virus-pc lent
Dernière réponse : dans Sécurité
Bonjour, j'essaie d'aider une amie qui semble etre infectée par spyware secure(encore), voici son log hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:38:48, on 22/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\CA\eTrust Antivirus\InoTask.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\M6Video\M6video.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\Program Files\Zango\bin\10.0.314.0\OEAddOn.exe
C:\Program Files\Zango\bin\10.0.314.0\ZangoSA.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\WinZip\winzip32.exe
C:\Documents and Settings\z.GR\Mes documents\Kids\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Zango /fleok=1D8A83A5CEE4107B9DAE75760EA83FA5EF80752B9499803B2A2303766A - {07AA283A-43D7-4CBE-A064-32A21112D94D} - C:\Program Files\Zango\bin\10.0.314.0\HostIE.dll
O2 - BHO: CIEIntegrator Object - {2178F3FB-2560-458F-BDEE-631E2FE0DFE4} - C:\Program Files\WinAntiVirus Pro 2006\winpgi.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IEFW Object - {B5141620-C2B2-4D95-9F0F-134D99C87AB0} - C:\Program Files\WinAntiVirus Pro 2006\IEFWBHO.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Zango - {07AA283A-43D7-4CBE-A064-32A21112D94D} - C:\Program Files\Zango\bin\10.0.314.0\HostIE.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [m6] C:\Program Files\M6Video\M6video.exe
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [ZangoOE] C:\Program Files\Zango\bin\10.0.314.0\OEAddOn.exe
O4 - HKLM\..\Run: [ZangoSA] "C:\Program Files\Zango\bin\10.0.314.0\ZangoSA.exe"
O4 - HKLM\..\Run: [Spyware-Secure] C:\Program Files\Spyware-Secure\Spyware-Secure_trial.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [NvCplScan] nvsc32.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?11a96e62aeb42f981bd4ddea0cbe9fb
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?11a96e62aeb42f981bd4ddea0cbe9fb
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Interface Chat Voila - http://chat7.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat14.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {2D37B9E8-C14C-482C-B1CF-939C5440E179} (VTToolkit Control) - http://videomessages.orange.fr/VTToolkit.ocx
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/14/fr/SysWebTelecomInt...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O17 - HKLM\System\CCS\Services\Tcpip\..\{B535EEF5-A7BF-49AC-AEB3-29D91471DE5F}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Firewall service (FWSvc) - WinSoftware, Ltd. - C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Serveur RPC eTrust Antivirus (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: Serveur eTrust Antivirus Temps réel (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: Serveur de jobs eTrust Antivirus (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 10574 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:38:48, on 22/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\CA\eTrust Antivirus\InoTask.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\M6Video\M6video.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\Program Files\Zango\bin\10.0.314.0\OEAddOn.exe
C:\Program Files\Zango\bin\10.0.314.0\ZangoSA.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\WinZip\winzip32.exe
C:\Documents and Settings\z.GR\Mes documents\Kids\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Zango /fleok=1D8A83A5CEE4107B9DAE75760EA83FA5EF80752B9499803B2A2303766A - {07AA283A-43D7-4CBE-A064-32A21112D94D} - C:\Program Files\Zango\bin\10.0.314.0\HostIE.dll
O2 - BHO: CIEIntegrator Object - {2178F3FB-2560-458F-BDEE-631E2FE0DFE4} - C:\Program Files\WinAntiVirus Pro 2006\winpgi.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IEFW Object - {B5141620-C2B2-4D95-9F0F-134D99C87AB0} - C:\Program Files\WinAntiVirus Pro 2006\IEFWBHO.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Zango - {07AA283A-43D7-4CBE-A064-32A21112D94D} - C:\Program Files\Zango\bin\10.0.314.0\HostIE.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [m6] C:\Program Files\M6Video\M6video.exe
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [ZangoOE] C:\Program Files\Zango\bin\10.0.314.0\OEAddOn.exe
O4 - HKLM\..\Run: [ZangoSA] "C:\Program Files\Zango\bin\10.0.314.0\ZangoSA.exe"
O4 - HKLM\..\Run: [Spyware-Secure] C:\Program Files\Spyware-Secure\Spyware-Secure_trial.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [NvCplScan] nvsc32.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?11a96e62aeb42f981bd4ddea0cbe9fb
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?11a96e62aeb42f981bd4ddea0cbe9fb
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Interface Chat Voila - http://chat7.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat14.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {2D37B9E8-C14C-482C-B1CF-939C5440E179} (VTToolkit Control) - http://videomessages.orange.fr/VTToolkit.ocx
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/14/fr/SysWebTelecomInt...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O17 - HKLM\System\CCS\Services\Tcpip\..\{B535EEF5-A7BF-49AC-AEB3-29D91471DE5F}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Firewall service (FWSvc) - WinSoftware, Ltd. - C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Serveur RPC eTrust Antivirus (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: Serveur eTrust Antivirus Temps réel (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: Serveur de jobs eTrust Antivirus (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 10574 bytes
Autres pages sur : virus lent
Lassé par la pub ? Créez un compte
Bonjour
Fixer la ligne nu suffira pas, il faut aussi supprimer le programme.
