Pb avec spybot, kapersky, hijackthis(rapport)
Résolu/Fermé
missy69
Messages postés
36
Date d'inscription
dimanche 20 juillet 2008
Statut
Membre
Dernière intervention
10 novembre 2008
-
21 juil. 2008 à 00:09
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 - 21 juil. 2008 à 13:23
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 - 21 juil. 2008 à 13:23
A voir également:
- Pb avec spybot, kapersky, hijackthis(rapport)
- Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport existant ✓ - Forum Excel
- Rapport de stage - Guide
- Spybot gratuit - Télécharger - Antivirus & Antimalwares
- Hijackthis windows 10 - Télécharger - Antivirus & Antimalwares
- Exemple de rapport de travail word ✓ - Forum Word
31 réponses
cruchot10
Messages postés
262
Date d'inscription
lundi 14 juillet 2008
Statut
Membre
Dernière intervention
8 novembre 2008
28
21 juil. 2008 à 00:33
21 juil. 2008 à 00:33
bonsoir elodie
télécharge malwarebytes antimalware installe le et met le a jour puis redemarre ton ordi en mode sans echec et fais un examen complet puis supprime tous ce qu'il a trouvé du moins sil trouve quelque chose et revien sur le forum me dire les changements bon courage
télécharge malwarebytes antimalware installe le et met le a jour puis redemarre ton ordi en mode sans echec et fais un examen complet puis supprime tous ce qu'il a trouvé du moins sil trouve quelque chose et revien sur le forum me dire les changements bon courage
missy69
Messages postés
36
Date d'inscription
dimanche 20 juillet 2008
Statut
Membre
Dernière intervention
10 novembre 2008
21 juil. 2008 à 01:27
21 juil. 2008 à 01:27
merci pour la reponse j'essai ça demain du moins aujourdhui vers 10H
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
21 juil. 2008 à 09:00
21 juil. 2008 à 09:00
Salut vou 2 !!
décidément cruchot, tu es abonné à malwarebytes mdr...et tu ne vois meme pas que sa version de hijackthis n est pas à jour et qu il est tres mal installé :s
missy69 :
désinstalle ta version de hijackthis et retélécharge d ici en suivant bien le tuto pour bien l installer et le renommer :
Télécharge hijackthis : http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe
voici un tuto pour bien l installer : https://forums.cnetfrance.fr
-une fois installé, le renommer HJT.exe pour contrer une éventuelle infection vundo
-Double-clic dessus
- Clic sur "Do a system scan and save the log"
- copier le rapport, le coller dans la réponse
décidément cruchot, tu es abonné à malwarebytes mdr...et tu ne vois meme pas que sa version de hijackthis n est pas à jour et qu il est tres mal installé :s
missy69 :
désinstalle ta version de hijackthis et retélécharge d ici en suivant bien le tuto pour bien l installer et le renommer :
Télécharge hijackthis : http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe
voici un tuto pour bien l installer : https://forums.cnetfrance.fr
-une fois installé, le renommer HJT.exe pour contrer une éventuelle infection vundo
-Double-clic dessus
- Clic sur "Do a system scan and save the log"
- copier le rapport, le coller dans la réponse
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
21 juil. 2008 à 09:02
21 juil. 2008 à 09:02
et pourquoi as tu crée 2 topics :s
un suffiusait ;-)
reste sur celui ci stp
un suffiusait ;-)
reste sur celui ci stp
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
missy69
Messages postés
36
Date d'inscription
dimanche 20 juillet 2008
Statut
Membre
Dernière intervention
10 novembre 2008
21 juil. 2008 à 09:12
21 juil. 2008 à 09:12
je pense avoir bien suivi
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:10:55, on 21/07/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
E:\programmes\VeohClient.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Elodie\winlogon.exe
C:\Windows\System32\rundll32.exe
E:\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\BitComet\BitComet.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\Explorer.exe
C:\Users\Elodie\Desktop\HJT.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.broadcom.com/support/security-center
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - E:\programmes\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\Nouveau dossier\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "E:\programmes\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Windows Logon Applicationedc] C:\Users\Elodie\winlogon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Elodie\AppData\Local\Temp\xxyxUlKD.dll,c
