Help pc qui ram infecté de virus ou spyware !
Résolu/Fermé
babish
Messages postés
34
Date d'inscription
samedi 7 juin 2008
Statut
Membre
Dernière intervention
9 juin 2008
-
8 juin 2008 à 09:45
babish Messages postés 34 Date d'inscription samedi 7 juin 2008 Statut Membre Dernière intervention 9 juin 2008 - 9 juin 2008 à 21:05
babish Messages postés 34 Date d'inscription samedi 7 juin 2008 Statut Membre Dernière intervention 9 juin 2008 - 9 juin 2008 à 21:05
A voir également:
- Help pc qui ram infecté de virus ou spyware !
- Pc qui rame - Guide
- Benchmark pc - Guide
- Reinitialiser pc - Guide
- Whatsapp pc - Télécharger - Messagerie
- Double ecran pc - Guide
47 réponses
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
8 juin 2008 à 18:26
8 juin 2008 à 18:26
bon ... on va passer à autre chose :
Fais EXACTEMENT ce qui suit :
Télécharges ComboFix (par sUBs) sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe <--- clik droit sur ce lien et choisis "enregistrer la cible sous ... " : dans la fenêtre qui s'ouvre tape C-Fix et valide .
----------------------------------------------- ATTENTION ---------------------------------------------------------------
!! déconnectes toi,fermes tes applications en cours et DESACTIVES TES DEFENCES (anti-virus, guardes anti spy-ware, pare-feu) le temps de la manipe , tu les réactiveras après !!
--->Important : si tu rencontres des difficultés à ce niveau là, fais m'en part avant de poursuivre ...
---------------------------------------------------------------------------------------------------------------------------------
Ensuite :
double-cliques C-Fix.exe ( = combofix.exe ) .
Appuyes sur la touche Y (Yes) pour démarrer le scan .
Attention : n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
---> si un message d'erreur windows apparait à un momment , clik sur la croix en haut à droite de la fenêtre pour la fermer ( et pas sur autre chose ! )
Le rapport sera crée dans: C:\Combofix.txt
Postes le rapport combo fix et un nouveau rapport hijackthis pour analyse ...
Tuto ( aide ) ici : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
Fais EXACTEMENT ce qui suit :
Télécharges ComboFix (par sUBs) sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe <--- clik droit sur ce lien et choisis "enregistrer la cible sous ... " : dans la fenêtre qui s'ouvre tape C-Fix et valide .
----------------------------------------------- ATTENTION ---------------------------------------------------------------
!! déconnectes toi,fermes tes applications en cours et DESACTIVES TES DEFENCES (anti-virus, guardes anti spy-ware, pare-feu) le temps de la manipe , tu les réactiveras après !!
--->Important : si tu rencontres des difficultés à ce niveau là, fais m'en part avant de poursuivre ...
---------------------------------------------------------------------------------------------------------------------------------
Ensuite :
double-cliques C-Fix.exe ( = combofix.exe ) .
Appuyes sur la touche Y (Yes) pour démarrer le scan .
Attention : n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
---> si un message d'erreur windows apparait à un momment , clik sur la croix en haut à droite de la fenêtre pour la fermer ( et pas sur autre chose ! )
Le rapport sera crée dans: C:\Combofix.txt
Postes le rapport combo fix et un nouveau rapport hijackthis pour analyse ...
Tuto ( aide ) ici : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
babish
Messages postés
34
Date d'inscription
samedi 7 juin 2008
Statut
Membre
Dernière intervention
9 juin 2008
8 juin 2008 à 19:01
8 juin 2008 à 19:01
ComboFix 08-06-07.3 - Yesim 2008-06-08 18:34:16.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.136 [GMT 2:00]
Endroit: C:\Documents and Settings\Yesim\Bureau\C-Fix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\config.ini
C:\WINDOWS\system\msvbvm60.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NWSAPAGENT
-------\Service_NwSapAgent
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-08 to 2008-06-08 ))))))))))))))))))))))))))))))))))))
.
2008-06-08 12:56 . 2008-06-08 12:56 <REP> d-------- C:\Documents and Settings\Yesim\Application Data\Malwarebytes
2008-06-08 12:55 . 2008-06-08 12:55 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-08 12:55 . 2008-06-08 12:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-08 12:55 . 2008-06-05 16:04 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-08 12:55 . 2008-06-05 16:04 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-07 19:48 . 2008-06-07 19:48 9 --a------ C:\WINDOWS\system32\client.sid
2008-06-07 19:26 . 2008-06-07 19:26 <REP> d-------- C:\WINDOWS\MaxTV
2008-06-07 19:26 . 2008-06-07 21:40 <REP> d-------- C:\Program Files\DMV
2008-06-07 19:08 . 2008-06-07 19:09 <REP> d-------- C:\Program Files\Tvnet Online Media Center 3.5
2008-06-07 16:30 . 2008-06-07 16:30 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb
2008-06-07 16:30 . 2008-06-07 16:30 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb
2008-06-07 13:34 . 2008-06-07 13:34 <REP> d-------- C:\Documents and Settings\Yesim\Application Data\Grisoft
2008-06-07 13:33 . 2008-06-07 13:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-06-07 13:33 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-06-07 12:51 . 2008-06-08 12:32 <REP> d-------- C:\Program Files\Navilog1
2008-06-06 12:16 . 2008-06-06 12:16 <REP> d-------- C:\Program Files\Windows Defender
2008-05-28 11:42 . 2008-06-07 11:29 <REP> d-------- C:\Documents and Settings\Yesim\Application Data\Notepad++
2008-05-27 21:41 . 2008-05-27 21:41 <REP> d-------- C:\Program Files\Ares
2008-05-26 15:30 . 2008-05-26 15:32 491 --a------ C:\WINDOWS\SStylerProDemo.ini
2008-05-25 13:30 . 2008-05-25 13:30 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-05-25 12:32 . 2004-07-17 11:40 19,528 --a------ C:\WINDOWS\[u]0[/u]00001_.tmp
2008-05-25 09:56 . 2008-05-25 09:56 <REP> d-------- C:\Documents and Settings\Administrateur\Contacts
2008-05-24 19:34 . 2008-05-25 13:05 <REP> d-------- C:\WINDOWS\system32\fr
2008-05-24 19:34 . 2008-05-25 13:02 <REP> d-------- C:\WINDOWS\l2schemas
2008-05-24 19:14 . 2007-04-18 18:14 2,854,400 --a------ C:\WINDOWS\system32\dllcache\msi.dll
2008-05-24 19:13 . 2007-10-25 18:43 8,516,608 --a------ C:\WINDOWS\system32\dllcache\shell32.dll
2008-05-24 18:30 . 2007-05-08 17:08 86,728 --a------ C:\WINDOWS\system32\msxml6r.dll
2008-05-24 18:30 . 2004-08-19 16:10 8,192 --a------ C:\WINDOWS\system32\spdwnwxp.exe
2008-05-24 18:29 . 2006-12-28 21:01 19,569 --a------ C:\WINDOWS\[u]0[/u]03227_.tmp
2008-05-24 18:29 . 2004-08-19 16:09 4,608 --a------ C:\WINDOWS\system32\msimg32.dll
2008-05-20 16:16 . 2008-05-20 16:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-05-14 15:03 . 2008-05-25 13:13 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-05-13 13:46 . 2001-08-23 17:04 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-05-13 13:46 . 2001-08-23 17:04 12,288 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-05-10 14:20 . 2008-05-10 14:21 <REP> d-------- C:\Program Files\CCleaner
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-08 16:48 76,620,576 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-08 16:45 3,032,352 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-06-08 16:42 285,284 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-06-08 16:42 1,027,172 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-06-08 15:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-06-07 14:24 --------- d-----w C:\Program Files\a-squared Free
2008-06-04 13:38 88,680 ----a-w C:\Documents and Settings\Yesim\Application Data\GDIPFONTCACHEV1.DAT
2008-06-04 11:19 --------- d-----w C:\Documents and Settings\Yesim\Application Data\OpenOffice.org2
2008-05-29 18:12 88,774 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-05-28 15:59 96,966 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-05-28 13:34 112,144 ----a-w C:\WINDOWS\system32\drivers\kl1.sys
2008-05-27 20:48 --------- d-----w C:\Documents and Settings\Yesim\Application Data\BearShare
2008-05-27 10:31 --------- d-----w C:\Program Files\eMule
2008-05-20 21:18 --------- d-----w C:\Program Files\MSN Messenger
2008-05-19 22:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-19 22:17 --------- d-----w C:\Program Files\Windows Live
2008-05-19 15:22 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-05-11 09:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-26 14:35 --------- d-----w C:\Documents and Settings\Yesim\Application Data\LimeWire
2008-04-24 12:51 --------- d-----w C:\Program Files\eSoft
2008-04-24 12:18 --------- d-----w C:\Program Files\Reference Assemblies
2008-04-24 12:18 --------- d-----w C:\Program Files\MSBuild
2008-04-24 12:15 --------- d-----w C:\Program Files\MSXML 6.0
2008-04-17 09:50 --------- d-----w C:\Program Files\RegCleaner
2008-04-15 21:04 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-04-15 21:04 --------- d-----w C:\Program Files\PhotoZoom Pro 2
2008-04-09 16:07 --------- d-----w C:\Program Files\vmntoolbar
2008-04-08 18:24 --------- d-----w C:\Program Files\Windows Live Toolbar
2005-09-01 10:34 1,312,392 ----a-w C:\Program Files\NPSWF32.dll
2007-11-29 19:29 88 --sh--r C:\WINDOWS\system32\454A34A146.sys
2006-10-09 13:46 5 --sha-w C:\WINDOWS\system32\dadcdca2_g.dll
2007-11-29 19:29 2,516 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
"SiSPower"="SiSPower.dll" [2005-03-03 20:50 49152 C:\WINDOWS\system32\SiSPower.dll]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli scecli scecli scecli
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Yesim^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.0.lnk]
path=C:\Documents and Settings\Yesim\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.0.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
--a------ 2008-02-20 16:33 963072 C:\Program Files\Ares\Ares.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2007-09-26 14:42 267064 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
--a------ 2006-10-17 17:50 32768 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
--a------ 2005-06-08 14:44 196608 C:\Program Files\Logitech\Video\ManifestEngine.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
--a------ 2005-06-08 15:24 458752 C:\Program Files\Logitech\Video\ISStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
--a------ 2005-06-08 15:14 217088 C:\Program Files\Logitech\Video\LogiTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS DLL Library Manager]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Outpost Firewall]
C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OutpostFeedBack]
C:\Program Files\Agnitum\Outpost Firewall\feedback.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
--a------ 2006-04-20 01:17 421888 C:\Program Files\Picasa2\PicasaMediaDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-06-29 06:24 286720 C:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
--a------ 2004-11-15 12:20 77824 C:\WINDOWS\SOUNDMAN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2006-10-12 04:10 49263 C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\rtcshare.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\NetMeeting\\conf.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"=
"C:\\Program Files\\Ares\\Ares.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\Binaries\\HelpCtr.exe"=
"C:\\Documents and Settings\\Yesim\\Bureau\\DOSSIER\\Canli_TV.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\system32\\sessmgr.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1863:TCP"= 1863:TCP:MSN
S3 CapFilt;CapFilt;C:\WINDOWS\system32\drivers\CapFilt.sys [2006-11-30 16:28]
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-06-06 11:40:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-06-08 16:46:55 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
"2008-06-07 20:40:01 C:\WINDOWS\Tasks\{B8C43FD1-6B8D-4D0A-926C-9AF5B78B83C8}_SG1-24R6L74R14H_Yesim.job"
- C:\WINDOWS\system32\mobsync.exeJ /Schedule=
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-08 18:45:58
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Windows Defender\MsMpEng.exe
C:\PROGRA~1\A-SQUA~1\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\system32\drivers\CDANTSRV.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\ProShowGold\scsiaccess.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\sistray.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-06-08 18:58:34 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-08 16:58:14
Pre-Run: 30,660,489,216 octets libres
Post-Run: 31,177,076,736 octets libres
206 --- E O F --- 2008-06-08 08:29:44
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.136 [GMT 2:00]
Endroit: C:\Documents and Settings\Yesim\Bureau\C-Fix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\config.ini
C:\WINDOWS\system\msvbvm60.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NWSAPAGENT
-------\Service_NwSapAgent
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-08 to 2008-06-08 ))))))))))))))))))))))))))))))))))))
.