Mais il y a d'autre infections.
Télécharge Combofix.exe (par sUBs) sur ton Bureau
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Double clique combofix.exe et suis les invites.
Lorsque le scan sera complété, un rapport apparaîtra.
Copie/colle ce rapport dans ta prochaine réponse avec un nouveau HijackThis
Fixer la ligne nu suffira pas, il faut aussi supprimer le programme.
Mais il y a d'autre infections.
Télécharge Combofix.exe (par sUBs) sur ton Bureau
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Double clique combofix.exe et suis les invites.
Lorsque le scan sera complété, un rapport apparaîtra.
Copie/colle ce rapport dans ta prochaine réponse avec un nouveau HijackThis
ComboFix 07-09-21.2 - "z" 2007-09-23 14:13:55.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.135 [GMT 2:00]
* Created a new restore point
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2006
C:\DOCUME~1\AMLIE~1\err.log
C:\DOCUME~1\z.GR\APPLIC~1\SystemDoctor 2006 Free
C:\DOCUME~1\z.GR\APPLIC~1\SystemDoctor 2006 Free\Logs\update.log
C:\DOCUME~1\z.GR\APPLIC~1\WinAntiVirus Pro 2006
C:\DOCUME~1\z.GR\APPLIC~1\WinAntiVirus Pro 2006\Logs\update.log
C:\DOCUME~1\z.GR\APPLIC~1\WinAntiVirus Pro 2006\Logs\wa6Support.log
C:\DOCUME~1\z.GR\APPLIC~1\WinAntiVirus Pro 2006\Logs\winav.log
C:\DOCUME~1\z.GR\APPLIC~1\WinAntiVirus Pro 2006\PGE.dat
C:\DOCUME~1\z.GR\APPLIC~1\winantiviruspro2006freeinstall_fr[1].exe
C:\DOCUME~1\z.GR\err.log
C:\Program Files\Fichiers communs\winantivirus pro 2006
C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\err.log
C:\Program Files\sudoplanet
C:\Program Files\sudoplanet\SudoPlanet.dll
C:\Program Files\sudoplanet\SudoPlanet.exe
C:\Program Files\sudoplanet\SudoPlanet.url
C:\Program Files\sudoplanet\uninst.exe
C:\Program Files\winantivirus pro 2006
C:\Program Files\WinAntiVirus Pro 2006\ASupdater.dat
C:\Program Files\winantivirus pro 2006\atl71.dll
C:\Program Files\winantivirus pro 2006\av.ini
C:\Program Files\winantivirus pro 2006\AWBase\database\enemies.dat
C:\Program Files\winantivirus pro 2006\AWBase\vbpv.dat
C:\Program Files\winantivirus pro 2006\bnlink.dat
C:\Program Files\winantivirus pro 2006\CompWiz.exe
C:\Program Files\WinAntiVirus Pro 2006\Download\aptskcko\SCANFUNC.DLL
C:\Program Files\winantivirus pro 2006\Download\ikplnntf\SCANFUNC.DLL
C:\Program Files\WinAntiVirus Pro 2006\Download\ikplnntf\SCANWIN1.DLL
C:\Program Files\winantivirus pro 2006\Download\ikplnntf\UNPACKS.DLL
C:\Program Files\WinAntiVirus Pro 2006\Download\jlbnztlv\SCANFUNC.DLL
C:\Program Files\WinAntiVirus Pro 2006\Download\udncproc\SCANFUNC.DLL
C:\Program Files\WinAntiVirus Pro 2006\Download\udncproc\SCANWIN1.DLL
C:\Program Files\winantivirus pro 2006\Download\udncproc\UNPACKS.DLL
C:\Program Files\WinAntiVirus Pro 2006\Download\vgfyfpcx\SCANFUNC.DLL
C:\Program Files\winantivirus pro 2006\Download\vgfyfpcx\SCANKRNL.DLL
C:\Program Files\winantivirus pro 2006\Download\vgfyfpcx\SCANWIN1.DLL
C:\Program Files\winantivirus pro 2006\Download\vgfyfpcx\UNPACKS.DLL
C:\Program Files\winantivirus pro 2006\Download\xgmnydyi\SCANFUNC.DLL
C:\Program Files\winantivirus pro 2006\Download\xgmnydyi\SCANKRNL.DLL
C:\Program Files\winantivirus pro 2006\Download\xgmnydyi\SCANWIN1.DLL
C:\Program Files\winantivirus pro 2006\Download\xrdzopfx\SCANFUNC.DLL
C:\Program Files\winantivirus pro 2006\Download\xrdzopfx\SCANKRNL.DLL
C:\Program Files\winantivirus pro 2006\Download\xrdzopfx\SCANWIN1.DLL
C:\Program Files\winantivirus pro 2006\Download\xrdzopfx\UNPACKS.DLL
C:\Program Files\winantivirus pro 2006\fat.exe
C:\Program Files\winantivirus pro 2006\fopn.exe
C:\Program Files\WinAntiVirus Pro 2006\fopn.sys
C:\Program Files\winantivirus pro 2006\fopnl.dll
C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe
C:\Program Files\winantivirus pro 2006\history.db
C:\Program Files\winantivirus pro 2006\index.dat
C:\Program Files\winantivirus pro 2006\install.exe
C:\Program Files\winantivirus pro 2006\InstHelp.exe
C:\Program Files\WinAntiVirus Pro 2006\lapv.dat
C:\Program Files\winantivirus pro 2006\License.rtf
C:\Program Files\winantivirus pro 2006\mfc71.dll
C:\Program Files\winantivirus pro 2006\msvcp71.dll
C:\Program Files\winantivirus pro 2006\msvcr71.dll
C:\Program Files\winantivirus pro 2006\online.url
C:\Program Files\winantivirus pro 2006\PGBase\vbpv.dat