O4 - HKCU\..\Run: [BM6547bede] Rundll32.exe "C:\Users\Elodie\AppData\Local\Temp\ljoitdgt.dll",s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DEAAB234-9D25-4D31-A3F7-162AD10CE98E} (FileUpload Control) - http://www.zaoza.fr/ActiveX/1.1.0.14/FileUpload.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:10:55, on 21/07/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
E:\programmes\VeohClient.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Elodie\winlogon.exe
C:\Windows\System32\rundll32.exe
E:\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\BitComet\BitComet.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\Explorer.exe
C:\Users\Elodie\Desktop\HJT.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.broadcom.com/support/security-center
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - E:\programmes\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\Nouveau dossier\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "E:\programmes\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Windows Logon Applicationedc] C:\Users\Elodie\winlogon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Elodie\AppData\Local\Temp\xxyxUlKD.dll,c
O4 - HKCU\..\Run: [BM6547bede] Rundll32.exe "C:\Users\Elodie\AppData\Local\Temp\ljoitdgt.dll",s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DEAAB234-9D25-4D31-A3F7-162AD10CE98E} (FileUpload Control) - http://www.zaoza.fr/ActiveX/1.1.0.14/FileUpload.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
21 juil. 2008 à 09:16
21 juil. 2008 à 09:16
Télécharger sur le bureau malware bytes : http://ww.commentcamarche.net/telecharger/telechargement 34055379 malwarebyte s anti malware?thread
= double-clic sur mbam-setup pour lancer l'installation
= Installer simplement sans rien modifier
= Quand le programme lancé ==> faire une mise à jour ensuite cocher Exécuter un examen complet
= Clic Rechercher
= Eventuellement décocher les disque à ne pas analyser
= Clic Lancer l'examen
= En fin de scan , si infection trouvée
==> Clic Afficher résultat
= Fermer vos applications en cours
= Vérifier si tout est coché et clic Supprimer la sélection
un rapport s'ouvre le copier et le coller dans la réponse
Puis redémarrer le pc !!
Et refais un nouveau rapport hijackthis stp
= double-clic sur mbam-setup pour lancer l'installation
= Installer simplement sans rien modifier
= Quand le programme lancé ==> faire une mise à jour ensuite cocher Exécuter un examen complet
= Clic Rechercher
= Eventuellement décocher les disque à ne pas analyser
= Clic Lancer l'examen
= En fin de scan , si infection trouvée
==> Clic Afficher résultat
= Fermer vos applications en cours
= Vérifier si tout est coché et clic Supprimer la sélection
un rapport s'ouvre le copier et le coller dans la réponse
Puis redémarrer le pc !!
Et refais un nouveau rapport hijackthis stp
missy69
Messages postés
36
Date d'inscription
dimanche 20 juillet 2008
Statut
Membre
Dernière intervention
10 novembre 2008
21 juil. 2008 à 09:37
21 juil. 2008 à 09:37
Malwarebytes' Anti-Malware 1.22
Version de la base de données: 972
Windows 6.0.6001 Service Pack 1
09:36:49 21/07/2008
mbam-log-7-21-2008 (09-36-49).txt
Type de recherche: Examen rapide
Eléments examinés: 36821
Temps écoulé: 6 minute(s), 26 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 8
Fichier(s) infecté(s): 122
Processus mémoire infecté(s):
C:\Users\Elodie\winlogon.exe (Heuristics.Reserved.Word.Exploit) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Users\Elodie\AppData\Local\Temp\xxyxUlKD.dll (Trojan.Vundo) -> Unloaded module successfully.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Casino Tropez (Adware.Casino) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Casino Tropez (Adware.Casino) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cmds (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows logon applicationedc (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm6547bede (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\poker_paigow (Adware.Casino) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Casino Tropez (Adware.Casino) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Users\Elodie\AppData\Local\Temp\xxyxUlKD.dll (Trojan.Vundo) -> Delete on reboot.
