Pub intempestives
Fermé
geff
-
14 août 2008 à 00:13
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 14 août 2008 à 02:32
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 14 août 2008 à 02:32
A voir également:
- Pub intempestives
- Bloqueur de pub youtube - Guide
- Netflix standard avec pub - Guide
- Youtube sans pub - Guide
- YT Siphon : une extension pour contourner la pub sur YouTube - Guide
- Stop pub gratuit - Télécharger - Divers Utilitaires
22 réponses
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
14 août 2008 à 00:14
14 août 2008 à 00:14
Salut,
- Télécharge HijackThis V 2.02 (HijackThis Installer) :
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe
- Fais un double-clic sur HJTInstall.exe afin de lancer l'installation
- Clique sur Install ensuite sur I Accept
- Clique sur Do a scan system and save log file
- Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
- Télécharge HijackThis V 2.02 (HijackThis Installer) :
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe
- Fais un double-clic sur HJTInstall.exe afin de lancer l'installation
- Clique sur Install ensuite sur I Accept
- Clique sur Do a scan system and save log file
- Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
14 août 2008 à 00:14
14 août 2008 à 00:14
Salut !!
Télécharge hijackthis à cette adresse, tout est expliqué pour bien l installer et pour savoir s'en servir :
https://www.androidworld.fr/
Télécharge hijackthis à cette adresse, tout est expliqué pour bien l installer et pour savoir s'en servir :
https://www.androidworld.fr/
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
14 août 2008 à 00:17
14 août 2008 à 00:17
Salut Destrio !!
je te le laisse si tu veux ;-)
@+
je te le laisse si tu veux ;-)
@+
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:20:58, on 14/08/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\conime.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/french/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [thirdbore] "C:\ProgramData\Spam Error Error.2beq82"
O4 - HKCU\..\Run: [Bags Else Hole Lite] "C:\ProgramData\Send second data.bh6g84"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O13 - Gopher Prefix:
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
Scan saved at 00:20:58, on 14/08/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\conime.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/french/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [thirdbore] "C:\ProgramData\Spam Error Error.2beq82"
O4 - HKCU\..\Run: [Bags Else Hole Lite] "C:\ProgramData\Send second data.bh6g84"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O13 - Gopher Prefix:
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Et aussi, quand je regarde dans le gestionnaire de tache, ya ie qui tourne (et qui me bouffe 100Mo de mémoire) alors qui l'est pas ouvert
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
14 août 2008 à 00:25
14 août 2008 à 00:25
Salut geoffrey5,
Je m'en occupe cher collègue ;)
geff, tu es infecté par Lop/Swizzor. Cette infection provoque des pubs CID.
---> Désactive l'UAC :
https://www.zebulon.fr/astuces/pratique/220-desactiver-l-uac-dans-vista.html
---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
Je m'en occupe cher collègue ;)
geff, tu es infecté par Lop/Swizzor. Cette infection provoque des pubs CID.
---> Désactive l'UAC :
https://www.zebulon.fr/astuces/pratique/220-desactiver-l-uac-dans-vista.html
---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
14 août 2008 à 00:26
14 août 2008 à 00:26
tu devras lui faire passer tollbarSD aussi destrio
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
14 août 2008 à 00:27
14 août 2008 à 00:27
J'ai vu la AskSBar ;)
--------------------\\ Lop S&D 4.2.2-9 XP/Vista
[ Windows VISTA (NT 6.0) Workstation Build 6000 ]
[ USER : Geoffroy ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 14/08/2008 | 0:36:28 ] [ PC : PC-DE-GEOFFROY (Proc:x86)]
[ MAJ : 13-08-2008 | 21:02 ]
[ UAC => 0 ]
--------------------\\ Listing des dossiers dans Local
[13/08/2008|17:09] C:\Users\Geoffroy\AppData\Local\Application Data
[13/08/2008|20:52] C:\Users\Geoffroy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[14/08/2008|00:31] C:\Users\Geoffroy\AppData\Local\GDIPFONTCACHEV1.DAT
[13/08/2008|18:29] C:\Users\Geoffroy\AppData\Local\Google
[13/08/2008|17:09] C:\Users\Geoffroy\AppData\Local\Historique
[14/08/2008|00:29] C:\Users\Geoffroy\AppData\Local\IconCache.db
[14/08/2008|00:18] C:\Users\Geoffroy\AppData\Local\IM
[13/08/2008|20:44] C:\Users\Geoffroy\AppData\Local\Microsoft
[13/08/2008|18:48] C:\Users\Geoffroy\AppData\Local\Mozilla
[14/08/2008|00:36] C:\Users\Geoffroy\AppData\Local\Temp
[13/08/2008|17:09] C:\Users\Geoffroy\AppData\Local\Temporary Internet Files
[13/08/2008|17:15] C:\Users\Geoffroy\AppData\Local\Toshiba
[13/08/2008|18:48] C:\Users\Geoffroy\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[14/08/2008 00:31][--ah-----] C:\Windows\tasks\SA.DAT
[14/08/2008 00:29][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[13/08/2008|20:46] C:\ProgramData\Admin Dart Noun
[18/04/2007|09:04] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[13/08/2008|21:15] C:\ProgramData\Azureus
[13/08/2008|17:08] C:\ProgramData\Bureau
[13/08/2008|20:05] C:\ProgramData\Codemasters
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[13/08/2008|17:08] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[13/08/2008|18:29] C:\ProgramData\Google
[13/08/2008|19:37] C:\ProgramData\Google Updater
[14/08/2008|00:17] C:\ProgramData\IM
[14/08/2008|00:16] C:\ProgramData\IncrediMail
[13/08/2008|20:46] C:\ProgramData\Iso Web Bags Else
[13/08/2008|18:56] C:\ProgramData\IsolatedStorage
[13/08/2008|17:08] C:\ProgramData\Menu D‚marrer
[13/08/2008|21:01] C:\ProgramData\Messenger Plus!