2008-06-08 12:56 . 2008-06-08 12:56 <REP> d-------- C:\Documents and Settings\Yesim\Application Data\Malwarebytes
2008-06-08 12:55 . 2008-06-08 12:55 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-08 12:55 . 2008-06-08 12:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-08 12:55 . 2008-06-05 16:04 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-08 12:55 . 2008-06-05 16:04 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-07 19:48 . 2008-06-07 19:48 9 --a------ C:\WINDOWS\system32\client.sid
2008-06-07 19:26 . 2008-06-07 19:26 <REP> d-------- C:\WINDOWS\MaxTV
2008-06-07 19:26 . 2008-06-07 21:40 <REP> d-------- C:\Program Files\DMV
2008-06-07 19:08 . 2008-06-07 19:09 <REP> d-------- C:\Program Files\Tvnet Online Media Center 3.5
2008-06-07 16:30 . 2008-06-07 16:30 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb
2008-06-07 16:30 . 2008-06-07 16:30 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb
2008-06-07 13:34 . 2008-06-07 13:34 <REP> d-------- C:\Documents and Settings\Yesim\Application Data\Grisoft
2008-06-07 13:33 . 2008-06-07 13:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-06-07 13:33 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-06-07 12:51 . 2008-06-08 12:32 <REP> d-------- C:\Program Files\Navilog1
2008-06-06 12:16 . 2008-06-06 12:16 <REP> d-------- C:\Program Files\Windows Defender
2008-05-28 11:42 . 2008-06-07 11:29 <REP> d-------- C:\Documents and Settings\Yesim\Application Data\Notepad++
2008-05-27 21:41 . 2008-05-27 21:41 <REP> d-------- C:\Program Files\Ares
2008-05-26 15:30 . 2008-05-26 15:32 491 --a------ C:\WINDOWS\SStylerProDemo.ini
2008-05-25 13:30 . 2008-05-25 13:30 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-05-25 12:32 . 2004-07-17 11:40 19,528 --a------ C:\WINDOWS\[u]0[/u]00001_.tmp
2008-05-25 09:56 . 2008-05-25 09:56 <REP> d-------- C:\Documents and Settings\Administrateur\Contacts
2008-05-24 19:34 . 2008-05-25 13:05 <REP> d-------- C:\WINDOWS\system32\fr
2008-05-24 19:34 . 2008-05-25 13:02 <REP> d-------- C:\WINDOWS\l2schemas
2008-05-24 19:14 . 2007-04-18 18:14 2,854,400 --a------ C:\WINDOWS\system32\dllcache\msi.dll
2008-05-24 19:13 . 2007-10-25 18:43 8,516,608 --a------ C:\WINDOWS\system32\dllcache\shell32.dll
2008-05-24 18:30 . 2007-05-08 17:08 86,728 --a------ C:\WINDOWS\system32\msxml6r.dll
2008-05-24 18:30 . 2004-08-19 16:10 8,192 --a------ C:\WINDOWS\system32\spdwnwxp.exe
2008-05-24 18:29 . 2006-12-28 21:01 19,569 --a------ C:\WINDOWS\[u]0[/u]03227_.tmp
2008-05-24 18:29 . 2004-08-19 16:09 4,608 --a------ C:\WINDOWS\system32\msimg32.dll
2008-05-20 16:16 . 2008-05-20 16:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-05-14 15:03 . 2008-05-25 13:13 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-05-13 13:46 . 2001-08-23 17:04 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-05-13 13:46 . 2001-08-23 17:04 12,288 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-05-10 14:20 . 2008-05-10 14:21 <REP> d-------- C:\Program Files\CCleaner
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-08 16:48 76,620,576 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-08 16:45 3,032,352 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-06-08 16:42 285,284 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-06-08 16:42 1,027,172 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-06-08 15:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-06-07 14:24 --------- d-----w C:\Program Files\a-squared Free
2008-06-04 13:38 88,680 ----a-w C:\Documents and Settings\Yesim\Application Data\GDIPFONTCACHEV1.DAT
2008-06-04 11:19 --------- d-----w C:\Documents and Settings\Yesim\Application Data\OpenOffice.org2
2008-05-29 18:12 88,774 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-05-28 15:59 96,966 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-05-28 13:34 112,144 ----a-w C:\WINDOWS\system32\drivers\kl1.sys
2008-05-27 20:48 --------- d-----w C:\Documents and Settings\Yesim\Application Data\BearShare
2008-05-27 10:31 --------- d-----w C:\Program Files\eMule
2008-05-20 21:18 --------- d-----w C:\Program Files\MSN Messenger
2008-05-19 22:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-19 22:17 --------- d-----w C:\Program Files\Windows Live
2008-05-19 15:22 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-05-11 09:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-26 14:35 --------- d-----w C:\Documents and Settings\Yesim\Application Data\LimeWire
2008-04-24 12:51 --------- d-----w C:\Program Files\eSoft
2008-04-24 12:18 --------- d-----w C:\Program Files\Reference Assemblies
2008-04-24 12:18 --------- d-----w C:\Program Files\MSBuild
2008-04-24 12:15 --------- d-----w C:\Program Files\MSXML 6.0
2008-04-17 09:50 --------- d-----w C:\Program Files\RegCleaner
2008-04-15 21:04 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-04-15 21:04 --------- d-----w C:\Program Files\PhotoZoom Pro 2
2008-04-09 16:07 --------- d-----w C:\Program Files\vmntoolbar
2008-04-08 18:24 --------- d-----w C:\Program Files\Windows Live Toolbar
2005-09-01 10:34 1,312,392 ----a-w C:\Program Files\NPSWF32.dll
2007-11-29 19:29 88 --sh--r C:\WINDOWS\system32\454A34A146.sys
2006-10-09 13:46 5 --sha-w C:\WINDOWS\system32\dadcdca2_g.dll
2007-11-29 19:29 2,516 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
"SiSPower"="SiSPower.dll" [2005-03-03 20:50 49152 C:\WINDOWS\system32\SiSPower.dll]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli scecli scecli scecli
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Yesim^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.0.lnk]
path=C:\Documents and Settings\Yesim\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.0.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
--a------ 2008-02-20 16:33 963072 C:\Program Files\Ares\Ares.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2007-09-26 14:42 267064 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
--a------ 2006-10-17 17:50 32768 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
--a------ 2005-06-08 14:44 196608 C:\Program Files\Logitech\Video\ManifestEngine.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
--a------ 2005-06-08 15:24 458752 C:\Program Files\Logitech\Video\ISStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
--a------ 2005-06-08 15:14 217088 C:\Program Files\Logitech\Video\LogiTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS DLL Library Manager]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Outpost Firewall]
C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OutpostFeedBack]
C:\Program Files\Agnitum\Outpost Firewall\feedback.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
--a------ 2006-04-20 01:17 421888 C:\Program Files\Picasa2\PicasaMediaDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-06-29 06:24 286720 C:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
--a------ 2004-11-15 12:20 77824 C:\WINDOWS\SOUNDMAN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2006-10-12 04:10 49263 C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\rtcshare.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\NetMeeting\\conf.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"=
"C:\\Program Files\\Ares\\Ares.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\Binaries\\HelpCtr.exe"=
"C:\\Documents and Settings\\Yesim\\Bureau\\DOSSIER\\Canli_TV.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\system32\\sessmgr.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1863:TCP"= 1863:TCP:MSN
S3 CapFilt;CapFilt;C:\WINDOWS\system32\drivers\CapFilt.sys [2006-11-30 16:28]
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-06-06 11:40:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-06-08 16:46:55 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
"2008-06-07 20:40:01 C:\WINDOWS\Tasks\{B8C43FD1-6B8D-4D0A-926C-9AF5B78B83C8}_SG1-24R6L74R14H_Yesim.job"
- C:\WINDOWS\system32\mobsync.exeJ /Schedule=
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-08 18:45:58
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Windows Defender\MsMpEng.exe
C:\PROGRA~1\A-SQUA~1\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\system32\drivers\CDANTSRV.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\ProShowGold\scsiaccess.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\sistray.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-06-08 18:58:34 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-08 16:58:14
Pre-Run: 30,660,489,216 octets libres
Post-Run: 31,177,076,736 octets libres
206 --- E O F --- 2008-06-08 08:29:44
babish
Messages postés
34
Date d'inscription
samedi 7 juin 2008
Statut
Membre
Dernière intervention
9 juin 2008
8 juin 2008 à 19:01
8 juin 2008 à 19:01
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:01:20, on 08.06.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\A-SQUA~1\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\ProShowGold\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Yesim\Bureau\HiJackThisk.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http:1080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: FCBHOBHO Class - {8B3868B4-EBA8-48FA-A19B-E1DFB99066FA} - C:\Program Files\FlashCapture\fcbho.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: &Search - ?p=ZS
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Save F&lash with FlashCapture - res://C:\Program Files\FlashCapture\fciext.dll/FCIEXT.htm
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\Program Files\FlashCapture\fciext.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) - http://download.speakyweb.com/speakyldr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {A672558F-A878-4D5A-A921-627C091CEB63} (Flatcast Producer 4.16) - http://www.flatcast.info/objects/NpFp41629.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697516} (NsvPlayX Control) - http://www.yayindayiz.biz/codec/nsvplayx_vp6_mp3.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F554} (Flatcast Viewer 4.16) - http://data.flatcast.com/data/objects/NpFv41629.dll
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by23fd.bay23.hotmail.msn.com/activex/HMAtchmt.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bw+0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\PROGRA~1\A-SQUA~1\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\ProShowGold\ScsiAccess.exe