C:\Casino\Casino Tropez\data\lobby\gameicon2\aroundtheworld.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\baccarat.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\baccarat_progressive.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\baccarat_video.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\balls.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack_duel.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack_pontoon.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack_progressive.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack_surrender.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_favourites.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_live.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_progressive.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_specials.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_tablegames.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_videopoker.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_videoslots.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\pachinko.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\penaltyshootout.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack_video.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\bonusbowling.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\craps.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\darts.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\dicetwister.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\gameicon-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\genieshilo.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\genieshilo_jackpot.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\headsortails.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\horseracing.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\keno.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\keno_x.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\mahjong.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\mahjong_pro.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_asian.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\poker_caribbean.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\poker_holdem.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\poker_paigow.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\poker_tequila.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\popbingo.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\reddog.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\rockpaperscissors.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\rollercoasterdice.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\roulette.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\roulette00.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\roulette_mini.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\sicbo.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\sicbo_video.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack_switch.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_cardgames.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\roulette_video.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_alchemist.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_fountain.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_ocean.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_alien25line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_amigos.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_beachlife20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_bermuda.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_bonusbears25line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_captain.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_chinese8line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_cinerama.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_crazy.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_custom3reel.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_custom5reel.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_desert20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_diamond5reel.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_footballrules25line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_forestofwonders25line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_fruitmania5reel.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_globaltraveler20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_goblin.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_gold.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_golf.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_haunted.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_highway.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_jungle.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_lotto20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_lovemore20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_magic.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_millionaireslane20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_monkey.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_neptune.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_nightout20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_8ball.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_party.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_profits.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_pyramids9line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_rock.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_safe.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_silver.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_sultan.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_thrillseekers50line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_tropic.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_uggabugga.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_ultimate8line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_vacation8line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_wall.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_wanted25line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_whatscooking30line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\spinawin.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\stravaganza.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_10jacks.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_10orbetter.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_25aces.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_4aces.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_4deuceswild.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_4jacks.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_50jacks.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_aces.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_deuceswild.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_highlow.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_jacks.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_joker.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_megajacks.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\wildviking.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\poker_paigow\back.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Casino Tropez\Casino Tropez.lnk (Adware.Casino) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Casino Tropez\Uninstall Casino Tropez.lnk (Adware.Casino) -> Quarantined and deleted successfully.
C:\Users\Elodie\winlogon.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Elodie\AppData\Local\Temp\ljoitdgt.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
Version de la base de données: 972
Windows 6.0.6001 Service Pack 1
09:36:49 21/07/2008
mbam-log-7-21-2008 (09-36-49).txt
Type de recherche: Examen rapide
Eléments examinés: 36821
Temps écoulé: 6 minute(s), 26 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 8
Fichier(s) infecté(s): 122
Processus mémoire infecté(s):
C:\Users\Elodie\winlogon.exe (Heuristics.Reserved.Word.Exploit) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Users\Elodie\AppData\Local\Temp\xxyxUlKD.dll (Trojan.Vundo) -> Unloaded module successfully.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Casino Tropez (Adware.Casino) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Casino Tropez (Adware.Casino) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cmds (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows logon applicationedc (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm6547bede (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\poker_paigow (Adware.Casino) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Casino Tropez (Adware.Casino) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Users\Elodie\AppData\Local\Temp\xxyxUlKD.dll (Trojan.Vundo) -> Delete on reboot.
C:\Casino\Casino Tropez\data\lobby\gameicon2\aroundtheworld.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\baccarat.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\baccarat_progressive.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\baccarat_video.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\balls.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack_duel.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack_pontoon.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack_progressive.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack_surrender.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_favourites.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_live.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_progressive.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_specials.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_tablegames.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_videopoker.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_videoslots.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\pachinko.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\penaltyshootout.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack_video.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\bonusbowling.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\craps.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\darts.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\dicetwister.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\gameicon-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\genieshilo.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\genieshilo_jackpot.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\headsortails.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\horseracing.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\keno.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\keno_x.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\mahjong.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\mahjong_pro.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_asian.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\poker_caribbean.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\poker_holdem.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\poker_paigow.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\poker_tequila.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\popbingo.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\reddog.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\rockpaperscissors.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\rollercoasterdice.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\roulette.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\roulette00.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\roulette_mini.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\sicbo.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\sicbo_video.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack_switch.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_cardgames.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\roulette_video.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_alchemist.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_fountain.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_ocean.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_alien25line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_amigos.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_beachlife20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_bermuda.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_bonusbears25line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_captain.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_chinese8line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_cinerama.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_crazy.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_custom3reel.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_custom5reel.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_desert20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_diamond5reel.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_footballrules25line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_forestofwonders25line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_fruitmania5reel.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_globaltraveler20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_goblin.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_gold.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_golf.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_haunted.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_highway.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_jungle.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_lotto20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_lovemore20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_magic.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_millionaireslane20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_monkey.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_neptune.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_nightout20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_8ball.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_party.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_profits.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_pyramids9line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_rock.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_safe.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_silver.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_sultan.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_thrillseekers50line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_tropic.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_uggabugga.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_ultimate8line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_vacation8line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_wall.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_wanted25line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_whatscooking30line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\spinawin.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\stravaganza.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_10jacks.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_10orbetter.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_25aces.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_4aces.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_4deuceswild.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_4jacks.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_50jacks.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_aces.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_deuceswild.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_highlow.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_jacks.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_joker.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_megajacks.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\wildviking.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\poker_paigow\back.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Casino Tropez\Casino Tropez.lnk (Adware.Casino) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Casino Tropez\Uninstall Casino Tropez.lnk (Adware.Casino) -> Quarantined and deleted successfully.