[13/08/2008|18:26] C:\ProgramData\Microsoft
[13/08/2008|17:08] C:\ProgramData\ModŠles
[13/08/2008|18:44] C:\ProgramData\Mozilla
[13/08/2008|20:46] C:\ProgramData\Send second data.bh6g84
[13/08/2008|20:46] C:\ProgramData\Spam Error Error.2beq82
[13/08/2008|20:46] C:\ProgramData\Spam Error Error.l6rxo
[02/11/2006|15:02] C:\ProgramData\Start Menu
[13/08/2008|20:59] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[13/08/2008|17:13] C:\ProgramData\Toshiba
[13/08/2008|17:09] C:\ProgramData\ToshibaEurope
[12/07/2007|11:02] C:\ProgramData\UIB
[11/07/2007|01:30] C:\ProgramData\Ulead Systems
[11/07/2007|01:19] C:\ProgramData\Vista64
[13/08/2008|20:35] C:\ProgramData\WLInstaller
[11/07/2007|01:19] C:\ProgramData\XP
--------------------\\ Listing des dossiers dans C:\Program Files
[13/08/2008|19:37] C:\Program Files\7-Zip
[18/04/2007|09:04] C:\Program Files\Adobe
[13/08/2008|21:01] C:\Program Files\Alwil Software
[13/08/2008|21:15] C:\Program Files\AskSBar
[13/08/2008|16:57] C:\Program Files\Camera Assistant Software for Toshiba
[13/08/2008|20:46] C:\Program Files\Circle Developement
[13/08/2008|20:57] C:\Program Files\Common Files
[13/08/2008|19:32] C:\Program Files\desktop.ini
[13/08/2008|17:08] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[13/08/2008|18:51] C:\Program Files\Google
[18/04/2007|09:08] C:\Program Files\IDM
[14/08/2008|00:16] C:\Program Files\IncrediMail
[13/08/2008|23:48] C:\Program Files\InstallShield Installation Information
[13/08/2008|17:12] C:\Program Files\Intel
[13/08/2008|19:24] C:\Program Files\Internet Explorer
[11/07/2007|01:30] C:\Program Files\InterVideo
[18/04/2007|07:44] C:\Program Files\Java
[18/04/2007|08:05] C:\Program Files\ltmoh
[13/08/2008|20:46] C:\Program Files\Messenger Plus! Live
[13/08/2008|20:50] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[02/11/2006|14:42] C:\Program Files\Movie Maker
[13/08/2008|18:45] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[11/07/2007|00:32] C:\Program Files\MSXML 4.0
[18/04/2007|08:14] C:\Program Files\My Company Name
[18/04/2007|09:08] C:\Program Files\myphotobook
[13/08/2008|20:02] C:\Program Files\OpenAL
[12/07/2007|11:02] C:\Program Files\Protector Suite QL
[11/07/2007|01:02] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[13/08/2008|21:47] C:\Program Files\splus
[13/08/2008|17:02] C:\Program Files\Synaptics
[13/08/2008|17:13] C:\Program Files\TOSHIBA
[13/08/2008|18:56] C:\Program Files\Toshiba TEMPRO
[14/08/2008|00:20] C:\Program Files\Trend Micro
[11/07/2007|01:27] C:\Program Files\Ulead Systems
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[13/08/2008|19:37] C:\Program Files\VideoLAN
[13/08/2008|21:15] C:\Program Files\Vuze
[13/08/2008|19:24] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[11/07/2007|00:42] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[13/08/2008|20:42] C:\Program Files\Windows Live
[13/08/2008|19:24] C:\Program Files\Windows Mail
[18/04/2007|08:46] C:\Program Files\Windows Media Components
[13/08/2008|19:24] C:\Program Files\Windows Media Player
[13/08/2008|17:08] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[13/08/2008|19:24] C:\Program Files\Windows Sidebar
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[18/04/2007|09:04] C:\Program Files\Common Files\Adobe
[18/04/2007|08:47] C:\Program Files\Common Files\InstallShield
[18/04/2007|07:44] C:\Program Files\Common Files\Java
[13/08/2008|20:41] C:\Program Files\Common Files\microsoft shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[13/08/2008|20:59] C:\Program Files\Common Files\Symantec Shared
