Sujet Précédent Sujet Suivant

Virus qui bloque certains sites

nicolas191986 -  
geoffrey5 Messages postés 14008 Statut Contributeur sécurité -
Bonjour à tous,

Je possède symantec comme antivirus mais je n'arrive pas à me débarasser d'un virus qui m'empèche d'accéder à certains sites, ouvre de nombreuses fenêtres pop up, ralentit le systeme...

Il a été conseillé sur ce site d'envoyer comme première étape un rapport de hijack this, donc le voila!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\VPTray.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\ThinkVantage\SystemUpdate\PipeServer.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\ThinkVantage\AMSG\Amsg.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\LaCie\Backup Software\LaCieBackup.exe
C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Symantec AntiVirus\vpc32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Casino\BetClic Poker\poker.exe
C:\Casino\BetClic Poker\browserhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\N-JULIA\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.em-lyon.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.em-lyon.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.20.10.50:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [Piolet] D:\PROGRA~1\Piolet\Piolet.exe SILENT
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [suScheduler] C:\Program Files\ThinkVantage\SystemUpdate\UCLauncher.exe /SCHEDULER
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [SCFTrayStartUp] C:\Program Files\Sophos\Sophos Client Firewall\SCFTray.exe
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [ISUSScheduler] "c:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Workflow] E:\install\Workflow.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [9058f7ac] rundll32.exe "C:\WINDOWS\system32\hchbflms.dll",b
O4 - HKLM\..\Run: [BM936bc430] Rundll32.exe "C:\WINDOWS\system32\ppqhbtag.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-215402772-4112265767-775726703-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Administrateur')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: Analyseur de connectivité de client de pare-feu.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Mise à jour de logiciels ThinkPad - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O14 - IERESET.INF: START_PAGE_URL=http://www.em-lyon.net
O15 - Trusted Zone: https://www.facebook.com/
O15 - Trusted Zone: http://srv4.mediapluspro.net
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = education.em-lyon.priv
O17 - HKLM\Software\..\Telephony: DomainName = education.em-lyon.priv
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = education.em-lyon.priv
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: ThinkVantage System Update (UCLauncherService) - Unknown owner - C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/N-JULIA/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg

Merci d'avance pour votre aide,

Nicolas
A voir également:

17 réponses

Réponse 1 / 17
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
Salut !!

Télécharger sur le bureau malware bytes : http://ww.commentcamarche.net/telecharger/telechargement 34055379 malwarebyte s anti malware?thread

= double-clic sur mbam-setup pour lancer l'installation
= Installer simplement sans rien modifier
= Quand le programme lancé ==> faire une mise à jour ensuite cocher Exécuter un examen complet
= Clic Rechercher
= Eventuellement décocher les disque à ne pas analyser
= Clic Lancer l'examen
= En fin de scan , si infection trouvée
==> Clic Afficher résultat
= Fermer vos applications en cours
= Vérifier si tout est coché et clic Supprimer la sélection

un rapport s'ouvre le copier et le coller dans la réponse

Puis redémarrer le pc !!

Et refais un nouveau rapport hijackthis stp
0
Réponse 2 / 17
douchka66 Messages postés 1693 Date d'inscription   Statut Membre Dernière intervention   46
 
bonjour norton pas ma tasse de thé je prefere karsperski
tu peux faire un scan complet ave malwarebytes et redémarrer l'ordi chez moi il y a deux jours j'étais comme toi maintenant je suis propre
0
Réponse 3 / 17
debutante66 Messages postés 1306 Date d'inscription   Statut Membre Dernière intervention   200
 
bonjour
ca peut peut etre t aider
http://www.infos-du-net.com/forum/281013-11-virus-bloque-certains-sites

tu n'aurais pas mis de controle parental ? j ai symantec et n'ai pas de souci...enfin, pour le moment!
0
Réponse 4 / 17
nicolas191986
 
Voila le rapport!