C:\Users\Elodie\winlogon.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Elodie\AppData\Local\Temp\ljoitdgt.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
21 juil. 2008 à 09:44
21 juil. 2008 à 09:44
ok redémarre ton pc et refais un nouveau rapport hijackthis stp
missy69
Messages postés
36
Date d'inscription
dimanche 20 juillet 2008
Statut
Membre
Dernière intervention
10 novembre 2008
21 juil. 2008 à 09:46
21 juil. 2008 à 09:46
voila
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:45:09, on 21/07/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
E:\programmes\VeohClient.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
E:\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Windows Mail\WinMail.exe
C:\Users\Elodie\Desktop\HJT.EXE
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.broadcom.com/support/security-center
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - E:\programmes\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\Nouveau dossier\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware Reboot] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "E:\programmes\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Elodie\AppData\Local\Temp\xxyxUlKD.dll,c
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DEAAB234-9D25-4D31-A3F7-162AD10CE98E} (FileUpload Control) - http://www.zaoza.fr/ActiveX/1.1.0.14/FileUpload.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:45:09, on 21/07/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
E:\programmes\VeohClient.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
E:\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Windows Mail\WinMail.exe
C:\Users\Elodie\Desktop\HJT.EXE
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.broadcom.com/support/security-center
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - E:\programmes\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\Nouveau dossier\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware Reboot] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "E:\programmes\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Elodie\AppData\Local\Temp\xxyxUlKD.dll,c
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DEAAB234-9D25-4D31-A3F7-162AD10CE98E} (FileUpload Control) - http://www.zaoza.fr/ActiveX/1.1.0.14/FileUpload.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
21 juil. 2008 à 09:50
21 juil. 2008 à 09:50
télécharge OtMoveIt
Télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau.
Double-clique sur OTMoveIt.exe pour le lancer.
Copie la liste qui se trouve en gras dans la citation ci-dessous et colle-la dans le cadre de gauche de OTMoveIt sous Paste List of Files/Folders to move.
c:\users\elodie\appdata\local\temp\xxyxulkd.dll
clique sur MoveIt! pour lancer la suppression.
Le résultat apparaitra dans le cadre "Results".
Clique sur Exit pour fermer.
Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
Il te sera peut-être demandé de redémarrer le pc pour achever la suppression. Si c'est le cas accepte par Yes.
ensuite :
Fix.reg
Ouvre le bloc-notes (click droit sur le bureau > dans l´arborescence choisi nouveau et nouveau fichier texte) et fais un copier coller de ce qui est en gras dans la citation ci-dessous (copie tout d'un trait sans les barres(x)) :
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cmds"=-
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Note : Regedit4 est sur la premiere ligne dans le bloc note et il y a une ligne blanche a la fin.
Puis click sur "fichier"/"enregistrer sous" :
dans : sur le bureau
Nom du fichier : fix.reg
Type de fichier : "tous les fichiers"
clique sur "enregistrer"
ca doit ressembler à ca une fois enregistré :
http://img520.imageshack.us/img520/4251/screenshot005ps2.png
double clique sur fix.reg => tu dois obligatoirement avoir un message "voulez-vous vraiment ajouter les informations contenues dans ce fichier .reg au registre ?"
Si c'est bien le cas, clique sur "oui"
ensuite redémarre le pc et refais un nouveau rapport hijackthis stp
Télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau.
Double-clique sur OTMoveIt.exe pour le lancer.
Copie la liste qui se trouve en gras dans la citation ci-dessous et colle-la dans le cadre de gauche de OTMoveIt sous Paste List of Files/Folders to move.
c:\users\elodie\appdata\local\temp\xxyxulkd.dll
clique sur MoveIt! pour lancer la suppression.
Le résultat apparaitra dans le cadre "Results".
Clique sur Exit pour fermer.
Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
Il te sera peut-être demandé de redémarrer le pc pour achever la suppression. Si c'est le cas accepte par Yes.
ensuite :
Fix.reg
Ouvre le bloc-notes (click droit sur le bureau > dans l´arborescence choisi nouveau et nouveau fichier texte) et fais un copier coller de ce qui est en gras dans la citation ci-dessous (copie tout d'un trait sans les barres(x)) :
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cmds"=-
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Note : Regedit4 est sur la premiere ligne dans le bloc note et il y a une ligne blanche a la fin.