[13/08/2008|19:24] C:\Program Files\Common Files\System
[13/08/2008|17:13] C:\Program Files\Common Files\Toshiba Shared
[11/07/2007|01:30] C:\Program Files\Common Files\Ulead Systems
[13/08/2008|20:41] C:\Program Files\Common Files\WindowsLiveInstaller
[13/08/2008|18:56] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 81 Processus )
iexplore.exe ~ [PID:2696] ~ [Threads:8]
iexplore.exe ~ [PID:2704] ~ [Threads:7]
--------------------\\ Recherche avec S_Lop
C:\ProgramData\Spam Error Error.l6rxo
C:\ProgramData\Send second data.bh6g84
C:\ProgramData\Spam Error Error.2beq82
C:\Users\Geoffroy\AppData\Local\Temp\bis3FBF.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\ProgramData\Iso Web Bags Else
C:\ProgramData\Iso Web Bags Else\Way Camp.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\Users\Geoffroy\AppData\Roaming\MICROS~1\Windows\Cookies\geoffroy@advertising[1].txt
C:\Users\Geoffroy\AppData\Roaming\MICROS~1\Windows\Cookies\geoffroy@adopt.euroclick[2].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"thirdbore"="\"C:\\ProgramData\\Spam Error Error.2beq82\""
"Bags Else Hole Lite"="\"C:\\ProgramData\\Send second data.bh6g84\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-14 00:36:33
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:359][D:52]-> C:\Users\Geoffroy\AppData\Local\Temp
[F:95][D:1]-> C:\Users\Geoffroy\AppData\Roaming\MICROS~1\Windows\Cookies
[F:323][D:4]-> C:\Users\Geoffroy\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:5378][D:720]-> C:\$Recycle.Bin
--------------------\\ Fin du rapport a 0:37:06,28
[ UAC => 1 ]
[ Windows VISTA (NT 6.0) Workstation Build 6000 ]
[ USER : Geoffroy ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 14/08/2008 | 0:36:28 ] [ PC : PC-DE-GEOFFROY (Proc:x86)]
[ MAJ : 13-08-2008 | 21:02 ]
[ UAC => 0 ]
--------------------\\ Listing des dossiers dans Local
[13/08/2008|17:09] C:\Users\Geoffroy\AppData\Local\Application Data
[13/08/2008|20:52] C:\Users\Geoffroy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[14/08/2008|00:31] C:\Users\Geoffroy\AppData\Local\GDIPFONTCACHEV1.DAT
[13/08/2008|18:29] C:\Users\Geoffroy\AppData\Local\Google
[13/08/2008|17:09] C:\Users\Geoffroy\AppData\Local\Historique
[14/08/2008|00:29] C:\Users\Geoffroy\AppData\Local\IconCache.db
[14/08/2008|00:18] C:\Users\Geoffroy\AppData\Local\IM
[13/08/2008|20:44] C:\Users\Geoffroy\AppData\Local\Microsoft
[13/08/2008|18:48] C:\Users\Geoffroy\AppData\Local\Mozilla
[14/08/2008|00:36] C:\Users\Geoffroy\AppData\Local\Temp
[13/08/2008|17:09] C:\Users\Geoffroy\AppData\Local\Temporary Internet Files
[13/08/2008|17:15] C:\Users\Geoffroy\AppData\Local\Toshiba
[13/08/2008|18:48] C:\Users\Geoffroy\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[14/08/2008 00:31][--ah-----] C:\Windows\tasks\SA.DAT
[14/08/2008 00:29][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[13/08/2008|20:46] C:\ProgramData\Admin Dart Noun
[18/04/2007|09:04] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[13/08/2008|21:15] C:\ProgramData\Azureus
[13/08/2008|17:08] C:\ProgramData\Bureau
[13/08/2008|20:05] C:\ProgramData\Codemasters
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[13/08/2008|17:08] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[13/08/2008|18:29] C:\ProgramData\Google
[13/08/2008|19:37] C:\ProgramData\Google Updater
[14/08/2008|00:17] C:\ProgramData\IM
[14/08/2008|00:16] C:\ProgramData\IncrediMail
[13/08/2008|20:46] C:\ProgramData\Iso Web Bags Else
[13/08/2008|18:56] C:\ProgramData\IsolatedStorage
[13/08/2008|17:08] C:\ProgramData\Menu D‚marrer
[13/08/2008|21:01] C:\ProgramData\Messenger Plus!