O23 - Service: sysmgr64 - Unknown owner - C:\WINDOWS\sysmgr64.exe (file missing)
O24 - Desktop Component 0: (no name) - http://pics.mediaplazza.com/t_24/64x64/CtnWms1426080871.gif
O24 - Desktop Component 1: (no name) - http://pics.mediaplazza.com/t_24/64x64/CtnWms441907867.gif
O24 - Desktop Component 2: (no name) - http://pics.mediaplazza.com/t_24/64x64/CtnWms488392588.gif
O24 - Desktop Component 3: (no name) - http://pics.mediaplazza.com/t_24/64x64/CtnWms1872480997.gif
O24 - Desktop Component 4: (no name) - http://yves.marsal.free.fr/atoutgifs/fonds/yfond31.gif
Scan saved at 19:01:20, on 08.06.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\A-SQUA~1\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\ProShowGold\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Yesim\Bureau\HiJackThisk.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http:1080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: FCBHOBHO Class - {8B3868B4-EBA8-48FA-A19B-E1DFB99066FA} - C:\Program Files\FlashCapture\fcbho.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: &Search - ?p=ZS
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Save F&lash with FlashCapture - res://C:\Program Files\FlashCapture\fciext.dll/FCIEXT.htm
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\Program Files\FlashCapture\fciext.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) - http://download.speakyweb.com/speakyldr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {A672558F-A878-4D5A-A921-627C091CEB63} (Flatcast Producer 4.16) - http://www.flatcast.info/objects/NpFp41629.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697516} (NsvPlayX Control) - http://www.yayindayiz.biz/codec/nsvplayx_vp6_mp3.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F554} (Flatcast Viewer 4.16) - http://data.flatcast.com/data/objects/NpFv41629.dll
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by23fd.bay23.hotmail.msn.com/activex/HMAtchmt.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bw+0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\PROGRA~1\A-SQUA~1\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\ProShowGold\ScsiAccess.exe
O23 - Service: sysmgr64 - Unknown owner - C:\WINDOWS\sysmgr64.exe (file missing)
O24 - Desktop Component 0: (no name) - http://pics.mediaplazza.com/t_24/64x64/CtnWms1426080871.gif
O24 - Desktop Component 1: (no name) - http://pics.mediaplazza.com/t_24/64x64/CtnWms441907867.gif
O24 - Desktop Component 2: (no name) - http://pics.mediaplazza.com/t_24/64x64/CtnWms488392588.gif
O24 - Desktop Component 3: (no name) - http://pics.mediaplazza.com/t_24/64x64/CtnWms1872480997.gif
O24 - Desktop Component 4: (no name) - http://yves.marsal.free.fr/atoutgifs/fonds/yfond31.gif
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
8 juin 2008 à 19:24
8 juin 2008 à 19:24
Télécharges SmitfraudFix (de S!Ri, balltrap34 et moe31 ) :
http://siri.urz.free.fr/Fix/SmitfraudFix.exe
!!Déconnectes toi,fermes toute tes applications et désactives tes défences ( anti-virus ,anti-spyware,...) le temps de la manipe !!
Installes le soft à la racine de C\ ( et pas ailleur! --->"C\:SmitfraudFix.exe" ) : double clique sur l'.exe pour le décompresser et lancer le fix.
Utilisation ----> option 1 - Recherche :
Double clique sur smitfraudfix.cmd Sélectionne 1 pour créer un rapport des fichiers responsables de l'infection.
Postes le rapport ( rapport.txt qui se trouve sous C\: ) et attends la suite .
(Attention : process.exe est détecté par certains antivirus comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité.)
http://siri.urz.free.fr/Fix/SmitfraudFix.exe
!!Déconnectes toi,fermes toute tes applications et désactives tes défences ( anti-virus ,anti-spyware,...) le temps de la manipe !!
Installes le soft à la racine de C\ ( et pas ailleur! --->"C\:SmitfraudFix.exe" ) : double clique sur l'.exe pour le décompresser et lancer le fix.
Utilisation ----> option 1 - Recherche :
Double clique sur smitfraudfix.cmd Sélectionne 1 pour créer un rapport des fichiers responsables de l'infection.
Postes le rapport ( rapport.txt qui se trouve sous C\: ) et attends la suite .
(Attention : process.exe est détecté par certains antivirus comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité.)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
babish
Messages postés
34
Date d'inscription
samedi 7 juin 2008
Statut
Membre
Dernière intervention
9 juin 2008
8 juin 2008 à 19:33
8 juin 2008 à 19:33
voilà le rapport :
SmitFraudFix v2.323
Rapport fait à 19:31:07.87, 08.06.2008
Executé à partir de C:\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\A-SQUA~1\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\ProShowGold\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Yesim
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Yesim\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Yesim\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="http://pics.mediaplazza.com/t_24/64x64/CtnWms1426080871.gif"
"SubscribedURL"="http://pics.mediaplazza.com/t_24/64x64/CtnWms1426080871.gif"
"FriendlyName"=""
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="http://pics.mediaplazza.com/t_24/64x64/CtnWms441907867.gif"
"SubscribedURL"="http://pics.mediaplazza.com/t_24/64x64/CtnWms441907867.gif"
"FriendlyName"=""
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\2]
"Source"="http://pics.mediaplazza.com/t_24/64x64/CtnWms488392588.gif"
"SubscribedURL"="http://pics.mediaplazza.com/t_24/64x64/CtnWms488392588.gif"
"FriendlyName"=""
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~1\\KASPER~1\\KASPER~2.0\\adialhk.dll"
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Rustock
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family - Miniport d'ordonnancement de paquets
DNS Server Search Order: 80.83.47.11
DNS Server Search Order: 80.83.47.157
DNS Server Search Order: 80.83.47.10
DNS Server Search Order: 80.83.47.198
HKLM\SYSTEM\CCS\Services\Tcpip\..\{1E2A4E6A-ECD8-4D3D-B35F-7262D0037730}: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
HKLM\SYSTEM\CS1\Services\Tcpip\..\{1E2A4E6A-ECD8-4D3D-B35F-7262D0037730}: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
HKLM\SYSTEM\CS2\Services\Tcpip\..\{1E2A4E6A-ECD8-4D3D-B35F-7262D0037730}: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
SmitFraudFix v2.323
Rapport fait à 19:31:07.87, 08.06.2008
Executé à partir de C:\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\A-SQUA~1\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\ProShowGold\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Yesim
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Yesim\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Yesim\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="http://pics.mediaplazza.com/t_24/64x64/CtnWms1426080871.gif"
"SubscribedURL"="http://pics.mediaplazza.com/t_24/64x64/CtnWms1426080871.gif"
"FriendlyName"=""
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="http://pics.mediaplazza.com/t_24/64x64/CtnWms441907867.gif"
"SubscribedURL"="http://pics.mediaplazza.com/t_24/64x64/CtnWms441907867.gif"
"FriendlyName"=""
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\2]
"Source"="http://pics.mediaplazza.com/t_24/64x64/CtnWms488392588.gif"
"SubscribedURL"="http://pics.mediaplazza.com/t_24/64x64/CtnWms488392588.gif"
"FriendlyName"=""
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~1\\KASPER~1\\KASPER~2.0\\adialhk.dll"
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Rustock
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family - Miniport d'ordonnancement de paquets
DNS Server Search Order: 80.83.47.11
DNS Server Search Order: 80.83.47.157
DNS Server Search Order: 80.83.47.10
DNS Server Search Order: 80.83.47.198
HKLM\SYSTEM\CCS\Services\Tcpip\..\{1E2A4E6A-ECD8-4D3D-B35F-7262D0037730}: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
HKLM\SYSTEM\CS1\Services\Tcpip\..\{1E2A4E6A-ECD8-4D3D-B35F-7262D0037730}: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
HKLM\SYSTEM\CS2\Services\Tcpip\..\{1E2A4E6A-ECD8-4D3D-B35F-7262D0037730}: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
8 juin 2008 à 19:54
8 juin 2008 à 19:54
Bien ... on a quelque chose ^^
la suite :
Suite de la manipe ( nettoyage ), fait exactement ce qui suit :
* Redémarrer l'ordinateur en mode sans échec .
Comment aller en Mode sans échec
1) Redémarre ton ordi
2) Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip"
3) Tu verras un écran avec options de démarrage apparaître
4) Choisis la première option : Sans Échec, et valide avec "Entrée"
5) Choisis ton compte habituel, et non Administrateur (si besoin ... )
*Double click sur SmitfraudFix.exe
* Sélectionner 2 et presser Entrée dans le menu pour supprimer les fichiers responsables de l'infection.
* A la question: Voulez-vous nettoyer le registre ? répondre O (oui) et presser Entrée afin de débloquer
le fond d'écran et supprimer les clés de registre de l'infection.
* Le correctif déterminera si le fichier wininet.dll est infecté.
* A la question: "Corriger le fichier infecté ?" répondre O (oui) et presser Entrée
pour remplacer le fichier corrompu.
* Un redemarrage sera peut être nécessaire pour terminer la procedure de nettoyage.
Le rapport se trouve à la racine de C\:
(dans le fichier rapport.txt)
postes moi ce dernier rapport accompagné d'un nouveau rapport hijackthis (fait en mode normal celui-ci) dans ton prochain message et attends les instructions ...
ps : n'oublis pas , en mode sans échec , pas de connexion ! Donc copies ou imprimes bien les info ci-dessus :)
la suite :
Suite de la manipe ( nettoyage ), fait exactement ce qui suit :
* Redémarrer l'ordinateur en mode sans échec .
Comment aller en Mode sans échec
1) Redémarre ton ordi
2) Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip"
3) Tu verras un écran avec options de démarrage apparaître
4) Choisis la première option : Sans Échec, et valide avec "Entrée"
5) Choisis ton compte habituel, et non Administrateur (si besoin ... )
*Double click sur SmitfraudFix.exe
* Sélectionner 2 et presser Entrée dans le menu pour supprimer les fichiers responsables de l'infection.