Puis click sur "fichier"/"enregistrer sous" :
dans : sur le bureau
Nom du fichier : fix.reg
Type de fichier : "tous les fichiers"
clique sur "enregistrer"
ca doit ressembler à ca une fois enregistré :
http://img520.imageshack.us/img520/4251/screenshot005ps2.png
double clique sur fix.reg => tu dois obligatoirement avoir un message "voulez-vous vraiment ajouter les informations contenues dans ce fichier .reg au registre ?"
Si c'est bien le cas, clique sur "oui"
ensuite redémarre le pc et refais un nouveau rapport hijackthis stp
missy69
Messages postés
36
Date d'inscription
dimanche 20 juillet 2008
Statut
Membre
Dernière intervention
10 novembre 2008
21 juil. 2008 à 10:02
21 juil. 2008 à 10:02
je poste deja le rapport otmovelt
File/Folder c:\users\elodie\appdata\local\temp\xxyxulkd.dll not found.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 07212008_095415
File/Folder c:\users\elodie\appdata\local\temp\xxyxulkd.dll not found.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 07212008_095415
missy69
Messages postés
36
Date d'inscription
dimanche 20 juillet 2008
Statut
Membre
Dernière intervention
10 novembre 2008
21 juil. 2008 à 10:10
21 juil. 2008 à 10:10
voici le nouveau rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:08:10, on 21/07/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehmsas.exe
E:\programmes\VeohClient.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
E:\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Windows Mail\WinMail.exe
C:\Users\Elodie\Desktop\HJT.EXE
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.broadcom.com/support/security-center
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - E:\programmes\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\Nouveau dossier\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "E:\programmes\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DEAAB234-9D25-4D31-A3F7-162AD10CE98E} (FileUpload Control) - http://www.zaoza.fr/ActiveX/1.1.0.14/FileUpload.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:08:10, on 21/07/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehmsas.exe
E:\programmes\VeohClient.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
E:\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Windows Mail\WinMail.exe
C:\Users\Elodie\Desktop\HJT.EXE
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.broadcom.com/support/security-center
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - E:\programmes\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\Nouveau dossier\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "E:\programmes\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DEAAB234-9D25-4D31-A3F7-162AD10CE98E} (FileUpload Control) - http://www.zaoza.fr/ActiveX/1.1.0.14/FileUpload.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
21 juil. 2008 à 10:15
21 juil. 2008 à 10:15
ca a l air bon je ne vois plus d infections
relance hijackthis en cliquant sur scan only et coches ces lignes stp :
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O16 - DPF: {DEAAB234-9D25-4D31-A3F7-162AD10CE98E} (FileUpload Control) - http://www.zaoza.fr/ActiveX/1.1.0.14/FileUpload.cab
puis tu cliques sur fix checked.
vas faire les mises à niveau de java et adobe reader à ces adresses :
java : https://www.java.com/fr/download/manual.jsp
adobe reader VISTA : https://get2.adobe.com/reader/otherversions/
et ensuite désinstalle les versions antérieures.
est ce que tu utilises norton pour le moment ??
et est ce que tu as encore des problemes ??
relance hijackthis en cliquant sur scan only et coches ces lignes stp :
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O16 - DPF: {DEAAB234-9D25-4D31-A3F7-162AD10CE98E} (FileUpload Control) - http://www.zaoza.fr/ActiveX/1.1.0.14/FileUpload.cab
puis tu cliques sur fix checked.
vas faire les mises à niveau de java et adobe reader à ces adresses :
java : https://www.java.com/fr/download/manual.jsp
adobe reader VISTA : https://get2.adobe.com/reader/otherversions/
et ensuite désinstalle les versions antérieures.
est ce que tu utilises norton pour le moment ??
et est ce que tu as encore des problemes ??
missy69
Messages postés
36
Date d'inscription
dimanche 20 juillet 2008
Statut
Membre
Dernière intervention
10 novembre 2008
21 juil. 2008 à 10:30
21 juil. 2008 à 10:30
jai fais fix checked mais j'ai eu un message d'erreur
je suis en train d'installer java, pour après dans quel dossier je vais pour trouver les versions anterieurs à supprimer.