C:\Program Files\winantivirus pro 2006\PGupdater.dat
C:\Program Files\winantivirus pro 2006\PGUpLst.dat
C:\Program Files\WinAntiVirus Pro 2006\phigh.bin
C:\Program Files\WinAntiVirus Pro 2006\plugins\BORLNDMM.DLL
C:\Program Files\winantivirus pro 2006\plugins\SCANADWR.DLL
C:\Program Files\winantivirus pro 2006\plugins\SCANBCDR.DLL
C:\Program Files\winantivirus pro 2006\plugins\SCANDLDR.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\SCANDOS1.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\SCANFUNC.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\SCANKRNL.DLL
C:\Program Files\winantivirus pro 2006\plugins\SCANMCR1.DLL
C:\Program Files\winantivirus pro 2006\plugins\SCANOTHR.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\SCANSCR.DLL
C:\Program Files\winantivirus pro 2006\plugins\SCANTOOL.DLL
C:\Program Files\winantivirus pro 2006\plugins\SCANTROJ.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\SCANWIN1.DLL
C:\Program Files\winantivirus pro 2006\plugins\UNACPU.DLL
C:\Program Files\winantivirus pro 2006\plugins\UNADBX.DLL
C:\Program Files\winantivirus pro 2006\plugins\unamscan.dll
C:\Program Files\winantivirus pro 2006\plugins\UNMIME.DLL
C:\Program Files\winantivirus pro 2006\plugins\UNPACK.DLL
C:\Program Files\winantivirus pro 2006\plugins\UNPACKS.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UNPACKS2.DLL
C:\Program Files\winantivirus pro 2006\plugins\UNPEPACK.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\.UA27215.DLL.UQvNUR
C:\Program Files\winantivirus pro 2006\plugins\UpDate\.UADAILY.DLL.SrUTf8
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27201.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27202.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27203.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27204.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27205.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27206.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27207.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27208.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27209.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27210.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27211.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27212.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27213.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27214.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27215.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27216.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27217.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27301.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27302.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27303.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27304.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27305.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27306.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27307.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27308.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UADAILY.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\wininit.ini
C:\Program Files\winantivirus pro 2006\plugins\vbpv.dat
C:\Program Files\winantivirus pro 2006\pmedium.bin
C:\Program Files\WinAntiVirus Pro 2006\prc.dat
C:\Program Files\WinAntiVirus Pro 2006\prerules.xml
C:\Program Files\winantivirus pro 2006\pv.dat
C:\Program Files\WinAntiVirus Pro 2006\pv.exe
C:\Program Files\WinAntiVirus Pro 2006\res\cross.gif
C:\Program Files\winantivirus pro 2006\res\Register.gif
C:\Program Files\winantivirus pro 2006\res\wa6p.gif
C:\Program Files\WinAntiVirus Pro 2006\rpt.dll
C:\Program Files\winantivirus pro 2006\RulSrv.dll
C:\Program Files\WinAntiVirus Pro 2006\SpOrder.dll
C:\Program Files\winantivirus pro 2006\sqlite3.dll
C:\Program Files\WinAntiVirus Pro 2006\sr.log
C:\Program Files\winantivirus pro 2006\st.dat
C:\Program Files\winantivirus pro 2006\support.url
C:\Program Files\winantivirus pro 2006\UBUpdater.dat
C:\Program Files\winantivirus pro 2006\unins000.dat
C:\Program Files\WinAntiVirus Pro 2006\unins000.exe
C:\Program Files\WinAntiVirus Pro 2006\uninstall.ico
C:\Program Files\winantivirus pro 2006\up.dat