* A la question: Voulez-vous nettoyer le registre ? répondre O (oui) et presser Entrée afin de débloquer
le fond d'écran et supprimer les clés de registre de l'infection.
* Le correctif déterminera si le fichier wininet.dll est infecté.
* A la question: "Corriger le fichier infecté ?" répondre O (oui) et presser Entrée
pour remplacer le fichier corrompu.
* Un redemarrage sera peut être nécessaire pour terminer la procedure de nettoyage.
Le rapport se trouve à la racine de C\:
(dans le fichier rapport.txt)
postes moi ce dernier rapport accompagné d'un nouveau rapport hijackthis (fait en mode normal celui-ci) dans ton prochain message et attends les instructions ...
ps : n'oublis pas , en mode sans échec , pas de connexion ! Donc copies ou imprimes bien les info ci-dessus :)
babish
Messages postés
34
Date d'inscription
samedi 7 juin 2008
Statut
Membre
Dernière intervention
9 juin 2008
8 juin 2008 à 20:19
8 juin 2008 à 20:19
bon alors il y a déjà des changements j'ai l'impression internet est plus rapide même si ma page de démarrage à changer pas trop grave ^^
et voici le rapport de SmitFraudFix :
SmitFraudFix v2.323
Rapport fait à 20:06:29.85, 08.06.2008
Executé à partir de C:\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{1E2A4E6A-ECD8-4D3D-B35F-7262D0037730}: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
HKLM\SYSTEM\CS1\Services\Tcpip\..\{1E2A4E6A-ECD8-4D3D-B35F-7262D0037730}: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
HKLM\SYSTEM\CS2\Services\Tcpip\..\{1E2A4E6A-ECD8-4D3D-B35F-7262D0037730}: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
et voici le rapport de SmitFraudFix :
SmitFraudFix v2.323
Rapport fait à 20:06:29.85, 08.06.2008
Executé à partir de C:\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{1E2A4E6A-ECD8-4D3D-B35F-7262D0037730}: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
HKLM\SYSTEM\CS1\Services\Tcpip\..\{1E2A4E6A-ECD8-4D3D-B35F-7262D0037730}: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
HKLM\SYSTEM\CS2\Services\Tcpip\..\{1E2A4E6A-ECD8-4D3D-B35F-7262D0037730}: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=80.83.47.11 80.83.47.157 80.83.47.10 80.83.47.198
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
babish
Messages postés
34
Date d'inscription
samedi 7 juin 2008
Statut
Membre
Dernière intervention
9 juin 2008
8 juin 2008 à 20:23
8 juin 2008 à 20:23
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:23:39, on 08.06.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\A-SQUA~1\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\ProShowGold\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Yesim\Bureau\HiJackThisk.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http:1080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: FCBHOBHO Class - {8B3868B4-EBA8-48FA-A19B-E1DFB99066FA} - C:\Program Files\FlashCapture\fcbho.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: &Search - ?p=ZS
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Save F&lash with FlashCapture - res://C:\Program Files\FlashCapture\fciext.dll/FCIEXT.htm
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\Program Files\FlashCapture\fciext.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) - http://download.speakyweb.com/speakyldr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {A672558F-A878-4D5A-A921-627C091CEB63} (Flatcast Producer 4.16) - http://www.flatcast.info/objects/NpFp41629.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697516} (NsvPlayX Control) - http://www.yayindayiz.biz/codec/nsvplayx_vp6_mp3.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F554} (Flatcast Viewer 4.16) - http://data.flatcast.com/data/objects/NpFv41629.dll
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by23fd.bay23.hotmail.msn.com/activex/HMAtchmt.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bw+0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\PROGRA~1\A-SQUA~1\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\ProShowGold\ScsiAccess.exe
O23 - Service: sysmgr64 - Unknown owner - C:\WINDOWS\sysmgr64.exe (file missing)
O24 - Desktop Component 2: (no name) - http://pics.mediaplazza.com/t_24/64x64/CtnWms488392588.gif
O24 - Desktop Component 3: (no name) - http://pics.mediaplazza.com/t_24/64x64/CtnWms1872480997.gif
O24 - Desktop Component 4: (no name) - http://yves.marsal.free.fr/atoutgifs/fonds/yfond31.gif
Scan saved at 20:23:39, on 08.06.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\A-SQUA~1\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\ProShowGold\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Yesim\Bureau\HiJackThisk.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http:1080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: FCBHOBHO Class - {8B3868B4-EBA8-48FA-A19B-E1DFB99066FA} - C:\Program Files\FlashCapture\fcbho.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: &Search - ?p=ZS
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Save F&lash with FlashCapture - res://C:\Program Files\FlashCapture\fciext.dll/FCIEXT.htm
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\Program Files\FlashCapture\fciext.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) - http://download.speakyweb.com/speakyldr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {A672558F-A878-4D5A-A921-627C091CEB63} (Flatcast Producer 4.16) - http://www.flatcast.info/objects/NpFp41629.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697516} (NsvPlayX Control) - http://www.yayindayiz.biz/codec/nsvplayx_vp6_mp3.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F554} (Flatcast Viewer 4.16) - http://data.flatcast.com/data/objects/NpFv41629.dll
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by23fd.bay23.hotmail.msn.com/activex/HMAtchmt.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bw+0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\PROGRA~1\A-SQUA~1\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\ProShowGold\ScsiAccess.exe
O23 - Service: sysmgr64 - Unknown owner - C:\WINDOWS\sysmgr64.exe (file missing)
O24 - Desktop Component 2: (no name) - http://pics.mediaplazza.com/t_24/64x64/CtnWms488392588.gif
O24 - Desktop Component 3: (no name) - http://pics.mediaplazza.com/t_24/64x64/CtnWms1872480997.gif
O24 - Desktop Component 4: (no name) - http://yves.marsal.free.fr/atoutgifs/fonds/yfond31.gif
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
8 juin 2008 à 20:24
8 juin 2008 à 20:24
Télécharger CCLeaner et l'installer sur le bureau en refusant l'installation de la barre Yahoo.
http://download.piriform.com/ccsetup205.exe
• Fermer toutes les applications
• Lancer CCLeaner
S'il n'est pas en Français cliquer sur Options, Setting, Language
et sélectionner Français
• cocher dans le menu Nettoyeur - onglet Windows :
-Internet Explorer: Fichiers Internet Temporaires, Cookies
- Système: Vider la Poubelle, Fichiers Temporaires, Presse-papiers
-Avancé: Vieilles données du Prefetch
• Décocher dans le menu Options - sous-menu Avancé :
Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures
• Cocher dans le menu Nettoyeur - onglet Applications : Internet: Sun Java
• Cocher , si cela est possible, dans le menu Nettoyeur - onglet Applications :
Firefox/Mozilla: Cache Internet, Cookies
• Click sur Analyse
• Click sur le bouton Lancer le nettoyage dans le menu Nettoyeur.
puis :
• Click sur Registre
• Sélectionner tout (par défaut )
• Click sur Chercher des erreurs (En bas)
Une fois le scan terminé sélectionner tout
• Click sur Réparer les erreurs sélectionnées
ps:faire la manipe plusieurs fois jusqu'a ce qu'il n'y est plus d'erreur
Après tout cela tu peut remettre les paramêtres de CCleaner par defaut ( soft à garder sur son PC , super utile pour de bons nettoyages ... )
A tout à l'heure pour la suite ...
http://download.piriform.com/ccsetup205.exe
• Fermer toutes les applications
• Lancer CCLeaner
S'il n'est pas en Français cliquer sur Options, Setting, Language
et sélectionner Français
• cocher dans le menu Nettoyeur - onglet Windows :
-Internet Explorer: Fichiers Internet Temporaires, Cookies
- Système: Vider la Poubelle, Fichiers Temporaires, Presse-papiers
-Avancé: Vieilles données du Prefetch
• Décocher dans le menu Options - sous-menu Avancé :
Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures
• Cocher dans le menu Nettoyeur - onglet Applications : Internet: Sun Java
• Cocher , si cela est possible, dans le menu Nettoyeur - onglet Applications :
Firefox/Mozilla: Cache Internet, Cookies
• Click sur Analyse
• Click sur le bouton Lancer le nettoyage dans le menu Nettoyeur.
puis :
• Click sur Registre
• Sélectionner tout (par défaut )
• Click sur Chercher des erreurs (En bas)
Une fois le scan terminé sélectionner tout
• Click sur Réparer les erreurs sélectionnées
ps:faire la manipe plusieurs fois jusqu'a ce qu'il n'y est plus d'erreur
Après tout cela tu peut remettre les paramêtres de CCleaner par defaut ( soft à garder sur son PC , super utile pour de bons nettoyages ... )
A tout à l'heure pour la suite ...
babish
Messages postés
34
Date d'inscription
samedi 7 juin 2008
Statut
Membre
Dernière intervention
9 juin 2008
8 juin 2008 à 20:43
8 juin 2008 à 20:43
Voilà c'est fait et maintenant je dois refaire un rapport hijackthis ?
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
8 juin 2008 à 21:04
8 juin 2008 à 21:04
Télécharges Ad-Aware :
http://www.commentcamarche.net/telecharger/telechargement 83 ad aware 2008
Tuto : http://pageperso.aol.fr/balltrap34/adawrevid.asf
Instale le , met le à jours et lance unscan complet de ton PC ...
Supprimes tout ce qu'il peut trouver et postes le rapport obtenu accompagné d'un nouveau rapport hijackthis ...
http://www.commentcamarche.net/telecharger/telechargement 83 ad aware 2008
Tuto : http://pageperso.aol.fr/balltrap34/adawrevid.asf
Instale le , met le à jours et lance unscan complet de ton PC ...