Je redémarre mon pc en attendant de voir ce que vous en pensez

Malwarebytes' Anti-Malware 1.22
Version de la base de données: 972
Windows 5.1.2600 Service Pack 2

10:29:02 21/07/2008
mbam-log-7-21-2008 (10-29-02).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 118161
Temps écoulé: 44 minute(s), 44 second(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 13
Clé(s) du Registre infectée(s): 23
Valeur(s) du Registre infectée(s): 9
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 8
Fichier(s) infecté(s): 733

Processus mémoire infecté(s):
C:\Casino\BetClic Poker\browserhost.exe (Adware.Casino) -> Unloaded process successfully.
C:\Casino\BetClic Poker\poker.exe (Adware.Casino) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\ssqNDUnm.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\hchbflms.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\itgmcbos.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\cbXNGWqQ.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\Casino\BetClic Poker\cardlib.dll (Adware.Casino) -> Unloaded module successfully.
C:\Casino\BetClic Poker\common.dll (Adware.Casino) -> Unloaded module successfully.
C:\Casino\BetClic Poker\devlib.dll (Adware.Casino) -> Unloaded module successfully.
C:\Casino\BetClic Poker\devlibcomm.dll (Adware.Casino) -> Unloaded module successfully.
C:\Casino\BetClic Poker\libeay32.dll (Adware.Casino) -> Unloaded module successfully.
C:\Casino\BetClic Poker\poker.dll (Adware.Casino) -> Unloaded module successfully.
C:\Casino\BetClic Poker\ssleay32.dll (Adware.Casino) -> Unloaded module successfully.
C:\Casino\BetClic Poker\xml.dll (Adware.Casino) -> Unloaded module successfully.
C:\WINDOWS\system32\wingdm32.dll (Dialer) -> Unloaded module successfully.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8c70056b-6fe4-4c1a-b0ce-917eb7ee52ea} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8c70056b-6fe4-4c1a-b0ce-917eb7ee52ea} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8d5e1f06-408f-465a-8d5f-20640812f580} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{8d5e1f06-408f-465a-8d5f-20640812f580} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f940725f-cf33-4e98-9529-9e7045527246} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f940725f-cf33-4e98-9529-9e7045527246} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7ebb7da6-2369-450d-980f-9a2311a99acf} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7ebb7da6-2369-450d-980f-9a2311a99acf} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cbxngwqq (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4177b76c-eaa7-4a8e-b0ef-43479d201bce} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4177b76c-eaa7-4a8e-b0ef-43479d201bce} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{89d9f8ec-d95d-4587-8f8b-d455ea083055} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{89d9f8ec-d95d-4587-8f8b-d455ea083055} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e34c6821-e5d4-4c84-af00-df662bce9b2d} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e34c6821-e5d4-4c84-af00-df662bce9b2d} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wingdm32 (Dialer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\9058f7ac (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm936bc430 (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{7ebb7da6-2369-450d-980f-9a2311a99acf} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\ssqndunm -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\ssqndunm -> Delete on reboot.

