bonsoir,
-----------\\ ToolBar S&D 1.2.2 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Turion(tm) 64 Mobile Technology MT-32 )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : HP_Propriétaire ( Not Administrator ! )
BOOT : Normal boot
Antivirus : avast! antivirus 4.7.1098 [VPS 080801-0] 4.7.1098 (Activated)
C:\ (Local Disk) - NTFS - Total : 180 Go Free : 118 Go
D:\ (Local Disk) - FAT32 - Total : 5 Go Free : 0 Go
E:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\ToolBar SD" ( MAJ : 04-10-2008|21:00 )
Option : [2] ( 10/10/2008|21:29 )
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@h.starware[1].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@starware[1].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@try.starware[1].txt
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware370\buttons
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware370\contexts
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware370\SimpleUpdate
Supprime! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\Starware370\BrowserSearch
Supprime! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\Starware370\Button_6
Supprime! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\Starware370\Button_7
Supprime! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\Starware370\Button_8
Supprime! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\Starware370\Configurator
Supprime! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\Starware370\ErrorSearch
Supprime! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\Starware370\Layouts
Supprime! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\Starware370\Manager
Supprime! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\Starware370\Paroles
Supprime! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\Starware370\Radio_FR
Supprime! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\Starware370\Recherche_de_musique
Supprime! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\Starware370\RelatedSearch
Supprime! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\Starware370\Telechargement
Supprime! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\Starware370\Toolbar
Supprime! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\Starware370\ToolbarLogo
Supprime! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\Starware370\ToolbarSearch
Supprime! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\Starware370\TravelSearch
Supprime! - C:\DOCUME~1\Laurent\APPLIC~1\Starware370\BrowserSearch
Supprime! - C:\DOCUME~1\Laurent\APPLIC~1\Starware370\Button_6
Supprime! - C:\DOCUME~1\Laurent\APPLIC~1\Starware370\Button_7
Supprime! - C:\DOCUME~1\Laurent\APPLIC~1\Starware370\Button_8
Supprime! - C:\DOCUME~1\Laurent\APPLIC~1\Starware370\Configurator
Supprime! - C:\DOCUME~1\Laurent\APPLIC~1\Starware370\ErrorSearch
Supprime! - C:\DOCUME~1\Laurent\APPLIC~1\Starware370\Layouts
Supprime! - C:\DOCUME~1\Laurent\APPLIC~1\Starware370\Manager
Supprime! - C:\DOCUME~1\Laurent\APPLIC~1\Starware370\Paroles
Supprime! - C:\DOCUME~1\Laurent\APPLIC~1\Starware370\Radio_FR
Supprime! - C:\DOCUME~1\Laurent\APPLIC~1\Starware370\Recherche_de_musique
Supprime! - C:\DOCUME~1\Laurent\APPLIC~1\Starware370\RelatedSearch
Supprime! - C:\DOCUME~1\Laurent\APPLIC~1\Starware370\Telechargement
Supprime! - C:\DOCUME~1\Laurent\APPLIC~1\Starware370\Toolbar
Supprime! - C:\DOCUME~1\Laurent\APPLIC~1\Starware370\ToolbarLogo
Supprime! - C:\DOCUME~1\Laurent\APPLIC~1\Starware370\ToolbarSearch
Supprime! - C:\DOCUME~1\Laurent\APPLIC~1\Starware370\TravelSearch
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware370
Supprime! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\Starware370
Supprime! - C:\DOCUME~1\Laurent\APPLIC~1\Starware370
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://mystart.incredimail.com/french/"
"Search Page"="
https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC"
"Search Bar"="
https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC"
"SearchMigratedDefaultURL"="
https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="
https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="
https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cdtdodjhzt"="c:\\windows\\system32\\cdtdodjhzt.exe cdtdodjhzt"
[b]==> EGDACCESS <==/b
--------------------\\ Suspect ..
C:\WINDOWS\album14.zip
C:\WINDOWS\album20.zip
C:\WINDOWS\album29.zip
C:\WINDOWS\photo_album16.zip
C:\WINDOWS\photo_album22.zip
C:\WINDOWS\photo_album25.zip
C:\WINDOWS\photo_album34.zip
C:\WINDOWS\photo_album46.zip
C:\WINDOWS\photo_album49.zip
C:\WINDOWS\photo_album55.zip
C:\WINDOWS\photo_album85.zip
C:\WINDOWS\image032.zip
C:\WINDOWS\image068.zip
C:\WINDOWS\image074.zip
C:\WINDOWS\image080.zip
C:\WINDOWS\image092.zip
C:\WINDOWS\image095.zip
C:\WINDOWS\images3.zip
C:\WINDOWS\images60.zip
C:\WINDOWS\images81.zip
C:\WINDOWS\images93.zip
C:\WINDOWS\photo0.zip
C:\WINDOWS\photo3.zip
C:\WINDOWS\photo48.zip
C:\WINDOWS\photo75.zip
C:\WINDOWS\photo78.zip
C:\WINDOWS\photo81.zip
C:\WINDOWS\photo84.zip
C:\WINDOWS\photo87.zip
C:\WINDOWS\photo96.zip
C:\WINDOWS\photos2007_22.zip
C:\WINDOWS\photos2007_37.zip
C:\WINDOWS\photos2007_4.zip
C:\WINDOWS\photos2007_49.zip
C:\WINDOWS\photos2007_52.zip
C:\WINDOWS\photos2007_55.zip
C:\WINDOWS\photos2007_79.zip
C:\WINDOWS\photo_album16.zip
C:\WINDOWS\photo_album22.zip
C:\WINDOWS\photo_album25.zip
C:\WINDOWS\photo_album34.zip
C:\WINDOWS\photo_album46.zip
C:\WINDOWS\photo_album49.zip
C:\WINDOWS\photo_album55.zip
C:\WINDOWS\photo_album85.zip
1 - "C:\ToolBar SD\TB_1.txt" - 10/10/2008|21:22 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 10/10/2008|21:31 - Option : [2]
-----------\\ Fin du rapport a 21:31:16,09