[13/08/2008|18:26] C:\ProgramData\Microsoft
[13/08/2008|17:08] C:\ProgramData\ModŠles
[13/08/2008|18:44] C:\ProgramData\Mozilla
[13/08/2008|20:46] C:\ProgramData\Send second data.bh6g84
[13/08/2008|20:46] C:\ProgramData\Spam Error Error.2beq82
[13/08/2008|20:46] C:\ProgramData\Spam Error Error.l6rxo
[02/11/2006|15:02] C:\ProgramData\Start Menu
[13/08/2008|20:59] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[13/08/2008|17:13] C:\ProgramData\Toshiba
[13/08/2008|17:09] C:\ProgramData\ToshibaEurope
[12/07/2007|11:02] C:\ProgramData\UIB
[11/07/2007|01:30] C:\ProgramData\Ulead Systems
[11/07/2007|01:19] C:\ProgramData\Vista64
[13/08/2008|20:35] C:\ProgramData\WLInstaller
[11/07/2007|01:19] C:\ProgramData\XP
--------------------\\ Listing des dossiers dans C:\Program Files
[13/08/2008|19:37] C:\Program Files\7-Zip
[18/04/2007|09:04] C:\Program Files\Adobe
[13/08/2008|21:01] C:\Program Files\Alwil Software
[13/08/2008|21:15] C:\Program Files\AskSBar
[13/08/2008|16:57] C:\Program Files\Camera Assistant Software for Toshiba
[13/08/2008|20:46] C:\Program Files\Circle Developement
[13/08/2008|20:57] C:\Program Files\Common Files
[13/08/2008|19:32] C:\Program Files\desktop.ini
[13/08/2008|17:08] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[13/08/2008|18:51] C:\Program Files\Google
[18/04/2007|09:08] C:\Program Files\IDM
[14/08/2008|00:16] C:\Program Files\IncrediMail
[13/08/2008|23:48] C:\Program Files\InstallShield Installation Information
[13/08/2008|17:12] C:\Program Files\Intel
[13/08/2008|19:24] C:\Program Files\Internet Explorer
[11/07/2007|01:30] C:\Program Files\InterVideo
[18/04/2007|07:44] C:\Program Files\Java
[18/04/2007|08:05] C:\Program Files\ltmoh
[13/08/2008|20:46] C:\Program Files\Messenger Plus! Live
[13/08/2008|20:50] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[02/11/2006|14:42] C:\Program Files\Movie Maker
[13/08/2008|18:45] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[11/07/2007|00:32] C:\Program Files\MSXML 4.0
[18/04/2007|08:14] C:\Program Files\My Company Name
[18/04/2007|09:08] C:\Program Files\myphotobook
[13/08/2008|20:02] C:\Program Files\OpenAL
[12/07/2007|11:02] C:\Program Files\Protector Suite QL
[11/07/2007|01:02] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[13/08/2008|21:47] C:\Program Files\splus
[13/08/2008|17:02] C:\Program Files\Synaptics
[13/08/2008|17:13] C:\Program Files\TOSHIBA
[13/08/2008|18:56] C:\Program Files\Toshiba TEMPRO
[14/08/2008|00:20] C:\Program Files\Trend Micro
[11/07/2007|01:27] C:\Program Files\Ulead Systems
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[13/08/2008|19:37] C:\Program Files\VideoLAN
[13/08/2008|21:15] C:\Program Files\Vuze
[13/08/2008|19:24] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[11/07/2007|00:42] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[13/08/2008|20:42] C:\Program Files\Windows Live
[13/08/2008|19:24] C:\Program Files\Windows Mail
[18/04/2007|08:46] C:\Program Files\Windows Media Components
[13/08/2008|19:24] C:\Program Files\Windows Media Player
[13/08/2008|17:08] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[13/08/2008|19:24] C:\Program Files\Windows Sidebar
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[18/04/2007|09:04] C:\Program Files\Common Files\Adobe
[18/04/2007|08:47] C:\Program Files\Common Files\InstallShield
[18/04/2007|07:44] C:\Program Files\Common Files\Java
[13/08/2008|20:41] C:\Program Files\Common Files\microsoft shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[13/08/2008|20:59] C:\Program Files\Common Files\Symantec Shared
[13/08/2008|19:24] C:\Program Files\Common Files\System
[13/08/2008|17:13] C:\Program Files\Common Files\Toshiba Shared
[11/07/2007|01:30] C:\Program Files\Common Files\Ulead Systems
[13/08/2008|20:41] C:\Program Files\Common Files\WindowsLiveInstaller
[13/08/2008|18:56] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 81 Processus )
iexplore.exe ~ [PID:2696] ~ [Threads:8]
iexplore.exe ~ [PID:2704] ~ [Threads:7]
--------------------\\ Recherche avec S_Lop
C:\ProgramData\Spam Error Error.l6rxo
C:\ProgramData\Send second data.bh6g84
C:\ProgramData\Spam Error Error.2beq82
C:\Users\Geoffroy\AppData\Local\Temp\bis3FBF.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\ProgramData\Iso Web Bags Else
C:\ProgramData\Iso Web Bags Else\Way Camp.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\Users\Geoffroy\AppData\Roaming\MICROS~1\Windows\Cookies\geoffroy@advertising[1].txt
C:\Users\Geoffroy\AppData\Roaming\MICROS~1\Windows\Cookies\geoffroy@adopt.euroclick[2].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"thirdbore"="\"C:\\ProgramData\\Spam Error Error.2beq82\""
"Bags Else Hole Lite"="\"C:\\ProgramData\\Send second data.bh6g84\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-14 00:36:33
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:359][D:52]-> C:\Users\Geoffroy\AppData\Local\Temp