Dossier(s) infecté(s):
C:\Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\logs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\sfx (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs (Adware.Casino) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\mlJAPhfF.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\FfhPAJlm.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\FfhPAJlm.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssqNDUnm.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\mnUDNqss.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mnUDNqss.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rmewic.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hchbflms.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\smlfbhch.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\huvbyjug.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gujybvuh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\itgmcbos.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\cbXNGWqQ.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\wgnkomhv.dll (Trojan.BHO) -> Delete on reboot.
C:\Program Files\Adobe\Adobe InDesign CS2 Trial\Patch.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FJY4Z5GC\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FJY4Z5GC\kb671231[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\LBH9HDVH\css4[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\LBH9HDVH\3077ahntdksr[1].dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QWV2OCOL\kb767887[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\N-JULIA\Local Settings\Temp\abcsqlql.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\N-JULIA\Local Settings\Temporary Internet Files\Content.IE5\1XJ5IE57\3x0gj[1].dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\N-JULIA\Local Settings\Temporary Internet Files\Content.IE5\KXEDHCSE\css4[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\N-JULIA\Local Settings\Temporary Internet Files\Content.IE5\KXEDHCSE\css4[2] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\N-JULIA\Local Settings\Temporary Internet Files\Content.IE5\SQ5P14T5\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\N-JULIA\Local Settings\Temporary Internet Files\Content.IE5\SQ5P14T5\kb671231[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\N-JULIA\Local Settings\Temporary Internet Files\Content.IE5\SQ5P14T5\3077ahntdksr[1].dll (Adware.Agent) -> Delete on reboot.
C:\Documents and Settings\N-JULIA\Local Settings\Temporary Internet Files\Content.IE5\WW3XP10X\kb767887[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C99FC601-9195-45D9-99B4-B165C7973F04}\RP490\A0153240.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C99FC601-9195-45D9-99B4-B165C7973F04}\RP490\A0153241.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C99FC601-9195-45D9-99B4-B165C7973F04}\RP490\A0153242.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C99FC601-9195-45D9-99B4-B165C7973F04}\RP490\A0153244.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C99FC601-9195-45D9-99B4-B165C7973F04}\RP490\A0153245.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C99FC601-9195-45D9-99B4-B165C7973F04}\RP490\A0153246.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gwfieqqj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gwgnkomh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hfydshdk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bvujfn.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\ewbicwtj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jtydhpnp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mjaccg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pbcxjz.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pcylvofp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pehfnhik.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ppqhbtag.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rdsjfcnv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\remhsvse.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tckofokj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vlhvsh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mwxgivgw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dkolbu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\feldpvbt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fjytuptl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pgugojit.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\qkgqkr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\elxbhvmh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nnglohuq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nnnmjjGA.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\abcsqlql.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tntfddru.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xhpxhhbq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmoyxahq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xppiixhk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ywulcaeo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hpjqoubx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\id.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\options.cfg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\blackjack.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\browser.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\browserhost.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\cacerts.crt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\cam.cas (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\cardlib.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\common.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\core.dmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\countries.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\creditdebit.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\db.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\devlib.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\devlibcomm.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\filemap.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\fivecard.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\games.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\gsid.txt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\INSTALL.LOG (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\languages.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\libeay32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\licens.txt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\mfc80.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\microsoft.vc80.crt.manifest (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\microsoft.vc80.mfc.manifest (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\modstatus.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\mp3dec.asi (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\mss32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\msvcp71.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\msvcp80.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\msvcr71.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\msvcr80.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\navigator.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\omaha.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\poker.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\poker.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\sc.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\shfolder.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\srvmap.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\ssleay32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\texas.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\UNWISE.EXE (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\UNWISE.INI (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\update.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\vistaelevator.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xml.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\zlib1.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\0.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\1.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\10.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\11.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\12.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\13.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\14.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\15.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\16.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\17.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\18.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\19.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\2.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\20.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\21.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\22.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\23.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\24.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\25.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\26.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\28.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\29.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\3.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\30.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\31.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\32.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\33.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\34.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\35.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\36.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\37.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\38.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\39.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\4.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\40.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\41.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\42.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\43.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\44.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\45.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\47.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\48.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\49.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\5.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\50.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\51.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\6.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\7.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\8.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\9.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\allin_popup.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\allin_popup_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\archive.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\archive_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\avatar.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\b.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\base.css (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\bj_bkg.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\bkg.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\bkg_playerlist.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\bkg_playernotes.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_blackjack.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_cashier.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_close.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_filters_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_filters_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_game.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_game.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_general.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_join.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_join.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_join_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_main.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_medium.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_minmax.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_sublevels_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_sublevels_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_timebank.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_timebank_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\caret.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\chatbubble.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\chatpanel_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\chips.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\decktype_settings.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\edit.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\gamelimits1.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\gamelimits2.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\gamelimits3.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\game_bjframe.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\game_blackjack.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\gre_font_10p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\gre_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\hand.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\hand.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\hand_cursor.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\hand_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\harrow.cur (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\headers_bkg.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\headers_text.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\history.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\history.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\history_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\27.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\46.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\browserdetect.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\game_summary.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\navigator_bg.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_game_top.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_cards_large_4c.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_active.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\progress_ani.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\icon_mute_unmute_notes.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\input_additional.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\input_additional_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\input_boxes.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\input_lists.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\language.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\language.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\languages.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\language_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\main.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\main_bkg.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\main_listhi.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\menu_buttons.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\menu_window_headers.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\navigator_buttons.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\navigator_moneytext.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\navigator_timer.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_bottom.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_game_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_game_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_game_small.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_game_small_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_left.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_medium.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_moretables.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_texts.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_top.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_top_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_top_network_health.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\pointer.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_bkg_mini.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_cardback.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_cards.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_cards_4c.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_cards_large.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_deckside.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_font_10p_bold.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_font_10p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_font_11p_bold.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_makechoice.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_makechoice_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_pucks.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_pucks_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\pol_font_10p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\pol_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\popupbkg.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\popups.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_actions.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_actions_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_active.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_active_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_inactive.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_inactive.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_inactive_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_mute.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_note.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_numbers.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\pot_bets.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tabs_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tab_myaccount.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tab_promotions.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\text.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\Thumbs.db (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\timeslider.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\timeslider_mini.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tournamentinfo_bkg.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tur_font_10p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tur_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tx_bkg10.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tx_bkg5.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\user.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\user_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\white_line.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\win_graphics.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\xml.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\xml_decoder.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\promo-test1.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\quickplay_items.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\rus_font_10p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\rus_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\sc_bkg8.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tablelimits_bkg_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tablelimits_header.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tablelimits_minmax.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tabs_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tabs_cashier.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session116383438.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\archive.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\history_0736.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\history_0737.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session111049012.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session111056361.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session111262752.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session111277797.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session111280690.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session111289501.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session111815624.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session111821207.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session112627562.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session112628158.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session112632770.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session112633455.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session112635364.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session112636951.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session112637289.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session113189215.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session113190593.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session113191556.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session113193333.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session113468152.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session113471109.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session113474148.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session113477074.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session113480590.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session113538030.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session113538697.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session113743154.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session113744218.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session113745086.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session114062002.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session114325435.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session114331147.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session114332163.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session114333475.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session114336258.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session114337496.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session114565255.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session114565996.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session114569229.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session114577062.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session114848226.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session114853070.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session114854335.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session114855671.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session114856069.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\history_0738.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session111047457.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session112944140.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session114066436.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session114859155.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session115701903.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session115705809.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session115710969.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session115712881.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session115715517.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session115719625.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session115730543.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session115731767.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session116022966.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session116024661.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session116030095.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session116031860.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session116378758.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session116379792.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session116381135.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session116395842.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session116401317.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session116407420.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session116413995.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session116415403.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session116417537.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session116419774.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session116420308.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session116422027.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session116917311.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session116919117.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session116921410.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session117160702.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session117167449.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session117205925.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session117213936.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session117215996.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session117221087.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session117223658.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session117227552.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session117228682.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session117232097.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session117435680.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session117437221.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session117438278.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session118273853.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session118276150.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session118279820.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session118284554.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session118568298.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session118799230.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session118800323.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session118804909.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session118810883.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119087799.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119088261.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119092262.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119098061.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119103594.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119108072.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119110171.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119381328.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119385808.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119387176.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119387876.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119391393.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119395483.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119413581.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119554566.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119556746.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119616714.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119619193.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119619646.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119629289.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session119630907.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session120183401.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session120186606.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session120188525.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session120480027.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session120485481.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session120769912.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session120770748.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session120773740.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session120776813.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session120777735.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session120780987.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121054877.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121055799.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121056517.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121265420.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121266223.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121268192.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121268916.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121269836.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121275058.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121276280.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121276708.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121276980.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121277139.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121277492.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121277880.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121277941.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121282631.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121283574.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121285694.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121286784.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121287222.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121287977.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121289187.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121291107.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session121596113.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session122614349.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session122616304.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session122616868.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session122617653.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session122618717.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session122624703.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session122626042.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session122628058.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session122629090.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session124266613.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session124533119.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session124535728.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session128824870.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session130855003.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session-1.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session110731557.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session111006001.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\history\1757317\session11100740
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 17
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
oula !! presque 800 fichiers infectés qui ont été supprimés lol...il était temps de te désinfecter :-)

