uninstall cmd: MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
publisher: ABBYY Software House
contact: support@abbyy.com
help link: https://support.abbyy.com/hc/en-us/

Battlefield 1942: Secret Weapons of WWII ({B73B4A99-4173-4747-BBEC-0F05E966F9D2})
uninstall cmd: RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{B73B4A99-4173-4747-BBEC-0F05E966F9D2}\setup.exe" -l0x40c

QuickTime 7.1 ({C21D5524-A970-42FA-AC8A-59B8C7CDCA31})
version: 117506048
version (major): 7
version (minor): 1
estimated size: 71615
install date: 20060911
install location: D:\Program Files\QuickTime\
install source: D:\DOCUME~1\wam\LOCALS~1\Temp\_is234\
publisher: Apple Computer, Inc.
contact: Assistance AppleCare
help link: https://support.apple.com/fr-fr
help telephone: (33) 0825 888 024

Battlefield 1942: The Road To Rome ({D057AA08-8CBF-42E3-9EAB-23B8FED1C279})
uninstall cmd: RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}\setup.exe" -l0x40c

Counter-Strike(TM) 1.0.0.0 ({DF5A03CC-D5AA-43D8-B948-D9903F2AF94A})
version: 16777216
version (major): 1
estimated size: 2528018
install date: 20060723
install source: F:\
uninstall cmd: MsiExec.exe /I{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}
publisher: Valve
comments: Counter-Strike
help link: https://help.steampowered.com/en/

({E9F81423-211E-46B6-9AE0-38568BC5CF6F})

Windows Live Messenger 8.1.0178.00 ({F6326B60-1B1D-4ABF-BFCD-7B7404F44411})
version: 134283442
version (major): 8
version (minor): 1
estimated size: 32190
install date: 20070204
install source: D:\DOCUME~1\wam\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
publisher: Microsoft Corporation

Windows Live Sign-in Assistant 4.000.248.1 ({F652D238-5F29-42D5-BAF3-0115EF977EC2})
version: 67109112
version (major): 4
estimated size: 1132
install date: 20060723
install source: D:\DOCUME~1\wam\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{F652D238-5F29-42D5-BAF3-0115EF977EC2}
publisher: Microsoft Corporation

--- System Services ---
Service (registry key): Abiosdsk
Start: 4
Type: 1
Error Control: 0

Service (registry key): abp480n5
Start: 4
Type: 1
Error Control: 1

Service (registry key): ACPI
Display name: Pilote ACPI Microsoft
Image path: System32\DRIVERS\ACPI.sys
Image size: 180096
Image MD5: 34128BB2AB7BD69C72017BE7FCF8BE34
Start: 0
Type: 1
Error Control: 1

Service (registry key): ACPIEC
Start: 4
Type: 1
Error Control: 1

Service (registry key): adpu160m
Start: 4
Type: 1
Error Control: 1

Service (registry key): aec
Display name: Suppresseur d'écho acoustique (Noyau Microsoft)
Image path: system32\drivers\aec.sys
Image size: 122472
Image MD5: B45A744CA0A15A59D8B0307CE9741E92
Start: 3
Type: 1
Error Control: 1

Service (registry key): AFD
Display name: Environnement de prise en charge de réseau AFD
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 12
ioulkos
 
up
0
Réponse 6 / 12
ioulkos
 
UP²
0
Réponse 7 / 12
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Salut

Manque les rapports demandés ==> AVG + BITDEFENDER
0
Réponse 8 / 12
ioulkos
 
Ok.
Mais ça va pas entrer en conflit avec Kaspersky ?
0
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
NON, du tout
Ce sont des rapports, des analyses si tu veux

A++
0
Réponse 9 / 12
ioulkos
 
Ok. Je ne sais pas pourquoi, mais j'avais lu qu'avoir plusieurs antivirus pouvaient amener des problèmes.
0
Réponse 10 / 12
ioulkos
 
Kaspersky m'a signéla qu'un composant de directX pouvait petre considéré comme un trojan. Que faire ?
0
Réponse 11 / 12
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Slt

Refais un rapport Hitjakthis
stp
Merci

0
Réponse 12 / 12
julio
 
rapport AVG :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 18:22:55 15/02/2007

+ Résultat de l'analyse:

:mozilla.14:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.16:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.17:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.18:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.19:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.146:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.81:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.82:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.83:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.151:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.152:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.24:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.71:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.20:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.10:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.11:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.9:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
D:\Documents and Settings\wam\Cookies\wam@fastclick[2].txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.40:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.118:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.119:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.120:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.121:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.92:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.93:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.94:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.95:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.96:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.97:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.49:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.50:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.51:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.122:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.69:D:\Documents and Settings\wam\Application Data\Mozilla\Firefox\Profiles\369zb78e.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.