[F:95][D:1]-> C:\Users\Geoffroy\AppData\Roaming\MICROS~1\Windows\Cookies
[F:323][D:4]-> C:\Users\Geoffroy\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:5378][D:720]-> C:\$Recycle.Bin
--------------------\\ Fin du rapport a 0:37:06,28
[ UAC => 1 ]
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
14 août 2008 à 00:40
14 août 2008 à 00:40
---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
--------------------\\ Lop S&D 4.2.2-9 XP/Vista
[ Windows VISTA (NT 6.0) Workstation Build 6000 ]
[ USER : Geoffroy ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 14/08/2008 | 0:43:11 ] [ PC : PC-DE-GEOFFROY (Proc:x86)]
[ MAJ : 13-08-2008 | 21:02 ]
[ UAC => 0 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\ProgramData\Iso Web Bags Else\Way Camp.exe
Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\Users\Geoffroy\AppData\Roaming\MICROS~1\Windows\Cookies\geoffroy@advertising[1].txt
Supprime! - C:\ProgramData\Spam Error Error.l6rxo
Supprime! - C:\ProgramData\Send second data.bh6g84
Supprime! - C:\ProgramData\Spam Error Error.2beq82
Supprime! - C:\Users\Geoffroy\AppData\Local\Temp\bis3FBF.exe
Supprime! - C:\ProgramData\Iso Web Bags Else
Supprime! - C:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans Local
[13/08/2008|17:09] C:\Users\Geoffroy\AppData\Local\Application Data
[13/08/2008|20:52] C:\Users\Geoffroy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[14/08/2008|00:31] C:\Users\Geoffroy\AppData\Local\GDIPFONTCACHEV1.DAT
[13/08/2008|18:29] C:\Users\Geoffroy\AppData\Local\Google
[13/08/2008|17:09] C:\Users\Geoffroy\AppData\Local\Historique
[14/08/2008|00:29] C:\Users\Geoffroy\AppData\Local\IconCache.db
[14/08/2008|00:18] C:\Users\Geoffroy\AppData\Local\IM
[13/08/2008|20:44] C:\Users\Geoffroy\AppData\Local\Microsoft
[13/08/2008|18:48] C:\Users\Geoffroy\AppData\Local\Mozilla
[14/08/2008|00:43] C:\Users\Geoffroy\AppData\Local\Temp
[13/08/2008|17:09] C:\Users\Geoffroy\AppData\Local\Temporary Internet Files
[13/08/2008|17:15] C:\Users\Geoffroy\AppData\Local\Toshiba
[13/08/2008|18:48] C:\Users\Geoffroy\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[14/08/2008 00:42][--ah-----] C:\Windows\tasks\SA.DAT
[14/08/2008 00:41][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[13/08/2008|20:46] C:\ProgramData\Admin Dart Noun
[18/04/2007|09:04] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[13/08/2008|21:15] C:\ProgramData\Azureus
[13/08/2008|17:08] C:\ProgramData\Bureau
[13/08/2008|20:05] C:\ProgramData\Codemasters
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[13/08/2008|17:08] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[13/08/2008|18:29] C:\ProgramData\Google
[13/08/2008|19:37] C:\ProgramData\Google Updater
[14/08/2008|00:17] C:\ProgramData\IM
[14/08/2008|00:16] C:\ProgramData\IncrediMail
[13/08/2008|18:56] C:\ProgramData\IsolatedStorage
[13/08/2008|17:08] C:\ProgramData\Menu D‚marrer
[13/08/2008|21:01] C:\ProgramData\Messenger Plus!
[13/08/2008|18:26] C:\ProgramData\Microsoft
[13/08/2008|17:08] C:\ProgramData\ModŠles
[13/08/2008|18:44] C:\ProgramData\Mozilla
[02/11/2006|15:02] C:\ProgramData\Start Menu
[13/08/2008|20:59] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[13/08/2008|17:13] C:\ProgramData\Toshiba
[13/08/2008|17:09] C:\ProgramData\ToshibaEurope
[12/07/2007|11:02] C:\ProgramData\UIB
[11/07/2007|01:30] C:\ProgramData\Ulead Systems
[11/07/2007|01:19] C:\ProgramData\Vista64
[13/08/2008|20:35] C:\ProgramData\WLInstaller
[11/07/2007|01:19] C:\ProgramData\XP
--------------------\\ Listing des dossiers dans C:\Program Files
[13/08/2008|19:37] C:\Program Files\7-Zip
[18/04/2007|09:04] C:\Program Files\Adobe
[13/08/2008|21:01] C:\Program Files\Alwil Software
[13/08/2008|21:15] C:\Program Files\AskSBar
[13/08/2008|16:57] C:\Program Files\Camera Assistant Software for Toshiba
[13/08/2008|20:57] C:\Program Files\Common Files
[13/08/2008|19:32] C:\Program Files\desktop.ini
[13/08/2008|17:08] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[13/08/2008|18:51] C:\Program Files\Google
[18/04/2007|09:08] C:\Program Files\IDM
[14/08/2008|00:16] C:\Program Files\IncrediMail
[13/08/2008|23:48] C:\Program Files\InstallShield Installation Information
[13/08/2008|17:12] C:\Program Files\Intel
[13/08/2008|19:24] C:\Program Files\Internet Explorer
[11/07/2007|01:30] C:\Program Files\InterVideo
[18/04/2007|07:44] C:\Program Files\Java
[18/04/2007|08:05] C:\Program Files\ltmoh
[13/08/2008|20:46] C:\Program Files\Messenger Plus! Live
[13/08/2008|20:50] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[02/11/2006|14:42] C:\Program Files\Movie Maker
[13/08/2008|18:45] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[11/07/2007|00:32] C:\Program Files\MSXML 4.0
[18/04/2007|08:14] C:\Program Files\My Company Name
[18/04/2007|09:08] C:\Program Files\myphotobook