C:\Program Files\winantivirus pro 2006\updater.dat
C:\Program Files\winantivirus pro 2006\Updater.exe
C:\Program Files\winantivirus pro 2006\WAV6COM.dll
C:\Program Files\winantivirus pro 2006\WinAV.exe
C:\Program Files\winantivirus pro 2006\WinAV.xml
C:\Program Files\WinAntiVirus Pro 2006\worldmap.swf
C:\WA6P\
C:\WINDOWS\pack.epk
C:\WINDOWS\system32\av.cpl
C:\WINDOWS\system32\drivers\fopn.sys
C:\WINDOWS\system32\drivers\vspf_hk5.sys
C:\WINDOWS\system32\drivers\vspf5.sys
C:\WINDOWS\system32\irtffczgjb.dat
C:\WINDOWS\system32\irtffczgjb.exe
C:\WINDOWS\system32\irtffczgjb_nav.dat
C:\WINDOWS\system32\irtffczgjb_navps.dat
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\stera.exe
C:\WINDOWS\system32\stera.log
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_FOPN
-------\LEGACY_VSPF
-------\LEGACY_VSPF_HK
-------\FOPN
((((((((((((((((((((((((((((( Fichiers créés 2007-08-23 to 2007-09-23 ))))))))))))))))))))))))))))))))))))
.
2007-09-23 13:39 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-09-22 18:21 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-22 18:15 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZangoSA
2007-09-22 18:13 --------- d-------- C:\Program Files\Spyware-Secure
2007-09-22 15:11 --------- d-------- C:\Program Files\eMule
2007-09-14 17:48 --------- d-------- C:\DOCUME~1\z.GR\APPLIC~1\Zango
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-28 18:36 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
2007-07-28 18:34 --------- d-------- C:\Program Files\Zango
2007-07-28 18:34 --------- d-------- C:\DOCUME~1\z.GR\APPLIC~1\ZangoToolbar
2007-07-28 17:32 --------- d-------- C:\Program Files\TomTom HOME
2007-07-28 17:31 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
2007-07-28 17:30 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-07-28 17:29 --------- d-------- C:\DOCUME~1\z.GR\APPLIC~1\InstallShield
2007-07-28 17:27 --------- d-------- C:\Program Files\TomTom DesktopSuite
2007-07-25 18:22 --------- d-------- C:\Program Files\M6Video
2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{07AA283A-43D7-4CBE-A064-32A21112D94D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2003-05-29 16:28]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2003-05-30 09:42]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2003-04-07 09:19]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2003-04-07 09:07]
"NeroCheck"="C:\WINDOWS\System32\\NeroCheck.exe" [2001-07-09 12:50]
"IntelliType"="C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" [2002-03-22 06:41]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 12:38]
"Realtime Monitor"="C:\PROGRA~1\CA\ETRUST~1\realmon.exe" [2004-06-26 01:17]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-05-09 20:07]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 11:52]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-01-18 17:47]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-01-18 17:37]
"m6"="C:\Program Files\M6Video\M6video.exe" [2007-07-24 11:13]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME\TomTomHOME.exe" [2007-03-14 16:52]
"ZangoOE"="C:\Program Files\Zango\bin\10.0.314.0\OEAddOn.exe" []
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 13:55]
"NvCplScan"="nvsc32.exe" []
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-02-20 16:28]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-01-18 17:07]
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1\
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-02-20 16:28:09]
Windows Desktop Search.lnk - C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe [2005-09-20 18:10:04]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
S3 v800bus;Sony Ericsson V800-Vodafone 802SE driver (WDM);C:\WINDOWS\system32\DRIVERS\v800bus.sys
S3 v800mdfl;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\v800mdfl.sys
S3 v800mdm;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\v800mdm.sys
S3 v800mgmt;Sony Ericsson V800-Vodafone 802SE USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\v800mgmt.sys
S3 v800obex;Sony Ericsson V800-Vodafone 802SE USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\v800obex.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{39bb9817-3d04-11dc-80e1-000e504b9710}]
AutoRun\command- G:\InstallTomTomHOME.exe
.