Supprimes tout ce qu'il peut trouver et postes le rapport obtenu accompagné d'un nouveau rapport hijackthis ...
babish
Messages postés
34
Date d'inscription
samedi 7 juin 2008
Statut
Membre
Dernière intervention
9 juin 2008
8 juin 2008 à 22:41
8 juin 2008 à 22:41
enfin le scan est terminé
Mode d'analyse: Full
Durée de l'analyse 01:04:28
Nombre d'objets analysés 251030
Nombre d'infections trouvées 3
Critique: 0
Objets privés: 3
Infections supprimées: 3
Infections en quarantaine: 0
Nombre total d'infections ignorées par l'analyse 0
sinon il n y a pas de rapport plus précis :S
Mode d'analyse: Full
Durée de l'analyse 01:04:28
Nombre d'objets analysés 251030
Nombre d'infections trouvées 3
Critique: 0
Objets privés: 3
Infections supprimées: 3
Infections en quarantaine: 0
Nombre total d'infections ignorées par l'analyse 0
sinon il n y a pas de rapport plus précis :S
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
8 juin 2008 à 22:43
8 juin 2008 à 22:43
tant pis ... postes moi un nouveau rapport hijackthis pour analyse .
babish
Messages postés
34
Date d'inscription
samedi 7 juin 2008
Statut
Membre
Dernière intervention
9 juin 2008
8 juin 2008 à 22:48
8 juin 2008 à 22:48
les infections ce n'étaient rien d'autres que des cookies donc je ne pense pas qu'avec ça mon pc se fera pirater ^^ sinon voici le rapport de hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:47:25, on 08.06.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\A-SQUA~1\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\ProShowGold\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Documents and Settings\Yesim\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http:1080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: FCBHOBHO Class - {8B3868B4-EBA8-48FA-A19B-E1DFB99066FA} - C:\Program Files\FlashCapture\fcbho.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: &Search - ?p=ZS
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Save F&lash with FlashCapture - res://C:\Program Files\FlashCapture\fciext.dll/FCIEXT.htm
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\Program Files\FlashCapture\fciext.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) - http://download.speakyweb.com/speakyldr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {A672558F-A878-4D5A-A921-627C091CEB63} (Flatcast Producer 4.16) - http://www.flatcast.info/objects/NpFp41629.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697516} (NsvPlayX Control) - http://www.yayindayiz.biz/codec/nsvplayx_vp6_mp3.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F554} (Flatcast Viewer 4.16) - http://data.flatcast.com/data/objects/NpFv41629.dll
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by23fd.bay23.hotmail.msn.com/activex/HMAtchmt.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bw+0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\PROGRA~1\A-SQUA~1\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\ProShowGold\ScsiAccess.exe
O23 - Service: sysmgr64 - Unknown owner - C:\WINDOWS\sysmgr64.exe (file missing)
O24 - Desktop Component 2: (no name) - http://pics.mediaplazza.com/t_24/64x64/CtnWms488392588.gif
O24 - Desktop Component 3: (no name) - http://pics.mediaplazza.com/t_24/64x64/CtnWms1872480997.gif
O24 - Desktop Component 4: (no name) - http://yves.marsal.free.fr/atoutgifs/fonds/yfond31.gif
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:47:25, on 08.06.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\A-SQUA~1\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\ProShowGold\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Documents and Settings\Yesim\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http:1080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: FCBHOBHO Class - {8B3868B4-EBA8-48FA-A19B-E1DFB99066FA} - C:\Program Files\FlashCapture\fcbho.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: &Search - ?p=ZS
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Save F&lash with FlashCapture - res://C:\Program Files\FlashCapture\fciext.dll/FCIEXT.htm
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\Program Files\FlashCapture\fciext.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) - http://download.speakyweb.com/speakyldr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {A672558F-A878-4D5A-A921-627C091CEB63} (Flatcast Producer 4.16) - http://www.flatcast.info/objects/NpFp41629.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697516} (NsvPlayX Control) - http://www.yayindayiz.biz/codec/nsvplayx_vp6_mp3.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F554} (Flatcast Viewer 4.16) - http://data.flatcast.com/data/objects/NpFv41629.dll
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by23fd.bay23.hotmail.msn.com/activex/HMAtchmt.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bw+0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {745729F5-CEBA-4A90-9F13-3F032DBF576D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\PROGRA~1\A-SQUA~1\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\ProShowGold\ScsiAccess.exe
O23 - Service: sysmgr64 - Unknown owner - C:\WINDOWS\sysmgr64.exe (file missing)
O24 - Desktop Component 2: (no name) - http://pics.mediaplazza.com/t_24/64x64/CtnWms488392588.gif
O24 - Desktop Component 3: (no name) - http://pics.mediaplazza.com/t_24/64x64/CtnWms1872480997.gif
O24 - Desktop Component 4: (no name) - http://yves.marsal.free.fr/atoutgifs/fonds/yfond31.gif
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
8 juin 2008 à 22:59
8 juin 2008 à 22:59
1-Fermes toutes tes applications et déconnectes toi .
Relance Hijackthis mais click sur " Do a scan only "
Tu vois donc apparaitre le résultat du scan : une multitudes de lignes ,chacunes précédées d'un carré vide .
Tu vas clické sur les carré des lignes suivantes :
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Search - ?p=ZS
18 ---> toutes les lignes 18 !
O23 - Service: sysmgr64 - Unknown owner - C:\WINDOWS\sysmgr64.exe (file missing)
Tu cliques en bas sur le bouton FIX CHECKED et valides .
2-Refais un coup de CCleaner ( registre compris ! )
3-Télécharges Lopxp (by Moe) : http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe
-> Double click sur Lopxpsetup.exe pour lancer l'installation
-> Choisis l'option 1
-> Patientes jusqu'à ce qu'on te demande d'appuyer sur une touche.
-> Un rapport sera alors crée, copie/colle le dans ta prochaine réponse ...
Relance Hijackthis mais click sur " Do a scan only "
Tu vois donc apparaitre le résultat du scan : une multitudes de lignes ,chacunes précédées d'un carré vide .
Tu vas clické sur les carré des lignes suivantes :
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Search - ?p=ZS
18 ---> toutes les lignes 18 !
O23 - Service: sysmgr64 - Unknown owner - C:\WINDOWS\sysmgr64.exe (file missing)
Tu cliques en bas sur le bouton FIX CHECKED et valides .
2-Refais un coup de CCleaner ( registre compris ! )
3-Télécharges Lopxp (by Moe) : http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe
-> Double click sur Lopxpsetup.exe pour lancer l'installation
-> Choisis l'option 1
-> Patientes jusqu'à ce qu'on te demande d'appuyer sur une touche.
-> Un rapport sera alors crée, copie/colle le dans ta prochaine réponse ...
babish
Messages postés
34
Date d'inscription
samedi 7 juin 2008
Statut
Membre
Dernière intervention
9 juin 2008
8 juin 2008 à 23:26
8 juin 2008 à 23:26
Et voilà pour le lopxp
# Rapport Lopxp fait le 08.06.2008 à 23:19:05
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.10 - Maj du 11/04/2008
========== Listing des dossiers Application Data
+- C:\Documents and Settings\Administrateur\Application Data
2008-05-11 à 11:37:52 - Microsoft
+- C:\Documents and Settings\Administrateur\Local Settings\Application Data
2007-08-17 à 23:24:43 - Microsoft
+- C:\Documents and Settings\All Users\Application Data
2008-02-20 à 16:39:03 - Adobe
2007-01-13 à 20:46:55 - Adobe Systems
2007-10-13 à 20:26:18 - Apple
2006-11-16 à 17:13:01 - Apple Computer
2007-08-17 à 23:24:15 - avg7
2006-03-09 à 17:42:48 - BVRP Software
2007-09-28 à 16:03:35 - Corel
2008-03-13 à 20:42:36 - FaceOnBody
2007-09-03 à 18:39:57 - FLEXnet
2006-10-09 à 14:23:01 - Google
2008-06-07 à 11:33:25 - Grisoft
2008-06-08 à 21:16:13 - Kaspersky Lab
2007-09-07 à 19:38:16 - Kaspersky Lab Setup Files
2008-06-08 à 19:30:47 - Lavasoft
2008-06-08 à 10:55:52 - Malwarebytes
2007-01-30 à 15:16:14 - Messenger Plus!