[13/08/2008|20:02] C:\Program Files\OpenAL
[12/07/2007|11:02] C:\Program Files\Protector Suite QL
[11/07/2007|01:02] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[13/08/2008|21:47] C:\Program Files\splus
[13/08/2008|17:02] C:\Program Files\Synaptics
[13/08/2008|17:13] C:\Program Files\TOSHIBA
[13/08/2008|18:56] C:\Program Files\Toshiba TEMPRO
[14/08/2008|00:20] C:\Program Files\Trend Micro
[11/07/2007|01:27] C:\Program Files\Ulead Systems
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[13/08/2008|19:37] C:\Program Files\VideoLAN
[13/08/2008|21:15] C:\Program Files\Vuze
[13/08/2008|19:24] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[11/07/2007|00:42] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[13/08/2008|20:42] C:\Program Files\Windows Live
[13/08/2008|19:24] C:\Program Files\Windows Mail
[18/04/2007|08:46] C:\Program Files\Windows Media Components
[13/08/2008|19:24] C:\Program Files\Windows Media Player
[13/08/2008|17:08] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[13/08/2008|19:24] C:\Program Files\Windows Sidebar
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[18/04/2007|09:04] C:\Program Files\Common Files\Adobe
[18/04/2007|08:47] C:\Program Files\Common Files\InstallShield
[18/04/2007|07:44] C:\Program Files\Common Files\Java
[13/08/2008|20:41] C:\Program Files\Common Files\microsoft shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[13/08/2008|20:59] C:\Program Files\Common Files\Symantec Shared
[13/08/2008|19:24] C:\Program Files\Common Files\System
[13/08/2008|17:13] C:\Program Files\Common Files\Toshiba Shared
[11/07/2007|01:30] C:\Program Files\Common Files\Ulead Systems
[13/08/2008|20:41] C:\Program Files\Common Files\WindowsLiveInstaller
[13/08/2008|18:56] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 71 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\Users\Geoffroy\AppData\Roaming\MICROS~1\Windows\Cookies\geoffroy@adopt.euroclick[1].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-14 00:43:52
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:386][D:53]-> C:\Users\Geoffroy\AppData\Local\Temp
[F:95][D:1]-> C:\Users\Geoffroy\AppData\Roaming\MICROS~1\Windows\Cookies
[F:350][D:4]-> C:\Users\Geoffroy\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:5378][D:720]-> C:\$Recycle.Bin
--------------------\\ Fin du rapport a 0:44:31,53
[ UAC => 1 ]
[ Windows VISTA (NT 6.0) Workstation Build 6000 ]
[ USER : Geoffroy ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 14/08/2008 | 0:43:11 ] [ PC : PC-DE-GEOFFROY (Proc:x86)]
[ MAJ : 13-08-2008 | 21:02 ]
[ UAC => 0 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\ProgramData\Iso Web Bags Else\Way Camp.exe
Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\Users\Geoffroy\AppData\Roaming\MICROS~1\Windows\Cookies\geoffroy@advertising[1].txt
Supprime! - C:\ProgramData\Spam Error Error.l6rxo
Supprime! - C:\ProgramData\Send second data.bh6g84
Supprime! - C:\ProgramData\Spam Error Error.2beq82
Supprime! - C:\Users\Geoffroy\AppData\Local\Temp\bis3FBF.exe
Supprime! - C:\ProgramData\Iso Web Bags Else
Supprime! - C:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans Local
[13/08/2008|17:09] C:\Users\Geoffroy\AppData\Local\Application Data
[13/08/2008|20:52] C:\Users\Geoffroy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[14/08/2008|00:31] C:\Users\Geoffroy\AppData\Local\GDIPFONTCACHEV1.DAT
[13/08/2008|18:29] C:\Users\Geoffroy\AppData\Local\Google
[13/08/2008|17:09] C:\Users\Geoffroy\AppData\Local\Historique
[14/08/2008|00:29] C:\Users\Geoffroy\AppData\Local\IconCache.db
[14/08/2008|00:18] C:\Users\Geoffroy\AppData\Local\IM
[13/08/2008|20:44] C:\Users\Geoffroy\AppData\Local\Microsoft
[13/08/2008|18:48] C:\Users\Geoffroy\AppData\Local\Mozilla
[14/08/2008|00:43] C:\Users\Geoffroy\AppData\Local\Temp
[13/08/2008|17:09] C:\Users\Geoffroy\AppData\Local\Temporary Internet Files
[13/08/2008|17:15] C:\Users\Geoffroy\AppData\Local\Toshiba
[13/08/2008|18:48] C:\Users\Geoffroy\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[14/08/2008 00:42][--ah-----] C:\Windows\tasks\SA.DAT
[14/08/2008 00:41][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[13/08/2008|20:46] C:\ProgramData\Admin Dart Noun
[18/04/2007|09:04] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[13/08/2008|21:15] C:\ProgramData\Azureus
[13/08/2008|17:08] C:\ProgramData\Bureau
[13/08/2008|20:05] C:\ProgramData\Codemasters
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[13/08/2008|17:08] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[13/08/2008|18:29] C:\ProgramData\Google
[13/08/2008|19:37] C:\ProgramData\Google Updater
[14/08/2008|00:17] C:\ProgramData\IM
[14/08/2008|00:16] C:\ProgramData\IncrediMail
[13/08/2008|18:56] C:\ProgramData\IsolatedStorage
[13/08/2008|17:08] C:\ProgramData\Menu D‚marrer
[13/08/2008|21:01] C:\ProgramData\Messenger Plus!