Oui j'utilise norton apparement il y a deja tout pare feu et tou
jai aussi spybot qui m'affiche un message constament je n'arrive pas a fermer"spybot a décelé qu'un élément important du registrea été modifié" element sun java uptade sched
sinon tout à l'air d'allé mieu, donc un grand merci pour ton aide geoffrey5
je suis en train d'installer java, pour après dans quel dossier je vais pour trouver les versions anterieurs à supprimer.
Oui j'utilise norton apparement il y a deja tout pare feu et tou
jai aussi spybot qui m'affiche un message constament je n'arrive pas a fermer"spybot a décelé qu'un élément important du registrea été modifié" element sun java uptade sched
sinon tout à l'air d'allé mieu, donc un grand merci pour ton aide geoffrey5
missy69
Messages postés
36
Date d'inscription
dimanche 20 juillet 2008
Statut
Membre
Dernière intervention
10 novembre 2008
21 juil. 2008 à 10:32
21 juil. 2008 à 10:32
pour le message de spybot il est parti
voila
voila
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
21 juil. 2008 à 10:36
21 juil. 2008 à 10:36
autorise la modification...et je te conseille de désactiver le résident de spybot, il embete plus qu autre chose...
pour désinstaller les versions antérieures, tu vas dans supprimer programmes (je ne connais pas bien vista donc je ne saurais pas te dire exactement)
et tu désinstalles toutes les versions de java sauf la version6 update7
et tu désinstalles toutes les versions d adobe reader sauf la 9
ensuite :
Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
Pour supprimer toutes les traces des logiciels qui ont servi à traiter les infections spécifiques :
Télécharge toolscleaner sur ton Bureau : http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
* Double-clique sur ToolsCleaner2.exe et laisse le travailler
* Clique sur Recherche et laisse le scan se terminer.
* Clique sur Suppression pour finaliser.
* Tu peux, si tu le souhaites, te servir des Options facultatives.
* Clique sur Quitter, pour que le rapport puisse se créer.
* Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\)...colle le dans ta réponse
ensuite réactive le controle des comptes utilisateur et vas créer un point de restauration systeme.
pour désinstaller les versions antérieures, tu vas dans supprimer programmes (je ne connais pas bien vista donc je ne saurais pas te dire exactement)
et tu désinstalles toutes les versions de java sauf la version6 update7
et tu désinstalles toutes les versions d adobe reader sauf la 9
ensuite :
Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
Pour supprimer toutes les traces des logiciels qui ont servi à traiter les infections spécifiques :
Télécharge toolscleaner sur ton Bureau : http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
* Double-clique sur ToolsCleaner2.exe et laisse le travailler
* Clique sur Recherche et laisse le scan se terminer.
* Clique sur Suppression pour finaliser.
* Tu peux, si tu le souhaites, te servir des Options facultatives.
* Clique sur Quitter, pour que le rapport puisse se créer.
* Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\)...colle le dans ta réponse
ensuite réactive le controle des comptes utilisateur et vas créer un point de restauration systeme.
missy69
Messages postés
36
Date d'inscription
dimanche 20 juillet 2008
Statut
Membre
Dernière intervention
10 novembre 2008
21 juil. 2008 à 11:26
21 juil. 2008 à 11:26
lorsque je clic sur le lien pour telecharger toolcleaner il ne se passe rien
missy69
Messages postés
36
Date d'inscription
dimanche 20 juillet 2008
Statut
Membre
Dernière intervention
10 novembre 2008
21 juil. 2008 à 11:53
21 juil. 2008 à 11:53
personne pour m'aider?,je peu supprimé les programmes un par un dans panneau de configuration?
cruchot10
Messages postés
262
Date d'inscription
lundi 14 juillet 2008
Statut
Membre
Dernière intervention
8 novembre 2008
28
21 juil. 2008 à 12:00
21 juil. 2008 à 12:00
bonjour
supprime seulement ce que tools cleaner a trouvé dapres geoffrey cela devra etre sa mais est ce qu eton probleme est resolu?
supprime seulement ce que tools cleaner a trouvé dapres geoffrey cela devra etre sa mais est ce qu eton probleme est resolu?
missy69
Messages postés
36
Date d'inscription
dimanche 20 juillet 2008
Statut
Membre
Dernière intervention
10 novembre 2008
21 juil. 2008 à 12:03
21 juil. 2008 à 12:03
oui mon probleme est résolu , mais je n'arrive pas a installer tool cleaner je suis aller sur son lien et lorsque je clique sur telecharger il ne se passe rien et jai essayer avec un autre lien de telechargement sa marche donc c'est peu etre le lien telechargement de tool cleaner qui ne fonctionne pas