2008-06-08 à 08:29:32 - Microsoft
2008-05-20 à 14:16:21 - Office Genuine Advantage
2007-06-01 à 18:34:38 - Real
2008-06-08 à 18:38:57 - Spybot - Search & Destroy
2007-08-22 à 11:33:47 - TEMP
2008-02-18 à 19:49:36 - Ulead Systems
2006-07-22 à 14:05:07 - Windows Genuine Advantage
2007-09-14 à 16:30:05 - Windows Live Toolbar
2008-05-19 à 22:36:06 - WLInstaller
2006-02-18 à 20:11:14 - Yahoo! Companion
+- C:\Documents and Settings\Invit‚\Application Data
2007-08-12 à 15:40:18 - Adobe
2007-08-13 à 13:40:14 - Apple Computer
2007-08-13 à 12:50:46 - BearShare
2007-08-12 à 11:39:39 - Google
2007-08-12 à 11:31:31 - Identities
2007-08-12 à 15:26:56 - Macromedia
2007-08-17 à 23:24:43 - Microsoft
2007-08-12 à 16:58:35 - Real
2007-08-28 à 19:18:10 - Ulead Systems
2008-05-09 à 11:36:13 - VMNTOOLBAR
+- C:\Documents and Settings\Invit‚\Local Settings\Application Data
2007-08-13 à 13:40:14 - Apple Computer
2007-08-12 à 11:36:17 - Google
2008-05-09 à 11:33:27 - Microsoft
+- C:\Documents and Settings\Yesim\Application Data
2008-02-20 à 16:41:57 - Adobe
2006-12-22 à 19:24:27 - Apple Computer
2008-05-27 à 20:48:06 - BearShare
2008-03-05 à 21:13:07 - concept design
2007-10-11 à 15:37:40 - Corel
2007-08-21 à 18:33:39 - Fronoh
2006-10-08 à 19:28:51 - Google
2008-06-07 à 11:34:14 - Grisoft
2006-03-10 à 22:09:05 - Help
2006-06-03 à 20:22:02 - Identities
2006-06-11 à 12:02:56 - InterTrust
2008-06-08 à 19:06:58 - Lavasoft
2008-04-26 à 14:35:56 - LimeWire
2006-02-18 à 21:38:05 - Macromedia
2008-06-08 à 10:56:00 - Malwarebytes
2007-11-19 à 18:11:54 - Map24
2007-07-20 à 18:22:02 - Media Player Classic
2007-11-15 à 15:24:36 - Microsoft
2007-01-08 à 19:03:32 - Mozilla
2006-07-13 à 20:13:53 - MSN Pictures Displayer
2007-08-15 à 21:05:29 - NCH Swift Sound
2007-01-08 à 19:03:32 - Netscape
2008-06-07 à 09:29:56 - Notepad++
2008-06-04 à 11:19:48 - OpenOffice.org2
2007-11-29 à 14:11:17 - Photodex
2006-02-19 à 20:23:49 - RapidGet
2007-06-01 à 18:35:40 - Real
2007-03-26 à 21:06:15 - Screenshot Sender
2007-10-27 à 15:48:17 - Sereniti
2008-01-19 à 19:38:43 - SpeakyChat
2006-12-25 à 14:41:42 - Sun
2007-12-09 à 14:27:15 - vlc
2008-02-20 à 13:11:36 - Web Page Maker V2
2007-09-23 à 20:22:11 - X-NetStat
+- C:\Documents and Settings\Yesim\Local Settings\Application Data
2007-09-03 à 19:56:38 - Adobe
2007-10-13 à 20:26:26 - Apple
2006-11-23 à 13:29:37 - Apple Computer
2008-04-24 à 12:56:49 - ApplicationHistory
2008-04-10 à 09:52:44 - Ares
2006-07-20 à 13:42:41 - BVRP Software
2007-08-27 à 20:03:17 - CallshopPhone
2007-06-13 à 19:20:10 - Google
2006-03-10 à 22:09:05 - Help
2006-06-03 à 20:22:03 - Identities
2007-09-13 à 11:36:30 - Installer3156
2007-09-13 à 11:45:07 - Installer3276
2007-03-14 à 17:34:53 - Logitech-LS
2008-06-07 à 09:22:36 - Microsoft
2008-04-08 à 09:52:19 - PCHealth
2008-06-01 à 15:58:46 - WMTools Downloaded Files
========== Listing du dossier Program Files
+- C:\Program Files
2008-06-07 à 14:24:47 - a-squared Free
2008-03-22 à 14:59:23 - ABBYY FineReader 6.0
2006-10-05 à 18:50:20 - Accord
2008-02-20 à 17:59:30 - Adobe
2007-08-16 à 00:25:07 - adslTV
2007-07-31 à 18:42:49 - AIST
2007-10-27 à 15:46:33 - AOL
2007-10-13 à 20:26:20 - Apple Software Update
2008-05-27 à 19:41:54 - Ares
2007-06-10 à 10:00:35 - AviSynth 2.5
2006-01-29 à 15:46:34 - AvRack
2007-08-04 à 22:04:35 - BearFlix
2007-09-06 à 15:15:56 - BearShare Applications
2006-12-26 à 11:18:35 - Browser Hijack Blaster
2006-09-12 à 10:43:58 - CamStudio
2008-06-08 à 18:32:47 - CCleaner
2006-10-04 à 09:59:37 - ComPlus Applications
2008-06-07 à 19:40:17 - DMV
2008-03-09 à 21:00:44 - DVDVIDEOSOFT
2006-12-08 à 18:03:05 - EasyScreenCaptureVideo2
2008-03-15 à 12:20:41 - Emoticon
2008-05-27 à 10:31:55 - eMule
2006-11-30 à 14:28:40 - Ensurebit
2007-06-10 à 09:59:20 - eRightSoft
2008-04-24 à 12:51:23 - eSoft
2008-03-13 à 20:42:24 - FaceOnBody
2008-03-22 à 20:22:34 - FaxTools
2007-12-08 à 10:31:59 - FDRLab
2008-06-08 à 19:27:30 - Fichiers communs
2007-07-31 à 23:57:57 - FlashCapture
2007-07-31 à 16:30:40 - GeoVid
2007-02-15 à 11:40:16 - Google
2008-06-07 à 11:33:19 - Grisoft
2008-02-18 à 19:48:38 - InstallShield Installation Information
2008-04-11 à 00:57:38 - Internet Explorer
2007-10-13 à 20:41:55 - iPod
2007-01-08 à 18:46:07 - isimsozlugu
2007-10-13 à 20:42:10 - iTunes
2006-08-31 à 18:23:30 - IZArc
2006-12-14 à 17:43:25 - Java
2007-09-07 à 19:48:04 - Kaspersky Lab
2008-06-08 à 19:28:25 - Lavasoft
2006-10-17 à 15:51:31 - Logitech
2008-06-08 à 21:19:10 - Lopxp
2008-06-08 à 10:55:57 - Malwarebytes' Anti-Malware
2007-11-19 à 18:10:39 - Map24
2007-06-01 à 18:34:40 - Media Player Classic
2008-05-25 à 13:33:50 - Messenger
2008-05-19 à 15:22:03 - Messenger Plus! Live
2006-08-06 à 12:37:12 - Microsoft AntiSpyware
2007-09-15 à 07:06:51 - Microsoft CAPICOM 2.1.0.2
2006-01-29 à 15:16:28 - microsoft frontpage
2006-07-16 à 10:31:54 - Microsoft FrontPage Express
2006-09-02 à 20:21:05 - Microsoft Office
2006-09-02 à 18:29:43 - Microsoft Producer 2
2008-02-08 à 10:30:53 - Microsoft SQL Server Compact Edition
2006-01-29 à 18:56:36 - Microsoft Visual Studio
2007-05-07 à 18:45:35 - MIKSOFT
2008-05-25 à 11:34:02 - Movie Maker
2008-04-24 à 12:18:31 - MSBuild
2008-05-24 à 17:34:21 - msn
2006-08-13 à 21:35:01 - MSN Games
2006-01-29 à 15:12:25 - MSN Gaming Zone
2008-05-20 à 21:18:09 - MSN Messenger
2007-09-29 à 09:14:49 - MSXML 4.0
2008-04-24 à 12:15:07 - MSXML 6.0
2008-06-08 à 10:32:29 - Navilog1
2007-08-15 à 23:15:05 - NCH Swift Sound
2008-05-25 à 11:30:04 - NetMeeting
2007-11-15 à 15:24:22 - Nicolas MERLET
2007-10-10 à 10:52:19 - NO1 Video Converter
2006-04-02 à 13:15:07 - OpenOffice.org 2.0
2008-05-25 à 11:29:58 - Outlook Express
2007-01-03 à 20:29:49 - Photo Story 3 for Windows
2007-11-29 à 14:13:18 - Photodex Presenter
2008-01-17 à 22:02:28 - PhotoFiltre
2007-11-29 à 14:52:39 - PhotoFiltre Studio
2008-04-15 à 21:04:00 - PhotoZoom Pro 2
2007-06-13 à 19:29:27 - Picasa2
2008-01-20 à 09:31:10 - PIXresizer
2008-01-20 à 09:31:10 - ProShowGold
2008-03-22 à 20:23:11 - QuickTime
2008-01-20 à 09:31:11 - Real Alternative
2007-09-22 à 17:34:47 - RealDrawPRO4
2006-01-29 à 15:46:34 - Realtek Sound Manager
2008-04-24 à 12:18:02 - Reference Assemblies
2008-04-17 à 09:50:03 - RegCleaner
2006-01-29 à 15:41:06 - Services en ligne
2006-01-29 à 15:49:13 - SiS VGA Utilities V3.65
2007-08-17 à 23:57:04 - Spybot - Search & Destroy
2007-07-31 à 17:24:50 - Teknoses
2008-06-07 à 17:09:17 - Tvnet Online Media Center 3.5
2007-09-28 à 16:27:57 - UnFREEz
2006-07-20 à 13:58:46 - Uninstall Information
2007-12-09 à 14:24:25 - VideoLAN
2008-04-09 à 16:07:45 - vmntoolbar
2008-06-06 à 10:16:08 - Windows Defender
2008-05-19 à 22:17:31 - Windows Live
2008-04-08 à 18:24:36 - Windows Live Toolbar
2006-06-27 à 20:03:37 - Windows Media Components
2008-04-15 à 21:04:05 - Windows Media Connect 2
2008-05-25 à 11:34:04 - Windows Media Player
2008-05-25 à 11:29:58 - Windows NT
2006-07-15 à 20:54:26 - WindowsUpdate
2006-10-08 à 19:30:20 - WinRAR
2006-08-05 à 20:03:10 - WMV9_VCM
2006-01-29 à 15:16:28 - xerox
2006-02-18 à 20:05:06 - Yahoo!
========== Tâches planifiées
AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
MP Scheduled Scan.job: C:\Program Files\Windows Defender\MpCmdRun.exe Scan -RestrictPrivileges
{B8C43FD1-6B8D-4D0A-926C-9AF5B78B83C8}_SG1-24R6L74R14H_Yesim.job: C:\WINDOWS\system32\mobsync.exe /Schedule="{B8C43FD1-6B8D-4D0A-926C-9AF5B78B83C8}_SG1-24R6L74R14H_Yesim"
========== Clés registre
========== Bloqueur popups Internet Explorer
account.live.com
www.dehliz.net
www.hotmail.com
mychat.radyosu.com
zonenxt.msn-int.com
zonenxt.msn-ppe.com
zone.msn.com
www.freewebs.com
www.skyrock.com
www.sevdimseni.net
PopupMgr
========== Suggestion ( /!\ Nécessite une interprétation.) ==========
+- Registre : Aucune suggestion.
- Fin du rapport -
# Rapport Lopxp fait le 08.06.2008 à 23:19:05
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.10 - Maj du 11/04/2008
========== Listing des dossiers Application Data
+- C:\Documents and Settings\Administrateur\Application Data
2008-05-11 à 11:37:52 - Microsoft
+- C:\Documents and Settings\Administrateur\Local Settings\Application Data
2007-08-17 à 23:24:43 - Microsoft
+- C:\Documents and Settings\All Users\Application Data
2008-02-20 à 16:39:03 - Adobe
2007-01-13 à 20:46:55 - Adobe Systems
2007-10-13 à 20:26:18 - Apple
2006-11-16 à 17:13:01 - Apple Computer
2007-08-17 à 23:24:15 - avg7
2006-03-09 à 17:42:48 - BVRP Software
2007-09-28 à 16:03:35 - Corel
2008-03-13 à 20:42:36 - FaceOnBody
2007-09-03 à 18:39:57 - FLEXnet
2006-10-09 à 14:23:01 - Google
2008-06-07 à 11:33:25 - Grisoft
2008-06-08 à 21:16:13 - Kaspersky Lab
2007-09-07 à 19:38:16 - Kaspersky Lab Setup Files
2008-06-08 à 19:30:47 - Lavasoft
2008-06-08 à 10:55:52 - Malwarebytes
2007-01-30 à 15:16:14 - Messenger Plus!