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-23 14:20:10
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-09-23 14:22:43 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-09-23 14:22
.
--- E O F ---
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.135 [GMT 2:00]
* Created a new restore point
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2006
C:\DOCUME~1\AMLIE~1\err.log
C:\DOCUME~1\z.GR\APPLIC~1\SystemDoctor 2006 Free
C:\DOCUME~1\z.GR\APPLIC~1\SystemDoctor 2006 Free\Logs\update.log
C:\DOCUME~1\z.GR\APPLIC~1\WinAntiVirus Pro 2006
C:\DOCUME~1\z.GR\APPLIC~1\WinAntiVirus Pro 2006\Logs\update.log
C:\DOCUME~1\z.GR\APPLIC~1\WinAntiVirus Pro 2006\Logs\wa6Support.log
C:\DOCUME~1\z.GR\APPLIC~1\WinAntiVirus Pro 2006\Logs\winav.log
C:\DOCUME~1\z.GR\APPLIC~1\WinAntiVirus Pro 2006\PGE.dat
C:\DOCUME~1\z.GR\APPLIC~1\winantiviruspro2006freeinstall_fr[1].exe
C:\DOCUME~1\z.GR\err.log
C:\Program Files\Fichiers communs\winantivirus pro 2006
C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\err.log
C:\Program Files\sudoplanet
C:\Program Files\sudoplanet\SudoPlanet.dll
C:\Program Files\sudoplanet\SudoPlanet.exe
C:\Program Files\sudoplanet\SudoPlanet.url
C:\Program Files\sudoplanet\uninst.exe
C:\Program Files\winantivirus pro 2006
C:\Program Files\WinAntiVirus Pro 2006\ASupdater.dat
C:\Program Files\winantivirus pro 2006\atl71.dll
C:\Program Files\winantivirus pro 2006\av.ini
C:\Program Files\winantivirus pro 2006\AWBase\database\enemies.dat
C:\Program Files\winantivirus pro 2006\AWBase\vbpv.dat
C:\Program Files\winantivirus pro 2006\bnlink.dat
C:\Program Files\winantivirus pro 2006\CompWiz.exe
C:\Program Files\WinAntiVirus Pro 2006\Download\aptskcko\SCANFUNC.DLL
C:\Program Files\winantivirus pro 2006\Download\ikplnntf\SCANFUNC.DLL
C:\Program Files\WinAntiVirus Pro 2006\Download\ikplnntf\SCANWIN1.DLL
C:\Program Files\winantivirus pro 2006\Download\ikplnntf\UNPACKS.DLL
C:\Program Files\WinAntiVirus Pro 2006\Download\jlbnztlv\SCANFUNC.DLL
C:\Program Files\WinAntiVirus Pro 2006\Download\udncproc\SCANFUNC.DLL
C:\Program Files\WinAntiVirus Pro 2006\Download\udncproc\SCANWIN1.DLL
C:\Program Files\winantivirus pro 2006\Download\udncproc\UNPACKS.DLL
C:\Program Files\WinAntiVirus Pro 2006\Download\vgfyfpcx\SCANFUNC.DLL
C:\Program Files\winantivirus pro 2006\Download\vgfyfpcx\SCANKRNL.DLL
C:\Program Files\winantivirus pro 2006\Download\vgfyfpcx\SCANWIN1.DLL
C:\Program Files\winantivirus pro 2006\Download\vgfyfpcx\UNPACKS.DLL
C:\Program Files\winantivirus pro 2006\Download\xgmnydyi\SCANFUNC.DLL
C:\Program Files\winantivirus pro 2006\Download\xgmnydyi\SCANKRNL.DLL
C:\Program Files\winantivirus pro 2006\Download\xgmnydyi\SCANWIN1.DLL
C:\Program Files\winantivirus pro 2006\Download\xrdzopfx\SCANFUNC.DLL
C:\Program Files\winantivirus pro 2006\Download\xrdzopfx\SCANKRNL.DLL
C:\Program Files\winantivirus pro 2006\Download\xrdzopfx\SCANWIN1.DLL
C:\Program Files\winantivirus pro 2006\Download\xrdzopfx\UNPACKS.DLL
C:\Program Files\winantivirus pro 2006\fat.exe
C:\Program Files\winantivirus pro 2006\fopn.exe
C:\Program Files\WinAntiVirus Pro 2006\fopn.sys
C:\Program Files\winantivirus pro 2006\fopnl.dll
C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe
C:\Program Files\winantivirus pro 2006\history.db
C:\Program Files\winantivirus pro 2006\index.dat
C:\Program Files\winantivirus pro 2006\install.exe
C:\Program Files\winantivirus pro 2006\InstHelp.exe
C:\Program Files\WinAntiVirus Pro 2006\lapv.dat
C:\Program Files\winantivirus pro 2006\License.rtf
C:\Program Files\winantivirus pro 2006\mfc71.dll
C:\Program Files\winantivirus pro 2006\msvcp71.dll
C:\Program Files\winantivirus pro 2006\msvcr71.dll
C:\Program Files\winantivirus pro 2006\online.url
C:\Program Files\winantivirus pro 2006\PGBase\vbpv.dat
C:\Program Files\winantivirus pro 2006\PGupdater.dat
C:\Program Files\winantivirus pro 2006\PGUpLst.dat
C:\Program Files\WinAntiVirus Pro 2006\phigh.bin
C:\Program Files\WinAntiVirus Pro 2006\plugins\BORLNDMM.DLL
C:\Program Files\winantivirus pro 2006\plugins\SCANADWR.DLL
C:\Program Files\winantivirus pro 2006\plugins\SCANBCDR.DLL
