Cheval de troie [infecté par trojan-clicker]Fermé

Question

Bonjour,
je ne sais pas si mon msg a bient été pris en compte ms j'ai un souci avec un cheval de troie (trojan-clicker.HTML.agent.a) je réessaie je renvoie le rapport au cas où... Est-ce que je risque qqchose avec ce virus? Dois-je sauvegarder des fichiers?  Merci d'avance pr votre aide.
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

 + Created at:	19:31:44 29/10/2006

 + Scan result:	



C:\Program Files\Pack Securite\FWES\program\__delete_on_reboot__f_s_d_f_w_d_._e_x_e_ -> Adware.Gator : No action taken.
[2820] C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe -> Adware.Gator : No action taken.
HKU\S-1-5-21-1506526269-870248354-1358004491-1007\Software\egdhtml -> Dialer.Generic : No action taken.
C:\Program Files\Instant Access\Multi\20060917230912\instant access.exe -> Dialer.InstantAccess.aa : No action taken.
C:\WINDOWS\system32\accinet.exe -> Dialer.InstantAccess.aa : No action taken.
C:\Documents and Settings\pascual\Local Settings\Temporary Internet Files\Content.IE5\KLUBOXIB\POPUP[1].0TM -> Hijacker.Agent.a : No action taken.
:mozilla.148:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.149:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.150:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.151:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.159:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.162:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.372:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.425:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.435:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.545:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\pascual\Cookies\pascual@112.2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\pascual\Cookies\pascual@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\pascual\Cookies\pascual@microsoftwlmessengermkt.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\pascual\Cookies\pascual@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\pascual\Cookies\pascual@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\pascual\Cookies\pascual@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\pascual\Cookies\pascual@redcats.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\pascual\Cookies\pascual@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
:mozilla.390:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Adjuggler : No action taken.
C:\Documents and Settings\pascual\Cookies\pascual@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : No action taken.
C:\Documents and Settings\pascual\Cookies\pascual@admarketplace[1].txt -> TrackingCookie.Admarketplace : No action taken.
:mozilla.183:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.184:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.186:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.187:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.182:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.180:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.8:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.568:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\pascual\Cookies\pascual@com[1].txt -> TrackingCookie.Com : No action taken.
:mozilla.6:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.42:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Estat : No action taken.
:mozilla.651:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.657:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.93:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.192:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.193:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.493:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Itrack : No action taken.
:mozilla.494:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Itrack : No action taken.
C:\Documents and Settings\pascual\Cookies\pascual@ilead.itrack[2].txt -> TrackingCookie.Itrack : No action taken.
:mozilla.518:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Ivwbox : No action taken.
C:\Documents and Settings\pascual\Cookies\pascual@ivwbox[2].txt -> TrackingCookie.Ivwbox : No action taken.
:mozilla.39:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.44:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.613:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\pascual\Cookies\pascual@content.overture[1].txt -> TrackingCookie.Overture : No action taken.
:mozilla.359:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.360:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.361:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.362:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.363:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
C:\Documents and Settings\pascual\Cookies\pascual@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : No action taken.
C:\Documents and Settings\pascual\Cookies\pascual@ads1.revenue[1].txt -> TrackingCookie.Revenue : No action taken.
:mozilla.482:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.617:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.300:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.305:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\pascual\Cookies\pascual@tacoda[2].txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.16:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.17:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.646:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.658:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.659:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.660:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.661:C:\Documents and Settings\pascual\Application Data\Mozilla\Firefox\Profiles\o0qj03j2.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\pascual\Cookies\pascual@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : No action taken.


::Report end

Utilisateur anonyme · Answer

Salut,

refais un scanne avec Ewido et supprime(delete) tout, il ne devrait pas y être marqué "No action taken."


Fait ce nettoyage: (à faire réguliérement)

¤Telecharges et installes ceci:
CCleaner:
Ccleaner

dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes

¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"
 

Télécharge HijackThis: 
http://www.infos-du-net.com/telecharger/HijackThis.html

Installe le dans son propre dossier:
-clic droit sur le bureau, choisis "nouveau dossier" puis installe le dedans.
Lance le, clic sur "do a system scan and save logfile" 
Puis copie et colle le rapport ici stp

Pascual44 · Answer

Re,
bon j'ai donc suivi la procédure que tu m'as donné effectué les téléchargement de claener et hijack. J'ai cherché les erreurs et netoyer le tout. Merci pr tes conseils en esperant que tout marche pr le mieux... Est ce que je peux garder ces programmes sachant que j'ai deja un anti-virus et un anti-spyware?? Est-ce que je ^peux effacer les erreurs que j'ai sauvegardé du nettoyage de cleaner? Puis-je m'adresser de nouveau a toi si j'ai un souci?
Merci bcp.

 Logfile of HijackThis v1.99.1
Scan saved at 22:31:50, on 29/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE
C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
C:\Program Files\Pack Securite\Common\FSMA32.EXE
C:\Program Files\Pack Securite\Common\FSMB32.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Pack Securite\Common\FCH32.EXE
C:\Program Files\Pack Securite\Common\FAMEH32.EXE
C:\Program Files\Pack Securite\FSPC\fspc.exe
C:\Program Files\Pack Securite\Anti-Virus\fsrw.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet	hotkey.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Pack Securite\Common\FSM32.EXE
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD	oscdspd.exe
C:\Program Files\Kit ADSL\Wizard\Agent_WiFi.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
C:\PROGRA~1\PACKSE~1\ANTI-S~1\fsaw.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Pack Securite\FSGUI\fsguidll.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\pascual\LOCALS~1\Temp\Répertoire temporaire 2 pour hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE	oolbar.dll
R3 - URLSearchHook: (no name) - {D73F49B6-B51B-4d32-A3B7-BD04B8342F53} - C:\Program Files\MorpheusBar\SrchAstt\1.bin\MBSRCAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1	oolbar.dll
O2 - BHO: MorpheusToolbar BHO - {3F3714A1-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O2 - BHO: (no name) - {D73F49B1-B51B-4d32-A3B7-BD04B8342F53} - C:\Program Files\MorpheusBar\SrchAstt\1.bin\MBSRCAS.DLL
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE	oolbar.dll
O3 - Toolbar: Morpheus Toolbar - {3F3714A9-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet	hotkey.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Securite\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD	oscdspd.exe
O4 - HKCU\..\Run: [TVAgent WiFi] C:\Program Files\Kit ADSL\Wizard\Agent_WiFi.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Startup: Morpheus.lnk = C:\Program Files\Morpheus\Morpheus.exe
O4 - Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Pack Securite.lnk = C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Pack Securite\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?df590edfa2a94f819a469816cae8415a
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?df590edfa2a94f819a469816cae8415a
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin
pjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin
pjpi150_02.dll
O9 - Extra button: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\ACS.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Pack Securite (BackWeb Plug-in - 361343) - BackWeb Technologies Inc.                          - C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - Unknown owner - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe (file missing)
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Pack Securite\FSPC\fshttps\fshttps.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

Cheval de troie [infecté par trojan-clicker]

2 réponses

Discussions similaires

Newsletters