2008-06-08 à 08:29:32 - Microsoft
2008-05-20 à 14:16:21 - Office Genuine Advantage
2007-06-01 à 18:34:38 - Real
2008-06-08 à 18:38:57 - Spybot - Search & Destroy
2007-08-22 à 11:33:47 - TEMP
2008-02-18 à 19:49:36 - Ulead Systems
2006-07-22 à 14:05:07 - Windows Genuine Advantage
2007-09-14 à 16:30:05 - Windows Live Toolbar
2008-05-19 à 22:36:06 - WLInstaller
2006-02-18 à 20:11:14 - Yahoo! Companion
+- C:\Documents and Settings\Invit‚\Application Data
2007-08-12 à 15:40:18 - Adobe
2007-08-13 à 13:40:14 - Apple Computer
2007-08-13 à 12:50:46 - BearShare
2007-08-12 à 11:39:39 - Google
2007-08-12 à 11:31:31 - Identities
2007-08-12 à 15:26:56 - Macromedia
2007-08-17 à 23:24:43 - Microsoft
2007-08-12 à 16:58:35 - Real
2007-08-28 à 19:18:10 - Ulead Systems
2008-05-09 à 11:36:13 - VMNTOOLBAR
+- C:\Documents and Settings\Invit‚\Local Settings\Application Data
2007-08-13 à 13:40:14 - Apple Computer
2007-08-12 à 11:36:17 - Google
2008-05-09 à 11:33:27 - Microsoft
+- C:\Documents and Settings\Yesim\Application Data
2008-02-20 à 16:41:57 - Adobe
2006-12-22 à 19:24:27 - Apple Computer
2008-05-27 à 20:48:06 - BearShare
2008-03-05 à 21:13:07 - concept design
2007-10-11 à 15:37:40 - Corel
2007-08-21 à 18:33:39 - Fronoh
2006-10-08 à 19:28:51 - Google
2008-06-07 à 11:34:14 - Grisoft
2006-03-10 à 22:09:05 - Help
2006-06-03 à 20:22:02 - Identities
2006-06-11 à 12:02:56 - InterTrust
2008-06-08 à 19:06:58 - Lavasoft
2008-04-26 à 14:35:56 - LimeWire
2006-02-18 à 21:38:05 - Macromedia
2008-06-08 à 10:56:00 - Malwarebytes
2007-11-19 à 18:11:54 - Map24
2007-07-20 à 18:22:02 - Media Player Classic
2007-11-15 à 15:24:36 - Microsoft
2007-01-08 à 19:03:32 - Mozilla
2006-07-13 à 20:13:53 - MSN Pictures Displayer
2007-08-15 à 21:05:29 - NCH Swift Sound
2007-01-08 à 19:03:32 - Netscape
2008-06-07 à 09:29:56 - Notepad++
2008-06-04 à 11:19:48 - OpenOffice.org2
2007-11-29 à 14:11:17 - Photodex
2006-02-19 à 20:23:49 - RapidGet
2007-06-01 à 18:35:40 - Real
2007-03-26 à 21:06:15 - Screenshot Sender
2007-10-27 à 15:48:17 - Sereniti
2008-01-19 à 19:38:43 - SpeakyChat
2006-12-25 à 14:41:42 - Sun
2007-12-09 à 14:27:15 - vlc
2008-02-20 à 13:11:36 - Web Page Maker V2
2007-09-23 à 20:22:11 - X-NetStat
+- C:\Documents and Settings\Yesim\Local Settings\Application Data
2007-09-03 à 19:56:38 - Adobe
2007-10-13 à 20:26:26 - Apple
2006-11-23 à 13:29:37 - Apple Computer
2008-04-24 à 12:56:49 - ApplicationHistory
2008-04-10 à 09:52:44 - Ares
2006-07-20 à 13:42:41 - BVRP Software
2007-08-27 à 20:03:17 - CallshopPhone
2007-06-13 à 19:20:10 - Google
2006-03-10 à 22:09:05 - Help
2006-06-03 à 20:22:03 - Identities
2007-09-13 à 11:36:30 - Installer3156
2007-09-13 à 11:45:07 - Installer3276
2007-03-14 à 17:34:53 - Logitech-LS
2008-06-07 à 09:22:36 - Microsoft
2008-04-08 à 09:52:19 - PCHealth
2008-06-01 à 15:58:46 - WMTools Downloaded Files
========== Listing du dossier Program Files
+- C:\Program Files
2008-06-07 à 14:24:47 - a-squared Free
2008-03-22 à 14:59:23 - ABBYY FineReader 6.0
2006-10-05 à 18:50:20 - Accord
2008-02-20 à 17:59:30 - Adobe
2007-08-16 à 00:25:07 - adslTV
2007-07-31 à 18:42:49 - AIST
2007-10-27 à 15:46:33 - AOL
2007-10-13 à 20:26:20 - Apple Software Update
2008-05-27 à 19:41:54 - Ares
2007-06-10 à 10:00:35 - AviSynth 2.5
2006-01-29 à 15:46:34 - AvRack
2007-08-04 à 22:04:35 - BearFlix
2007-09-06 à 15:15:56 - BearShare Applications
2006-12-26 à 11:18:35 - Browser Hijack Blaster
2006-09-12 à 10:43:58 - CamStudio
2008-06-08 à 18:32:47 - CCleaner
2006-10-04 à 09:59:37 - ComPlus Applications
2008-06-07 à 19:40:17 - DMV
2008-03-09 à 21:00:44 - DVDVIDEOSOFT
2006-12-08 à 18:03:05 - EasyScreenCaptureVideo2
2008-03-15 à 12:20:41 - Emoticon
2008-05-27 à 10:31:55 - eMule
2006-11-30 à 14:28:40 - Ensurebit
2007-06-10 à 09:59:20 - eRightSoft
2008-04-24 à 12:51:23 - eSoft
2008-03-13 à 20:42:24 - FaceOnBody
2008-03-22 à 20:22:34 - FaxTools
2007-12-08 à 10:31:59 - FDRLab
2008-06-08 à 19:27:30 - Fichiers communs
2007-07-31 à 23:57:57 - FlashCapture
2007-07-31 à 16:30:40 - GeoVid
2007-02-15 à 11:40:16 - Google
2008-06-07 à 11:33:19 - Grisoft
2008-02-18 à 19:48:38 - InstallShield Installation Information
2008-04-11 à 00:57:38 - Internet Explorer
2007-10-13 à 20:41:55 - iPod
2007-01-08 à 18:46:07 - isimsozlugu
2007-10-13 à 20:42:10 - iTunes
2006-08-31 à 18:23:30 - IZArc
2006-12-14 à 17:43:25 - Java
2007-09-07 à 19:48:04 - Kaspersky Lab
2008-06-08 à 19:28:25 - Lavasoft
2006-10-17 à 15:51:31 - Logitech
2008-06-08 à 21:19:10 - Lopxp
2008-06-08 à 10:55:57 - Malwarebytes' Anti-Malware
2007-11-19 à 18:10:39 - Map24
2007-06-01 à 18:34:40 - Media Player Classic
2008-05-25 à 13:33:50 - Messenger
2008-05-19 à 15:22:03 - Messenger Plus! Live
2006-08-06 à 12:37:12 - Microsoft AntiSpyware
2007-09-15 à 07:06:51 - Microsoft CAPICOM 2.1.0.2
2006-01-29 à 15:16:28 - microsoft frontpage
2006-07-16 à 10:31:54 - Microsoft FrontPage Express
2006-09-02 à 20:21:05 - Microsoft Office
2006-09-02 à 18:29:43 - Microsoft Producer 2
2008-02-08 à 10:30:53 - Microsoft SQL Server Compact Edition
2006-01-29 à 18:56:36 - Microsoft Visual Studio
2007-05-07 à 18:45:35 - MIKSOFT
2008-05-25 à 11:34:02 - Movie Maker
2008-04-24 à 12:18:31 - MSBuild
2008-05-24 à 17:34:21 - msn
2006-08-13 à 21:35:01 - MSN Games
2006-01-29 à 15:12:25 - MSN Gaming Zone
2008-05-20 à 21:18:09 - MSN Messenger
2007-09-29 à 09:14:49 - MSXML 4.0
2008-04-24 à 12:15:07 - MSXML 6.0
2008-06-08 à 10:32:29 - Navilog1
2007-08-15 à 23:15:05 - NCH Swift Sound
2008-05-25 à 11:30:04 - NetMeeting
2007-11-15 à 15:24:22 - Nicolas MERLET
2007-10-10 à 10:52:19 - NO1 Video Converter
2006-04-02 à 13:15:07 - OpenOffice.org 2.0
2008-05-25 à 11:29:58 - Outlook Express
2007-01-03 à 20:29:49 - Photo Story 3 for Windows
2007-11-29 à 14:13:18 - Photodex Presenter
2008-01-17 à 22:02:28 - PhotoFiltre
2007-11-29 à 14:52:39 - PhotoFiltre Studio
2008-04-15 à 21:04:00 - PhotoZoom Pro 2
2007-06-13 à 19:29:27 - Picasa2
2008-01-20 à 09:31:10 - PIXresizer
2008-01-20 à 09:31:10 - ProShowGold
2008-03-22 à 20:23:11 - QuickTime
2008-01-20 à 09:31:11 - Real Alternative
2007-09-22 à 17:34:47 - RealDrawPRO4
2006-01-29 à 15:46:34 - Realtek Sound Manager
2008-04-24 à 12:18:02 - Reference Assemblies
2008-04-17 à 09:50:03 - RegCleaner
2006-01-29 à 15:41:06 - Services en ligne
2006-01-29 à 15:49:13 - SiS VGA Utilities V3.65
2007-08-17 à 23:57:04 - Spybot - Search & Destroy
2007-07-31 à 17:24:50 - Teknoses
2008-06-07 à 17:09:17 - Tvnet Online Media Center 3.5
2007-09-28 à 16:27:57 - UnFREEz
2006-07-20 à 13:58:46 - Uninstall Information
2007-12-09 à 14:24:25 - VideoLAN
2008-04-09 à 16:07:45 - vmntoolbar
2008-06-06 à 10:16:08 - Windows Defender
2008-05-19 à 22:17:31 - Windows Live
2008-04-08 à 18:24:36 - Windows Live Toolbar
2006-06-27 à 20:03:37 - Windows Media Components
2008-04-15 à 21:04:05 - Windows Media Connect 2
2008-05-25 à 11:34:04 - Windows Media Player
2008-05-25 à 11:29:58 - Windows NT
2006-07-15 à 20:54:26 - WindowsUpdate
2006-10-08 à 19:30:20 - WinRAR
2006-08-05 à 20:03:10 - WMV9_VCM
2006-01-29 à 15:16:28 - xerox
2006-02-18 à 20:05:06 - Yahoo!