C:\Program Files\winantivirus pro 2006\plugins\SCANDLDR.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\SCANDOS1.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\SCANFUNC.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\SCANKRNL.DLL
C:\Program Files\winantivirus pro 2006\plugins\SCANMCR1.DLL
C:\Program Files\winantivirus pro 2006\plugins\SCANOTHR.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\SCANSCR.DLL
C:\Program Files\winantivirus pro 2006\plugins\SCANTOOL.DLL
C:\Program Files\winantivirus pro 2006\plugins\SCANTROJ.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\SCANWIN1.DLL
C:\Program Files\winantivirus pro 2006\plugins\UNACPU.DLL
C:\Program Files\winantivirus pro 2006\plugins\UNADBX.DLL
C:\Program Files\winantivirus pro 2006\plugins\unamscan.dll
C:\Program Files\winantivirus pro 2006\plugins\UNMIME.DLL
C:\Program Files\winantivirus pro 2006\plugins\UNPACK.DLL
C:\Program Files\winantivirus pro 2006\plugins\UNPACKS.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UNPACKS2.DLL
C:\Program Files\winantivirus pro 2006\plugins\UNPEPACK.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\.UA27215.DLL.UQvNUR
C:\Program Files\winantivirus pro 2006\plugins\UpDate\.UADAILY.DLL.SrUTf8
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27201.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27202.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27203.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27204.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27205.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27206.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27207.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27208.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27209.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27210.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27211.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27212.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27213.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27214.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27215.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27216.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27217.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27301.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27302.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27303.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27304.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27305.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UA27306.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27307.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\UA27308.DLL
C:\Program Files\WinAntiVirus Pro 2006\plugins\UpDate\UADAILY.DLL
C:\Program Files\winantivirus pro 2006\plugins\UpDate\wininit.ini
C:\Program Files\winantivirus pro 2006\plugins\vbpv.dat
C:\Program Files\winantivirus pro 2006\pmedium.bin
C:\Program Files\WinAntiVirus Pro 2006\prc.dat
C:\Program Files\WinAntiVirus Pro 2006\prerules.xml
C:\Program Files\winantivirus pro 2006\pv.dat
C:\Program Files\WinAntiVirus Pro 2006\pv.exe
C:\Program Files\WinAntiVirus Pro 2006\res\cross.gif
C:\Program Files\winantivirus pro 2006\res\Register.gif
C:\Program Files\winantivirus pro 2006\res\wa6p.gif
C:\Program Files\WinAntiVirus Pro 2006\rpt.dll
C:\Program Files\winantivirus pro 2006\RulSrv.dll
C:\Program Files\WinAntiVirus Pro 2006\SpOrder.dll
C:\Program Files\winantivirus pro 2006\sqlite3.dll
C:\Program Files\WinAntiVirus Pro 2006\sr.log
C:\Program Files\winantivirus pro 2006\st.dat
C:\Program Files\winantivirus pro 2006\support.url
C:\Program Files\winantivirus pro 2006\UBUpdater.dat
C:\Program Files\winantivirus pro 2006\unins000.dat
C:\Program Files\WinAntiVirus Pro 2006\unins000.exe
C:\Program Files\WinAntiVirus Pro 2006\uninstall.ico
C:\Program Files\winantivirus pro 2006\up.dat
C:\Program Files\winantivirus pro 2006\updater.dat
C:\Program Files\winantivirus pro 2006\Updater.exe
C:\Program Files\winantivirus pro 2006\WAV6COM.dll
C:\Program Files\winantivirus pro 2006\WinAV.exe
C:\Program Files\winantivirus pro 2006\WinAV.xml
C:\Program Files\WinAntiVirus Pro 2006\worldmap.swf
C:\WA6P\
C:\WINDOWS\pack.epk