[13/08/2008|18:26] C:\ProgramData\Microsoft
[13/08/2008|17:08] C:\ProgramData\ModŠles
[13/08/2008|18:44] C:\ProgramData\Mozilla
[02/11/2006|15:02] C:\ProgramData\Start Menu
[13/08/2008|20:59] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[13/08/2008|17:13] C:\ProgramData\Toshiba
[13/08/2008|17:09] C:\ProgramData\ToshibaEurope
[12/07/2007|11:02] C:\ProgramData\UIB
[11/07/2007|01:30] C:\ProgramData\Ulead Systems
[11/07/2007|01:19] C:\ProgramData\Vista64
[13/08/2008|20:35] C:\ProgramData\WLInstaller
[11/07/2007|01:19] C:\ProgramData\XP
--------------------\\ Listing des dossiers dans C:\Program Files
[13/08/2008|19:37] C:\Program Files\7-Zip
[18/04/2007|09:04] C:\Program Files\Adobe
[13/08/2008|21:01] C:\Program Files\Alwil Software
[13/08/2008|21:15] C:\Program Files\AskSBar
[13/08/2008|16:57] C:\Program Files\Camera Assistant Software for Toshiba
[13/08/2008|20:57] C:\Program Files\Common Files
[13/08/2008|19:32] C:\Program Files\desktop.ini
[13/08/2008|17:08] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[13/08/2008|18:51] C:\Program Files\Google
[18/04/2007|09:08] C:\Program Files\IDM
[14/08/2008|00:16] C:\Program Files\IncrediMail
[13/08/2008|23:48] C:\Program Files\InstallShield Installation Information
[13/08/2008|17:12] C:\Program Files\Intel
[13/08/2008|19:24] C:\Program Files\Internet Explorer
[11/07/2007|01:30] C:\Program Files\InterVideo
[18/04/2007|07:44] C:\Program Files\Java
[18/04/2007|08:05] C:\Program Files\ltmoh
[13/08/2008|20:46] C:\Program Files\Messenger Plus! Live
[13/08/2008|20:50] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[02/11/2006|14:42] C:\Program Files\Movie Maker
[13/08/2008|18:45] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[11/07/2007|00:32] C:\Program Files\MSXML 4.0
[18/04/2007|08:14] C:\Program Files\My Company Name
[18/04/2007|09:08] C:\Program Files\myphotobook
[13/08/2008|20:02] C:\Program Files\OpenAL
[12/07/2007|11:02] C:\Program Files\Protector Suite QL
[11/07/2007|01:02] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[13/08/2008|21:47] C:\Program Files\splus
[13/08/2008|17:02] C:\Program Files\Synaptics
[13/08/2008|17:13] C:\Program Files\TOSHIBA
[13/08/2008|18:56] C:\Program Files\Toshiba TEMPRO
[14/08/2008|00:20] C:\Program Files\Trend Micro
[11/07/2007|01:27] C:\Program Files\Ulead Systems
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[13/08/2008|19:37] C:\Program Files\VideoLAN
[13/08/2008|21:15] C:\Program Files\Vuze
[13/08/2008|19:24] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[11/07/2007|00:42] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[13/08/2008|20:42] C:\Program Files\Windows Live
[13/08/2008|19:24] C:\Program Files\Windows Mail
[18/04/2007|08:46] C:\Program Files\Windows Media Components
[13/08/2008|19:24] C:\Program Files\Windows Media Player
[13/08/2008|17:08] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[13/08/2008|19:24] C:\Program Files\Windows Sidebar
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[18/04/2007|09:04] C:\Program Files\Common Files\Adobe
[18/04/2007|08:47] C:\Program Files\Common Files\InstallShield
[18/04/2007|07:44] C:\Program Files\Common Files\Java
[13/08/2008|20:41] C:\Program Files\Common Files\microsoft shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[13/08/2008|20:59] C:\Program Files\Common Files\Symantec Shared
[13/08/2008|19:24] C:\Program Files\Common Files\System
[13/08/2008|17:13] C:\Program Files\Common Files\Toshiba Shared
[11/07/2007|01:30] C:\Program Files\Common Files\Ulead Systems
[13/08/2008|20:41] C:\Program Files\Common Files\WindowsLiveInstaller
[13/08/2008|18:56] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 71 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\Users\Geoffroy\AppData\Roaming\MICROS~1\Windows\Cookies\geoffroy@adopt.euroclick[1].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-14 00:43:52
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:386][D:53]-> C:\Users\Geoffroy\AppData\Local\Temp
[F:95][D:1]-> C:\Users\Geoffroy\AppData\Roaming\MICROS~1\Windows\Cookies
[F:350][D:4]-> C:\Users\Geoffroy\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:5378][D:720]-> C:\$Recycle.Bin
--------------------\\ Fin du rapport a 0:44:31,53
[ UAC => 1 ]
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
14 août 2008 à 00:48
14 août 2008 à 00:48
Ok, désinstalle Lop S&D.
---> Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
---> Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
-----------\\ ToolBar S&D 1.0.9 XP/Vista
[ Windows VISTA (NT 6.0) Workstation Build 6000 ]
[ USER : Geoffroy ] [ "C:\Toolbar SD" ] [ Selection : 1 ]
[ 14/08/2008 | 0:54:41,44 ] [ PC : PC-DE-GEOFFROY ]
[ MAJ : 13-08-2008 | 14:08 ]
[ UAC => 0 ]
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\AskSBar
C:\Program Files\AskSBar\bar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="http://mystart.incredimail.com/french/"
"Url"="https://www.msn.com/fr-fr/actualite/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[ UAC => 1 ]
-----------\\ Fin du rapport a 0:55:03,72
[ Windows VISTA (NT 6.0) Workstation Build 6000 ]
[ USER : Geoffroy ] [ "C:\Toolbar SD" ] [ Selection : 1 ]
[ 14/08/2008 | 0:54:41,44 ] [ PC : PC-DE-GEOFFROY ]
[ MAJ : 13-08-2008 | 14:08 ]
[ UAC => 0 ]
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\AskSBar
C:\Program Files\AskSBar\bar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="http://mystart.incredimail.com/french/"
"Url"="https://www.msn.com/fr-fr/actualite/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[ UAC => 1 ]
-----------\\ Fin du rapport a 0:55:03,72
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
14 août 2008 à 00:57
14 août 2008 à 00:57
Tu peux faire l'option 2 et poster le rapport.
-----------\\ ToolBar S&D 1.0.9 XP/Vista
[ Windows VISTA (NT 6.0) Workstation Build 6000 ]
[ USER : Geoffroy ] [ "C:\Toolbar SD" ] [ Selection : 2 ]
[ 14/08/2008 | 0:59:37,68 ] [ PC : PC-DE-GEOFFROY ]
[ MAJ : 13-08-2008 | 14:08 ]
[ UAC => 0 ]
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\AskSBar\bar
Supprime! - C:\Program Files\AskSBar
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="http://mystart.incredimail.com/french/"
"Url"="https://www.msn.com/fr-fr/actualite/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[ UAC => 1 ]
-----------\\ Fin du rapport a 1:00:33,69
[ Windows VISTA (NT 6.0) Workstation Build 6000 ]
[ USER : Geoffroy ] [ "C:\Toolbar SD" ] [ Selection : 2 ]
[ 14/08/2008 | 0:59:37,68 ] [ PC : PC-DE-GEOFFROY ]
[ MAJ : 13-08-2008 | 14:08 ]
[ UAC => 0 ]
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\AskSBar\bar
Supprime! - C:\Program Files\AskSBar
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="http://mystart.incredimail.com/french/"
"Url"="https://www.msn.com/fr-fr/actualite/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[ UAC => 1 ]
-----------\\ Fin du rapport a 1:00:33,69
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
14 août 2008 à 01:05
14 août 2008 à 01:05
---> Désinstalle ToolBar S&D
---> Mets à jour Java :
https://www.java.com/fr/download/manual.jsp
---> Réactive l'UAC
---> Poste un nouveau rapport HijackThis
---> Mets à jour Java :
https://www.java.com/fr/download/manual.jsp
---> Réactive l'UAC
---> Poste un nouveau rapport HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:11:52, on 14/08/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\explorer.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/french/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
Scan saved at 01:11:52, on 14/08/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\explorer.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/french/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
14 août 2008 à 01:17
14 août 2008 à 01:17
Plus de trace d'infection.
ben non, j'ai plus de pubs depuis tout a l'heure.
Ben merci beaucoup à vous deux, vous avez été super rapide.
PS: c'est fou comment on peut être contaminé en 30 sec (j'ai eu a peine le temps de telecharger avast)
Merci !!!!!
Ben merci beaucoup à vous deux, vous avez été super rapide.
PS: c'est fou comment on peut être contaminé en 30 sec (j'ai eu a peine le temps de telecharger avast)
Merci !!!!!
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
14 août 2008 à 01:20
14 août 2008 à 01:20
Bonne soirée ;)