Fin du rapport

Rapport HIJACK :

Logfile of HijackThis v1.99.1
Scan saved at 18:27:37, on 15/02/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\Documents and Settings\wam\Bureau\programmes bien sympas\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 192.168.0
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [kav] "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{422EDC99-4D30-4A84-BC79-9AB73A78E106}: NameServer = 85.255.115.26,85.255.112.166
O17 - HKLM\System\CCS\Services\Tcpip\..\{47FD4825-B786-46FF-B1B3-11B00E6F2CD4}: NameServer = 85.255.115.26,85.255.112.166
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD2B1EA1-3B84-423A-91CE-62D6BB954E0D}: NameServer = 85.255.115.26,85.255.112.166
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.26 85.255.112.166
O17 - HKLM\System\CS2\Services\Tcpip\..\{422EDC99-4D30-4A84-BC79-9AB73A78E106}: NameServer = 85.255.115.26,85.255.112.166
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.26 85.255.112.166
O17 - HKLM\System\CS3\Services\Tcpip\..\{422EDC99-4D30-4A84-BC79-9AB73A78E106}: NameServer = 85.255.115.26,85.255.112.166
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.26 85.255.112.166
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: klogon - D:\WINDOWS\System32\klogon.dll
O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - D:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - D:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)

Voilou.
0
ioulkos
 
julio = ioulkos.
0
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279 > ioulkos
 
Slt

Tu en es où ??


Télécharge Fixwareout à partir d'un des deux sites sur ton bureau :
http://downloads.subratam.org/Fixwareout.exe
http://swandog46.geekstogo.com/Fixwareout.exe

Lance le fix : clique sur "Next" -> "Install" et assure toi que "Run fixit" est activé puis clique sur "Finish".
Le fix va alors commencer - suis les messages à l'écran.
Il te sera demandé de redémarrer ton ordinateur, fais le.
Ton système mettra un peu plus de temps au démarrage, c'est normal.

Quand ton système aura redémarré, suis les invites des messages. Ensuite, lance HijackThis, puis clique sur “Do a system scan only” et coche ces lignes puis clique sur "Fix checked":


O17 - HKLM\System\CCS\Services\Tcpip\..\{422EDC99-4D30-4A84-BC79-9AB73A78E106}: NameServer = 85.255.115.26,85.255.112.166
O17 - HKLM\System\CCS\Services\Tcpip\..\{47FD4825-B786-46FF-B1B3-11B00E6F2CD4}: NameServer = 85.255.115.26,85.255.112.166
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD2B1EA1-3B84-423A-91CE-62D6BB954E0D}: NameServer = 85.255.115.26,85.255.112.166
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.26 85.255.112.166
O17 - HKLM\System\CS2\Services\Tcpip\..\{422EDC99-4D30-4A84-BC79-9AB73A78E106}: NameServer = 85.255.115.26,85.255.112.166
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.26 85.255.112.166
O17 - HKLM\System\CS3\Services\Tcpip\..\{422EDC99-4D30-4A84-BC79-9AB73A78E106}: NameServer = 85.255.115.26,85.255.112.166
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.26 85.255.112.166
…/…

À la fin du fix, tu auras peut-être encore besoin de redémarrer le PC.

Au final, copie/colle le contenu du rapport qui va s'afficher à l'écran (report.txt) avec un nouveau rapport HijackThis.


Télécharge ceci pour récupérer ta connexion : au cas où ::

http://babin.nelly.free.fr/WinsockFix.zip






0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Coco Chat : nouveau lien !
LoupiotteDesTenebres -
brucine -

9 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
Huawei P8 Lite "nouveau tag ajouté"
ArianeKathleen -
Mn -

25 réponses