========== Tâches planifiées
AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
MP Scheduled Scan.job: C:\Program Files\Windows Defender\MpCmdRun.exe Scan -RestrictPrivileges
{B8C43FD1-6B8D-4D0A-926C-9AF5B78B83C8}_SG1-24R6L74R14H_Yesim.job: C:\WINDOWS\system32\mobsync.exe /Schedule="{B8C43FD1-6B8D-4D0A-926C-9AF5B78B83C8}_SG1-24R6L74R14H_Yesim"
========== Clés registre
========== Bloqueur popups Internet Explorer
account.live.com
www.dehliz.net
www.hotmail.com
mychat.radyosu.com
zonenxt.msn-int.com
zonenxt.msn-ppe.com
zone.msn.com
www.freewebs.com
www.skyrock.com
www.sevdimseni.net
PopupMgr
========== Suggestion ( /!\ Nécessite une interprétation.) ==========
+- Registre : Aucune suggestion.
- Fin du rapport -
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
8 juin 2008 à 23:29
8 juin 2008 à 23:29
Rien de ce côter là ...
bien fait moi maintenant un petit topo de ton PC ... Y a t'il du mieux ?
bien fait moi maintenant un petit topo de ton PC ... Y a t'il du mieux ?
babish
Messages postés
34
Date d'inscription
samedi 7 juin 2008
Statut
Membre
Dernière intervention
9 juin 2008
8 juin 2008 à 23:31
8 juin 2008 à 23:31
Un nouveau hijackthis peut-être ?
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
8 juin 2008 à 23:33
8 juin 2008 à 23:33
Oui ... mais comment vas ton PC maintenant ?
babish
Messages postés
34
Date d'inscription
samedi 7 juin 2008
Statut
Membre
Dernière intervention
9 juin 2008
8 juin 2008 à 23:35
8 juin 2008 à 23:35
mon pc a enfin l'air de respirer et moi aussi d'ailleurs sauf qu'il me semble que ma soeur a télécharger et installer webmediaplayer je l'ai remarqué il y a 2 jours et j'ai lu sur internet que c'était rempli de spyware donc j'éspère ne pas perdre le contrôle de mon pc car là il est top il est déjà plus rapide qu'avant ^^
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:33:15, on 08.06.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\A-SQUA~1\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\ProShowGold\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Yesim\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http:1080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: FCBHOBHO Class - {8B3868B4-EBA8-48FA-A19B-E1DFB99066FA} - C:\Program Files\FlashCapture\fcbho.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Save F&lash with FlashCapture - res://C:\Program Files\FlashCapture\fciext.dll/FCIEXT.htm
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\Program Files\FlashCapture\fciext.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) - http://download.speakyweb.com/speakyldr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {A672558F-A878-4D5A-A921-627C091CEB63} (Flatcast Producer 4.16) - http://www.flatcast.info/objects/NpFp41629.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697516} (NsvPlayX Control) - http://www.yayindayiz.biz/codec/nsvplayx_vp6_mp3.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F554} (Flatcast Viewer 4.16) - http://data.flatcast.com/data/objects/NpFv41629.dll
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by23fd.bay23.hotmail.msn.com/activex/HMAtchmt.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\PROGRA~1\A-SQUA~1\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\ProShowGold\ScsiAccess.exe
O24 - Desktop Component 2: (no name) - http://pics.mediaplazza.com/t_24/64x64/CtnWms488392588.gif
O24 - Desktop Component 3: (no name) - http://pics.mediaplazza.com/t_24/64x64/CtnWms1872480997.gif
O24 - Desktop Component 4: (no name) - http://yves.marsal.free.fr/atoutgifs/fonds/yfond31.gif
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:33:15, on 08.06.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\A-SQUA~1\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\ProShowGold\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Yesim\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http:1080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: FCBHOBHO Class - {8B3868B4-EBA8-48FA-A19B-E1DFB99066FA} - C:\Program Files\FlashCapture\fcbho.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Save F&lash with FlashCapture - res://C:\Program Files\FlashCapture\fciext.dll/FCIEXT.htm
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\Program Files\FlashCapture\fciext.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) - http://download.speakyweb.com/speakyldr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {A672558F-A878-4D5A-A921-627C091CEB63} (Flatcast Producer 4.16) - http://www.flatcast.info/objects/NpFp41629.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697516} (NsvPlayX Control) - http://www.yayindayiz.biz/codec/nsvplayx_vp6_mp3.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) - http://www.flatcast.com/de/download/NpFv415.dll
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F554} (Flatcast Viewer 4.16) - http://data.flatcast.com/data/objects/NpFv41629.dll
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by23fd.bay23.hotmail.msn.com/activex/HMAtchmt.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\PROGRA~1\A-SQUA~1\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\ProShowGold\ScsiAccess.exe
O24 - Desktop Component 2: (no name) - http://pics.mediaplazza.com/t_24/64x64/CtnWms488392588.gif
O24 - Desktop Component 3: (no name) - http://pics.mediaplazza.com/t_24/64x64/CtnWms1872480997.gif
O24 - Desktop Component 4: (no name) - http://yves.marsal.free.fr/atoutgifs/fonds/yfond31.gif
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
8 juin 2008 à 23:45
8 juin 2008 à 23:45
Prb résolu donc ...
webmediaplayer je l'ai remarqué il y a 2 jours et j'ai lu sur internet que c'était rempli de spyware donc j'éspère ne pas perdre le contrôle de mon pc ---> bonne initiative ^^
fais ce-ci pour finir :
1-Télécharges ToolsCleaner (de A.Rothstein) sur ton Bureau.
http://a-rothstein.changelog.fr/TC/ToolsCleaner2.exe
Cliques sur Recherche et laisses le scan se terminer.
Cliques sur Suppression pour finaliser.
Tu peux, si tu le souhaites, te servir des Options facultatives
Ce petit soft va te nettoyer tout les trucs dont on c'est servi pour la désinfection ( tu n'en as plus besion ! ) .
Supprimes tout les outils , dossiers ou rapports consernant la désinfection que Toolsclaener2 n'a pas supprimé .
Puis enfin supprimes Toolscleaner2 ... ( garde CCleaner et Malwarebytes : très utiles )
2-Restauration système
*Désactives ta restauration :
Cliques droit sur poste de travail/propriétés/Restauration système/coche la case désactiver la restauration, appliquer, OK
--->Redémarres ton PC
*Réactives ta restauration :
Cliques droit sur poste de travail/propriétés/Restauration système/décoche la case désactiver la restauration, appliquer, OK
--->Redémarres ton PC
3-dès que tu auras le temps (car la manipe est un peu longue ) , mais ne tard pas trop , fais ce petit check up :
Nettoyage et Défragmentation de tes Disques
*Nettoyage :
Clic droit sur "poste de travail" ==>"ouvrir" ==>clic droit sur le disque C ==>Propriétés ==>onglet "Général"
Cliques sur le bouton "nettoyage de disque", OK
tu le fais pour chacun de tes disques
*Vérifications des erreurs :
Clic droit sur "poste de travail" ==>"ouvrir" ==>clic droit sur le disque C ==>Propriétés ==>onglet "Outil"
"Vérifier maintenant", une boîte s'ouvre, cocher les cases :
-réparer automatiquement les erreurs...
-rechercher et tenter une récupération...
--->Démarrer, ok
Note : s'il te dis de redémarrer ton Pc pour le faire , tu redémarres et tu laisses faire, cela prend un peu de temps c'est normal
tu le fais pour chacun de tes disques
ensuite toujours dans le même onglet tu choisis :
*Défragmentation :
"défragmenter maintenant", OK
une boîte s'ouvre, tu sélectionnes le disque à défragmenter, et tu cliques sur "analyser", puis après l'analyse, "défragmenter" . OK
tu le fais pour chacun de tes disques
Voili voilou =)
Donnes moi des news une fois tout cela fait ...
A+
webmediaplayer je l'ai remarqué il y a 2 jours et j'ai lu sur internet que c'était rempli de spyware donc j'éspère ne pas perdre le contrôle de mon pc ---> bonne initiative ^^
fais ce-ci pour finir :
1-Télécharges ToolsCleaner (de A.Rothstein) sur ton Bureau.
http://a-rothstein.changelog.fr/TC/ToolsCleaner2.exe
Cliques sur Recherche et laisses le scan se terminer.
Cliques sur Suppression pour finaliser.
Tu peux, si tu le souhaites, te servir des Options facultatives
Ce petit soft va te nettoyer tout les trucs dont on c'est servi pour la désinfection ( tu n'en as plus besion ! ) .
Supprimes tout les outils , dossiers ou rapports consernant la désinfection que Toolsclaener2 n'a pas supprimé .
Puis enfin supprimes Toolscleaner2 ... ( garde CCleaner et Malwarebytes : très utiles )
2-Restauration système
*Désactives ta restauration :
Cliques droit sur poste de travail/propriétés/Restauration système/coche la case désactiver la restauration, appliquer, OK
--->Redémarres ton PC
*Réactives ta restauration :
Cliques droit sur poste de travail/propriétés/Restauration système/décoche la case désactiver la restauration, appliquer, OK
--->Redémarres ton PC
3-dès que tu auras le temps (car la manipe est un peu longue ) , mais ne tard pas trop , fais ce petit check up :
Nettoyage et Défragmentation de tes Disques
*Nettoyage :
Clic droit sur "poste de travail" ==>"ouvrir" ==>clic droit sur le disque C ==>Propriétés ==>onglet "Général"
Cliques sur le bouton "nettoyage de disque", OK
tu le fais pour chacun de tes disques
*Vérifications des erreurs :
Clic droit sur "poste de travail" ==>"ouvrir" ==>clic droit sur le disque C ==>Propriétés ==>onglet "Outil"
"Vérifier maintenant", une boîte s'ouvre, cocher les cases :
-réparer automatiquement les erreurs...
-rechercher et tenter une récupération...
--->Démarrer, ok
Note : s'il te dis de redémarrer ton Pc pour le faire , tu redémarres et tu laisses faire, cela prend un peu de temps c'est normal
tu le fais pour chacun de tes disques
ensuite toujours dans le même onglet tu choisis :
*Défragmentation :
"défragmenter maintenant", OK
une boîte s'ouvre, tu sélectionnes le disque à défragmenter, et tu cliques sur "analyser", puis après l'analyse, "défragmenter" . OK
tu le fais pour chacun de tes disques
Voili voilou =)
Donnes moi des news une fois tout cela fait ...
A+
babish
Messages postés
34
Date d'inscription
samedi 7 juin 2008
Statut
Membre
Dernière intervention
9 juin 2008
8 juin 2008 à 23:54
8 juin 2008 à 23:54
ça a l'air de faire long pour le Toolcleaner2 à moins que rien ne se passe ^^
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
8 juin 2008 à 23:56
8 juin 2008 à 23:56
oui , la recherche peu durer , laisses faire ...