C:\WINDOWS\system32\av.cpl
C:\WINDOWS\system32\drivers\fopn.sys
C:\WINDOWS\system32\drivers\vspf_hk5.sys
C:\WINDOWS\system32\drivers\vspf5.sys
C:\WINDOWS\system32\irtffczgjb.dat
C:\WINDOWS\system32\irtffczgjb.exe
C:\WINDOWS\system32\irtffczgjb_nav.dat
C:\WINDOWS\system32\irtffczgjb_navps.dat
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\stera.exe
C:\WINDOWS\system32\stera.log
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_FOPN
-------\LEGACY_VSPF
-------\LEGACY_VSPF_HK
-------\FOPN
((((((((((((((((((((((((((((( Fichiers créés 2007-08-23 to 2007-09-23 ))))))))))))))))))))))))))))))))))))
.
2007-09-23 13:39 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-09-22 18:21 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-22 18:15 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZangoSA
2007-09-22 18:13 --------- d-------- C:\Program Files\Spyware-Secure
2007-09-22 15:11 --------- d-------- C:\Program Files\eMule
2007-09-14 17:48 --------- d-------- C:\DOCUME~1\z.GR\APPLIC~1\Zango
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-28 18:36 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
2007-07-28 18:34 --------- d-------- C:\Program Files\Zango
2007-07-28 18:34 --------- d-------- C:\DOCUME~1\z.GR\APPLIC~1\ZangoToolbar
2007-07-28 17:32 --------- d-------- C:\Program Files\TomTom HOME
2007-07-28 17:31 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
2007-07-28 17:30 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-07-28 17:29 --------- d-------- C:\DOCUME~1\z.GR\APPLIC~1\InstallShield
2007-07-28 17:27 --------- d-------- C:\Program Files\TomTom DesktopSuite
2007-07-25 18:22 --------- d-------- C:\Program Files\M6Video
2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{07AA283A-43D7-4CBE-A064-32A21112D94D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2003-05-29 16:28]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2003-05-30 09:42]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2003-04-07 09:19]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2003-04-07 09:07]
"NeroCheck"="C:\WINDOWS\System32\\NeroCheck.exe" [2001-07-09 12:50]
"IntelliType"="C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" [2002-03-22 06:41]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 12:38]
"Realtime Monitor"="C:\PROGRA~1\CA\ETRUST~1\realmon.exe" [2004-06-26 01:17]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-05-09 20:07]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 11:52]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-01-18 17:47]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-01-18 17:37]
"m6"="C:\Program Files\M6Video\M6video.exe" [2007-07-24 11:13]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME\TomTomHOME.exe" [2007-03-14 16:52]
"ZangoOE"="C:\Program Files\Zango\bin\10.0.314.0\OEAddOn.exe" []
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 13:55]
"NvCplScan"="nvsc32.exe" []
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-02-20 16:28]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-01-18 17:07]
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1\
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-02-20 16:28:09]
Windows Desktop Search.lnk - C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe [2005-09-20 18:10:04]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
S3 v800bus;Sony Ericsson V800-Vodafone 802SE driver (WDM);C:\WINDOWS\system32\DRIVERS\v800bus.sys
S3 v800mdfl;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\v800mdfl.sys
S3 v800mdm;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\v800mdm.sys
S3 v800mgmt;Sony Ericsson V800-Vodafone 802SE USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\v800mgmt.sys
S3 v800obex;Sony Ericsson V800-Vodafone 802SE USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\v800obex.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{39bb9817-3d04-11dc-80e1-000e504b9710}]
AutoRun\command- G:\InstallTomTomHOME.exe
.
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-23 14:20:10
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-09-23 14:22:43 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-09-23 14:22
.
--- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:35:13, on 23/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\CA\eTrust Antivirus\InoTask.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\M6Video\M6video.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchFilter.exe
C:\Documents and Settings\z.GR\Mes documents\Kids\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Zango /fleok=1D8A83A5CEE4107B9DAE75760EA83FA5EF80752B9499803B2A2303766A - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [m6] C:\Program Files\M6Video\M6video.exe
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [ZangoOE] C:\Program Files\Zango\bin\10.0.314.0\OEAddOn.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [NvCplScan] nvsc32.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?11a96e62aeb42f981bd4ddea0cbe9fb
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?11a96e62aeb42f981bd4ddea0cbe9fb
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Interface Chat Voila - http://chat7.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat14.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {2D37B9E8-C14C-482C-B1CF-939C5440E179} (VTToolkit Control) - http://videomessages.orange.fr/VTToolkit.ocx
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/14/fr/SysWebTelecomInt...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O17 - HKLM\System\CCS\Services\Tcpip\..\{B535EEF5-A7BF-49AC-AEB3-29D91471DE5F}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Serveur RPC eTrust Antivirus (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: Serveur eTrust Antivirus Temps réel (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: Serveur de jobs eTrust Antivirus (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 9871 bytes
Scan saved at 14:35:13, on 23/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\CA\eTrust Antivirus\InoTask.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\M6Video\M6video.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchFilter.exe
C:\Documents and Settings\z.GR\Mes documents\Kids\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Zango /fleok=1D8A83A5CEE4107B9DAE75760EA83FA5EF80752B9499803B2A2303766A - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [m6] C:\Program Files\M6Video\M6video.exe
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [ZangoOE] C:\Program Files\Zango\bin\10.0.314.0\OEAddOn.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [NvCplScan] nvsc32.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?11a96e62aeb42f981bd4ddea0cbe9fb
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?11a96e62aeb42f981bd4ddea0cbe9fb
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Interface Chat Voila - http://chat7.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat14.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {2D37B9E8-C14C-482C-B1CF-939C5440E179} (VTToolkit Control) - http://videomessages.orange.fr/VTToolkit.ocx
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/14/fr/SysWebTelecomInt...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O17 - HKLM\System\CCS\Services\Tcpip\..\{B535EEF5-A7BF-49AC-AEB3-29D91471DE5F}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Serveur RPC eTrust Antivirus (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: Serveur eTrust Antivirus Temps réel (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: Serveur de jobs eTrust Antivirus (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 9871 bytes
Bonjour
Il en reste malgré ce veau ménage.
$$ Télécharge BTFix de Bibi26
http://www.bibi26.power-heberg.com/logiciels/BTFix.zip de Bibi26
Dézippe l'archive sur ton Bureau.
Ouvre le dossier BTFix.
Double clique sur BTFix.exe.
Clique sur Rechercher.
Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.
$$ Télécharge clean.zip
http://www.malekal.com/download/clean.zip
Décompresse le sur ton bureau
Double-clic sur clean qui se trouve dans le dossier clean.
Choisis l'option 1
Un rapport va etre généré, colle le contenu entier ici.
Il en reste malgré ce veau ménage.
$$ Télécharge BTFix de Bibi26
http://www.bibi26.power-heberg.com/logiciels/BTFix.zip de Bibi26
Dézippe l'archive sur ton Bureau.
Ouvre le dossier BTFix.
Double clique sur BTFix.exe.
Clique sur Rechercher.
Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.
$$ Télécharge clean.zip
http://www.malekal.com/download/clean.zip
Décompresse le sur ton bureau
Double-clic sur clean qui se trouve dans le dossier clean.
Choisis l'option 1
Un rapport va etre généré, colle le contenu entier ici.
BTFix 1.046 (par bibi26) - 24/09/2007 19:03:36 - Analyse
---> Fichiers/Dossiers trouvés
- C:\Program Files\Zango
- C:\Program Files\ZangoToolbar
- C:\Documents and Settings\z.GR\Application Data\Zango
- C:\Documents and Settings\z.GR\Application Data\ZangoToolbar
- C:\Documents and Settings\All Users\Application Data\ZangoSA
- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Zango
---> Analyse terminée
---> Fichiers/Dossiers trouvés
- C:\Program Files\Zango
- C:\Program Files\ZangoToolbar
- C:\Documents and Settings\z.GR\Application Data\Zango
- C:\Documents and Settings\z.GR\Application Data\ZangoToolbar
- C:\Documents and Settings\All Users\Application Data\ZangoSA
- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Zango
---> Analyse terminée
Re
Il te faut un outil spécifique.
En voila un gratuit.
http://www.7-zip.org/fr/
et un tutorial
http://www.cestfacile.org/7-Zip.htm
Il te faut un outil spécifique.
En voila un gratuit.
http://www.7-zip.org/fr/
et un tutorial
http://www.cestfacile.org/7-Zip.htm
Lassé par la pub ? Créez un compte