refais un nouveau rapport hijackthis pour vérifier apres avoir redémarré stp
0
Réponse 6 / 17
nicolas191986
 
En effet c'est impressionnant!

Il n'y a pas de risque que je me sois fait voler des données personelles? Je vois notamment des fichiers infectés au nom de mon logiciel de poker...

Voila le rapport hijack!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:40:52, on 21/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\VPTray.exe
C:\Program Files\ThinkVantage\SystemUpdate\UCLauncher.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ThinkVantage\SystemUpdate\PipeServer.exe
C:\WINDOWS\vsnp2std.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\ThinkVantage\AMSG\Amsg.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\LaCie\Backup Software\LaCieBackup.exe
C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\N-JULIA\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.em-lyon.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.em-lyon.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.20.10.50:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: {97f49f89-e7ca-5f88-1554-37b558883993} - {39938885-5b73-4551-88f5-ac7e98f94f79} - C:\WINDOWS\system32\bvujfn.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {AAD98BC9-A1AA-4AFD-BEBF-22FC509A921E} - C:\WINDOWS\system32\iifCvtRk.dll (file missing)
O2 - BHO: (no name) - {C073C3A8-0D30-41D3-8BDE-07E700C72752} - C:\WINDOWS\system32\wgnkomhv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [Piolet] D:\PROGRA~1\Piolet\Piolet.exe SILENT
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [suScheduler] C:\Program Files\ThinkVantage\SystemUpdate\UCLauncher.exe /SCHEDULER
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [SCFTrayStartUp] C:\Program Files\Sophos\Sophos Client Firewall\SCFTray.exe
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [ISUSScheduler] "c:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Workflow] E:\install\Workflow.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: Analyseur de connectivité de client de pare-feu.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Mise à jour de logiciels ThinkPad - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O14 - IERESET.INF: START_PAGE_URL=http://www.em-lyon.net
O15 - Trusted Zone: https://www.facebook.com/
O15 - Trusted Zone: http://srv4.mediapluspro.net
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = education.em-lyon.priv
O17 - HKLM\Software\..\Telephony: DomainName = education.em-lyon.priv
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = education.em-lyon.priv
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = education.em-lyon.priv
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = education.em-lyon.priv
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: ThinkVantage System Update (UCLauncherService) - Unknown owner - C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/N-JULIA/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
0
Réponse 7 / 17
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
ca je ne saurais pas te dire mais les site et les logiciels de pocker sont souvent tres infectés...fais ceci stp, il te reste une infection :

télécharge OtMoveIt

Télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau.
Double-clique sur OTMoveIt.exe pour le lancer.
Copie la liste qui se trouve en gras dans la citation ci-dessous et colle-la dans le cadre de gauche de OTMoveIt sous Paste List of Files/Folders to move.

c:\windows\system32\bvujfn.dll

clique sur MoveIt! pour lancer la suppression.
Le résultat apparaitra dans le cadre "Results".
Clique sur Exit pour fermer.
Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

Il te sera peut-être demandé de redémarrer le pc pour achever la suppression. Si c'est le cas accepte par Yes.

ensuite :

Fix.reg

Ouvre le bloc-notes (click droit sur le bureau > dans l´arborescence choisi nouveau et nouveau fichier texte) et fais un copier coller de ce qui est en gras dans la citation ci-dessous (copie tout d'un trait sans les barres(x)) :

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39938885-5b73-4551-88f5-ac7e98f94f79}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39938885-5b73-4551-88f5-ac7e98f94f79}]

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Note : Regedit4 est sur la premiere ligne dans le bloc note et il y a une ligne blanche a la fin.
Puis click sur "fichier"/"enregistrer sous" :
dans : sur le bureau
Nom du fichier : fix.reg
Type de fichier : "tous les fichiers"
clique sur "enregistrer"

ca doit ressembler à ca une fois enregistré :

http://img520.imageshack.us/img520/4251/screenshot005ps2.png

double clique sur fix.reg => tu dois obligatoirement avoir un message "voulez-vous vraiment ajouter les informations contenues dans ce fichier .reg au registre ?"
Si c'est bien le cas, clique sur "oui"

ensuite redémarre le pc et refais un nouveau rapport hijackthis stp
0
Réponse 8 / 17
nicolas191986
 
Voila pour le premier rapport:

LoadLibrary failed for c:\windows\system32\bvujfn.dll
c:\windows\system32\bvujfn.dll NOT unregistered.
c:\windows\system32\bvujfn.dll moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 07212008_105008
0
Réponse 9 / 17
nicolas191986
 
J'ai un message d'erreur quand je clique sur le fichier fix.reg : "l'application n'a pas réussi a s'initialiser correctement"
0
Réponse 10 / 17
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
ok...redémarre le pc et refais un nouveau rapport hijackthis stp
0
Réponse 11 / 17
nicolas191986
 
Voila pour le nouveau rapport une fois le pc redémarré!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:20:38, on 21/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\VPTray.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\vsnp2std.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\Program Files\ThinkVantage\SystemUpdate\PipeServer.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\ThinkVantage\AMSG\Amsg.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\LaCie\Backup Software\LaCieBackup.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\BetClic Poker\poker.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\BetClic Poker\browserhost.exe
C:\Program Files\BetClic Poker\poker.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Documents and Settings\N-JULIA\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.em-lyon.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.em-lyon.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.20.10.50:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: {97f49f89-e7ca-5f88-1554-37b558883993} - {39938885-5b73-4551-88f5-ac7e98f94f79} - C:\WINDOWS\system32\bvujfn.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {AAD98BC9-A1AA-4AFD-BEBF-22FC509A921E} - C:\WINDOWS\system32\iifCvtRk.dll (file missing)
O2 - BHO: (no name) - {C073C3A8-0D30-41D3-8BDE-07E700C72752} - C:\WINDOWS\system32\wgnkomhv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [Piolet] D:\PROGRA~1\Piolet\Piolet.exe SILENT
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [suScheduler] C:\Program Files\ThinkVantage\SystemUpdate\UCLauncher.exe /SCHEDULER
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [SCFTrayStartUp] C:\Program Files\Sophos\Sophos Client Firewall\SCFTray.exe
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [ISUSScheduler] "c:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Workflow] E:\install\Workflow.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: Analyseur de connectivité de client de pare-feu.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Mise à jour de logiciels ThinkPad - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O14 - IERESET.INF: START_PAGE_URL=http://www.em-lyon.net
O15 - Trusted Zone: https://www.facebook.com/
O15 - Trusted Zone: http://srv4.mediapluspro.net
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = education.em-lyon.priv
O17 - HKLM\Software\..\Telephony: DomainName = education.em-lyon.priv
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = education.em-lyon.priv
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = education.em-lyon.priv
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = education.em-lyon.priv
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: ThinkVantage System Update (UCLauncherService) - Unknown owner - C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/N-JULIA/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
0
Réponse 12 / 17
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
télécharge combofix (par sUBs) ici :

https://forospyware.com

et enregistre le sur le Bureau.

déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)

double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

ensuite refais un nouveau rapport hijackthis stp
0
Réponse 13 / 17
nicolas191986
 
je n'arrive pas à télécharger combofix!

"some installation files are corrupt, please download a fresh copy and retry the installation"
0
Réponse 14 / 17
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
ok pas grave c est un fichier perdu...

relance hijackthis en cliquant sur scan only et coches ces lignes stp :

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {AAD98BC9-A1AA-4AFD-BEBF-22FC509A921E} - C:\WINDOWS\system32\iifCvtRk.dll (file missing)
O2 - BHO: {97f49f89-e7ca-5f88-1554-37b558883993} - {39938885-5b73-4551-88f5-ac7e98f94f79} - C:\WINDOWS\system32\bvujfn.dll (file missing)
O4 - Global Startup: BTTray.lnk = ?
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O2 - BHO: (no name) - {C073C3A8-0D30-41D3-8BDE-07E700C72752} - C:\WINDOWS\system32\wgnkomhv.dll

puis tu cliques sur fix checked.

vas faire la mise à niveau d adobe reader à cette adresse :

adobe reader XP : https://get2.adobe.com/reader/otherversions/

ensuite désinstalle la version antérieure 8.0

est ce que tu utilises norton pour le moment ??

et est ce que tu as encore des problemes ??
0
Réponse 15 / 17
nicolas191986
 
J'ai effectué les manipulations.

Oui j'utilise toujours symantec, et j'ai encore quelques fenêtres pop up qui viennent polluer la navigation, même si elles se font plus rares
0
Réponse 16 / 17
nicolas191986
 
Voila le dernier rapport hijack this, y a t il encore des manipulations à effectuer?

Merci encore pour ton aide

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:15:31, on 21/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\VPTray.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ThinkVantage\SystemUpdate\PipeServer.exe
C:\WINDOWS\vsnp2std.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\ThinkVantage\AMSG\Amsg.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\LaCie\Backup Software\LaCieBackup.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\BetClic Poker\poker.exe
C:\Program Files\BetClic Poker\browserhost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\4okcL6Pv.exe
C:\Documents and Settings\N-JULIA\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.em-lyon.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.em-lyon.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.20.10.50:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: {97f49f89-e7ca-5f88-1554-37b558883993} - {39938885-5b73-4551-88f5-ac7e98f94f79} - C:\WINDOWS\system32\bvujfn.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [Piolet] D:\PROGRA~1\Piolet\Piolet.exe SILENT
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [suScheduler] C:\Program Files\ThinkVantage\SystemUpdate\UCLauncher.exe /SCHEDULER
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [SCFTrayStartUp] C:\Program Files\Sophos\Sophos Client Firewall\SCFTray.exe
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [ISUSScheduler] "c:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Workflow] E:\install\Workflow.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [getPlusUninstall] "C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: Analyseur de connectivité de client de pare-feu.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Mise à jour de logiciels ThinkPad - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O14 - IERESET.INF: START_PAGE_URL=http://www.em-lyon.net
O15 - Trusted Zone: https://www.facebook.com/
O15 - Trusted Zone: http://srv4.mediapluspro.net
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = education.em-lyon.priv
O17 - HKLM\Software\..\Telephony: DomainName = education.em-lyon.priv
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = education.em-lyon.priv
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = education.em-lyon.priv
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = education.em-lyon.priv
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: ThinkVantage System Update (UCLauncherService) - Unknown owner - C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/N-JULIA/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
0
Réponse 17 / 17
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
est ce que tu as fais le message 14 ??

et quel genre de pubs est ce que tu as encore ??
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses