Rapport hijacktis (merci pour votre aide)
Résolu/Fermé
grochoco
Messages postés
209
Date d'inscription
vendredi 18 mai 2007
Statut
Membre
Dernière intervention
18 janvier 2010
-
21 nov. 2008 à 15:22
grochoco Messages postés 209 Date d'inscription vendredi 18 mai 2007 Statut Membre Dernière intervention 18 janvier 2010 - 22 nov. 2008 à 15:19
grochoco Messages postés 209 Date d'inscription vendredi 18 mai 2007 Statut Membre Dernière intervention 18 janvier 2010 - 22 nov. 2008 à 15:19
A voir également:
- Rapport hijacktis (merci pour votre aide)
- Plan rapport de stage - Guide
- On vous a donné accès à un fichier rapport. il est partagé avec plusieurs personnes sur cet espace pix cloud. répondez aux questions - Forum Cloud
- Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport existant ✓ - Forum Excel
- Problém affichage du tableau croisé dynamique - Forum Excel
- Rapport erreur windows - Guide
10 réponses
Utilisateur anonyme
21 nov. 2008 à 15:24
21 nov. 2008 à 15:24
Salut,
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
grochoco
Messages postés
209
Date d'inscription
vendredi 18 mai 2007
Statut
Membre
Dernière intervention
18 janvier 2010
50
21 nov. 2008 à 15:31
21 nov. 2008 à 15:31
voici le rapport,
-----------\\ ToolBar S&D 1.2.5 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.93GHz )
BIOS : Award Medallion BIOS v6.00PG
USER : julie ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081120-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:29 Go (Free:19 Go)
D:\ (Local Disk) - NTFS - Total:148 Go (Free:98 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
Option : [1] ( 21/11/2008|15:28 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\AskBarDis
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\unins000.exe
C:\Program Files\AskBarDis\bar\bin
C:\Program Files\AskBarDis\bar\Cache
C:\Program Files\AskBarDis\bar\History
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\bin\askBar.dll
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
C:\Program Files\AskBarDis\bar\bin\psvince.dll
C:\Program Files\AskBarDis\bar\Cache\039F11D5
C:\Program Files\AskBarDis\bar\Cache\039F159E
C:\Program Files\AskBarDis\bar\Cache\039F16F6.bin
C:\Program Files\AskBarDis\bar\Cache\039F18CA.bin
C:\Program Files\AskBarDis\bar\Cache\039F1A8F.bin
C:\Program Files\AskBarDis\bar\Cache\039F1C45.bin
C:\Program Files\AskBarDis\bar\Cache\039F1D8D.bin
C:\Program Files\AskBarDis\bar\Cache\files.ini
C:\Program Files\AskBarDis\bar\History\search
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
C:\Program Files\Crawler
C:\Program Files\Crawler\Download
C:\Program Files\Crawler\Toolbar
C:\Program Files\Crawler\Toolbar\adrkeys.dat
C:\Program Files\Crawler\Toolbar\Cache
C:\Program Files\Crawler\Toolbar\COMMON_FF.dat
C:\Program Files\Crawler\Toolbar\confirm.dat
C:\Program Files\Crawler\Toolbar\ctbcomm.dll
C:\Program Files\Crawler\Toolbar\ctbr.dll
C:\Program Files\Crawler\Toolbar\CTConf.dat
C:\Program Files\Crawler\Toolbar\CTipsDef.dll
C:\Program Files\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Crawler\Toolbar\CUpdate.exe
C:\Program Files\Crawler\Toolbar\firefox
C:\Program Files\Crawler\Toolbar\Languages
C:\Program Files\Crawler\Toolbar\lookfor.dat
C:\Program Files\Crawler\Toolbar\majorse.dat
C:\Program Files\Crawler\Toolbar\rootmenu.dat
C:\Program Files\Crawler\Toolbar\services.dat
C:\Program Files\Crawler\Toolbar\STWSGLanguageAct
C:\Program Files\Crawler\Toolbar\stwsg_ff.dat
C:\Program Files\Crawler\Toolbar\svc_set.dat
C:\Program Files\Crawler\Toolbar\TBR5LanguageAct
C:\Program Files\Crawler\Toolbar\TempDir
C:\Program Files\Crawler\Toolbar\update
C:\Program Files\Crawler\Toolbar\WebSecurityGuard.dll
C:\Program Files\Crawler\Toolbar\WSGData
C:\Program Files\Crawler\Toolbar\Cache\COMMON
C:\Program Files\Crawler\Toolbar\Cache\STERM
C:\Program Files\Crawler\Toolbar\Cache\STWSG
C:\Program Files\Crawler\Toolbar\Cache\COMMON\CLEANUP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\CLEANUP_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\DIRLIST_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\DIRLIST_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\ECARDS_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\ECARDS_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\EMAIL_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\GAMES_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\GAMES_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\SHOP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\SKINS_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\SPELL_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\TRAVEL_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\WAYBACK_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\WP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\YP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STERM\STERM_BMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STERM\STERM_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STERM\STERM_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\WSGBUTTON_BMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\WSGBUTTON_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\WSGBUTTON_MENU.dat
C:\Program Files\Crawler\Toolbar\firefox\chrome
C:\Program Files\Crawler\Toolbar\firefox\chrome.manifest
C:\Program Files\Crawler\Toolbar\firefox\components
C:\Program Files\Crawler\Toolbar\firefox\install.ini
C:\Program Files\Crawler\Toolbar\firefox\install.rdf
C:\Program Files\Crawler\Toolbar\firefox\chrome\crawlertbr.jar
C:\Program Files\Crawler\Toolbar\firefox\components\xshared.dll
C:\Program Files\Crawler\Toolbar\firefox\components\xshared.xpt
C:\Program Files\Crawler\Toolbar\firefox\components\xsupport.dll
C:\Program Files\Crawler\Toolbar\firefox\components\xsupport.xpt
C:\Program Files\Crawler\Toolbar\firefox\components\xwsg.dll
C:\Program Files\Crawler\Toolbar\firefox\components\xwsg.xpt
C:\Program Files\Crawler\Toolbar\Languages\STWSG_CS.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_DE.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_EN.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_ES.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_IT.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_PT-BR.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_PT.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_CS.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_DE.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_EN.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_ES.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_IT.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_PT-BR.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_PT.cab
C:\Program Files\Crawler\Toolbar\STWSGLanguageAct\info.ini
C:\Program Files\Crawler\Toolbar\STWSGLanguageAct\language.ini
C:\Program Files\Crawler\Toolbar\TBR5LanguageAct\info.ini
C:\Program Files\Crawler\Toolbar\TBR5LanguageAct\language.ini
C:\Program Files\Crawler\Toolbar\update\domains.cab
C:\Program Files\Crawler\Toolbar\WSGData\domains
C:\Program Files\Crawler\Toolbar\WSGData\userData_S-1-5-21-3897272470-3592861273-1499900771-1006.dat
C:\Program Files\Crawler\Toolbar\WSGData\wfilter.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_000.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_000_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_001.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_001_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_002.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_002_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_003.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_003_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_004.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_004_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_005.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_005_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_006.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_006_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_007.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_007_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_008.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_008_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_009.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_009_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_010.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_010_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_011.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_011_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_012.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_012_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_013.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_013_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_014.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_014_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_015.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_015_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_016.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_016_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_017.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_017_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_018.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_018_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_019.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_019_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_020.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_020_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_021.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_021_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_022.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_022_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_023.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_023_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_024.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_024_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_025.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_025_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_026.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_026_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_027.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_027_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_028.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_028_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_029.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_029_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\index.dat
D:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Crawler Toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://actus.sfr.fr"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
--------------------\\ Recherche d'autres infections
--------------------\\ ROGUES ..
D:\DOCUME~1\GUERVI~1.TON\APPLIC~1\Starware370
1 - "C:\ToolBar SD\TB_1.txt" - 21/11/2008|15:29 - Option : [1]
-----------\\ Fin du rapport a 15:29:34,75
-----------\\ ToolBar S&D 1.2.5 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.93GHz )
BIOS : Award Medallion BIOS v6.00PG
USER : julie ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081120-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:29 Go (Free:19 Go)
D:\ (Local Disk) - NTFS - Total:148 Go (Free:98 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
Option : [1] ( 21/11/2008|15:28 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\AskBarDis
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\unins000.exe
C:\Program Files\AskBarDis\bar\bin
C:\Program Files\AskBarDis\bar\Cache
C:\Program Files\AskBarDis\bar\History
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\bin\askBar.dll
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
C:\Program Files\AskBarDis\bar\bin\psvince.dll
C:\Program Files\AskBarDis\bar\Cache\039F11D5
C:\Program Files\AskBarDis\bar\Cache\039F159E
C:\Program Files\AskBarDis\bar\Cache\039F16F6.bin
C:\Program Files\AskBarDis\bar\Cache\039F18CA.bin
C:\Program Files\AskBarDis\bar\Cache\039F1A8F.bin
C:\Program Files\AskBarDis\bar\Cache\039F1C45.bin
C:\Program Files\AskBarDis\bar\Cache\039F1D8D.bin
C:\Program Files\AskBarDis\bar\Cache\files.ini
C:\Program Files\AskBarDis\bar\History\search
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
C:\Program Files\Crawler
C:\Program Files\Crawler\Download
C:\Program Files\Crawler\Toolbar
C:\Program Files\Crawler\Toolbar\adrkeys.dat
C:\Program Files\Crawler\Toolbar\Cache
C:\Program Files\Crawler\Toolbar\COMMON_FF.dat
C:\Program Files\Crawler\Toolbar\confirm.dat
C:\Program Files\Crawler\Toolbar\ctbcomm.dll
C:\Program Files\Crawler\Toolbar\ctbr.dll
C:\Program Files\Crawler\Toolbar\CTConf.dat
C:\Program Files\Crawler\Toolbar\CTipsDef.dll
C:\Program Files\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Crawler\Toolbar\CUpdate.exe
C:\Program Files\Crawler\Toolbar\firefox
C:\Program Files\Crawler\Toolbar\Languages
C:\Program Files\Crawler\Toolbar\lookfor.dat
C:\Program Files\Crawler\Toolbar\majorse.dat
C:\Program Files\Crawler\Toolbar\rootmenu.dat
C:\Program Files\Crawler\Toolbar\services.dat
C:\Program Files\Crawler\Toolbar\STWSGLanguageAct
C:\Program Files\Crawler\Toolbar\stwsg_ff.dat
C:\Program Files\Crawler\Toolbar\svc_set.dat
C:\Program Files\Crawler\Toolbar\TBR5LanguageAct
C:\Program Files\Crawler\Toolbar\TempDir
C:\Program Files\Crawler\Toolbar\update
C:\Program Files\Crawler\Toolbar\WebSecurityGuard.dll
C:\Program Files\Crawler\Toolbar\WSGData
C:\Program Files\Crawler\Toolbar\Cache\COMMON
C:\Program Files\Crawler\Toolbar\Cache\STERM
C:\Program Files\Crawler\Toolbar\Cache\STWSG
C:\Program Files\Crawler\Toolbar\Cache\COMMON\CLEANUP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\CLEANUP_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\DIRLIST_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\DIRLIST_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\ECARDS_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\ECARDS_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\EMAIL_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\GAMES_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\GAMES_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\SHOP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\SKINS_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\SPELL_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\TRAVEL_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\WAYBACK_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\WP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\YP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STERM\STERM_BMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STERM\STERM_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STERM\STERM_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\WSGBUTTON_BMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\WSGBUTTON_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\WSGBUTTON_MENU.dat
C:\Program Files\Crawler\Toolbar\firefox\chrome
C:\Program Files\Crawler\Toolbar\firefox\chrome.manifest
C:\Program Files\Crawler\Toolbar\firefox\components
C:\Program Files\Crawler\Toolbar\firefox\install.ini
C:\Program Files\Crawler\Toolbar\firefox\install.rdf
C:\Program Files\Crawler\Toolbar\firefox\chrome\crawlertbr.jar
C:\Program Files\Crawler\Toolbar\firefox\components\xshared.dll
C:\Program Files\Crawler\Toolbar\firefox\components\xshared.xpt
C:\Program Files\Crawler\Toolbar\firefox\components\xsupport.dll
C:\Program Files\Crawler\Toolbar\firefox\components\xsupport.xpt
C:\Program Files\Crawler\Toolbar\firefox\components\xwsg.dll
C:\Program Files\Crawler\Toolbar\firefox\components\xwsg.xpt
C:\Program Files\Crawler\Toolbar\Languages\STWSG_CS.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_DE.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_EN.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_ES.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_IT.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_PT-BR.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_PT.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_CS.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_DE.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_EN.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_ES.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_IT.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_PT-BR.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_PT.cab
C:\Program Files\Crawler\Toolbar\STWSGLanguageAct\info.ini
C:\Program Files\Crawler\Toolbar\STWSGLanguageAct\language.ini
C:\Program Files\Crawler\Toolbar\TBR5LanguageAct\info.ini
C:\Program Files\Crawler\Toolbar\TBR5LanguageAct\language.ini
C:\Program Files\Crawler\Toolbar\update\domains.cab
C:\Program Files\Crawler\Toolbar\WSGData\domains
C:\Program Files\Crawler\Toolbar\WSGData\userData_S-1-5-21-3897272470-3592861273-1499900771-1006.dat
C:\Program Files\Crawler\Toolbar\WSGData\wfilter.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_000.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_000_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_001.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_001_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_002.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_002_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_003.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_003_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_004.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_004_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_005.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_005_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_006.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_006_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_007.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_007_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_008.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_008_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_009.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_009_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_010.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_010_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_011.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_011_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_012.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_012_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_013.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_013_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_014.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_014_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_015.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_015_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_016.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_016_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_017.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_017_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_018.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_018_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_019.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_019_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_020.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_020_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_021.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_021_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_022.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_022_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_023.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_023_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_024.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_024_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_025.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_025_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_026.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_026_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_027.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_027_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_028.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_028_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_029.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_029_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\index.dat
D:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Crawler Toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://actus.sfr.fr"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
--------------------\\ Recherche d'autres infections
--------------------\\ ROGUES ..
D:\DOCUME~1\GUERVI~1.TON\APPLIC~1\Starware370
1 - "C:\ToolBar SD\TB_1.txt" - 21/11/2008|15:29 - Option : [1]
-----------\\ Fin du rapport a 15:29:34,75
Utilisateur anonyme
21 nov. 2008 à 15:41
21 nov. 2008 à 15:41
Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
grochoco
Messages postés
209
Date d'inscription
vendredi 18 mai 2007
Statut
Membre
Dernière intervention
18 janvier 2010
50
21 nov. 2008 à 16:05
21 nov. 2008 à 16:05
voici le rapport,
-----------\\ ToolBar S&D 1.2.5 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.93GHz )
BIOS : Award Medallion BIOS v6.00PG
USER : julie ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081120-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:29 Go (Free:19 Go)
D:\ (Local Disk) - NTFS - Total:148 Go (Free:98 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
Option : [2] ( 21/11/2008|16:02 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\Program Files\Crawler\Download
Supprime! - C:\Program Files\Crawler\Toolbar
Supprime! - D:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Crawler Toolbar
Supprime! - C:\Program Files\AskBarDis
Supprime! - C:\Program Files\Crawler
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://actus.sfr.fr"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
--------------------\\ ROGUES ..
D:\DOCUME~1\GUERVI~1.TON\APPLIC~1\Starware370
1 - "C:\ToolBar SD\TB_1.txt" - 21/11/2008|15:29 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 21/11/2008|16:04 - Option : [2]
-----------\\ Fin du rapport a 16:04:16,69
-----------\\ ToolBar S&D 1.2.5 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.93GHz )
BIOS : Award Medallion BIOS v6.00PG
USER : julie ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081120-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:29 Go (Free:19 Go)
D:\ (Local Disk) - NTFS - Total:148 Go (Free:98 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
Option : [2] ( 21/11/2008|16:02 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\Program Files\Crawler\Download
Supprime! - C:\Program Files\Crawler\Toolbar
Supprime! - D:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Crawler Toolbar
Supprime! - C:\Program Files\AskBarDis
Supprime! - C:\Program Files\Crawler
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://actus.sfr.fr"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
--------------------\\ ROGUES ..
D:\DOCUME~1\GUERVI~1.TON\APPLIC~1\Starware370
1 - "C:\ToolBar SD\TB_1.txt" - 21/11/2008|15:29 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 21/11/2008|16:04 - Option : [2]
-----------\\ Fin du rapport a 16:04:16,69
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
21 nov. 2008 à 16:07
21 nov. 2008 à 16:07
Telecharge malwarebytes
Tu l´instale; le programme va se mettre automatiquement a jour.
Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
Tu l´instale; le programme va se mettre automatiquement a jour.
Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
grochoco
Messages postés
209
Date d'inscription
vendredi 18 mai 2007
Statut
Membre
Dernière intervention
18 janvier 2010
50
21 nov. 2008 à 23:18
21 nov. 2008 à 23:18
voici le rapport,
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1414
Windows 5.1.2600 Service Pack 3
21/11/2008 23:16:42
mbam-log-2008-11-21 (23-16-42).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 154620
Temps écoulé: 26 minute(s), 21 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 20
Fichier(s) infecté(s): 19
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370 (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Games (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Games\images (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Games\images\active (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Games\images\default (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Lyrics_FR (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Marketing4 (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Marketing4\images (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Marketing4\images\active (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Marketing4\images\default (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Movies (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Movies\images (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Movies\images\active (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Movies\images\default (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Music_Search_FR (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Radio_FR (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\ScreensaversMarketingSitePager (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\ScreensaversMarketingSitePager\images (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\ScreensaversMarketingSitePager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\ScreensaversMarketingSitePager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
D:\Documents and Settings\guerville julie.tony\Local Settings\Temp\uneb.exe (Adware.Eurobarre) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Games\GamesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Games\GamesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Games\images\active\Games0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Lyrics_FR\Lyrics_FROptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Lyrics_FR\Lyrics_FROptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Marketing4\Marketing4Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Marketing4\Marketing4Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Marketing4\images\active\Marketing40.bmp (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Movies\MoviesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Movies\MoviesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Movies\images\active\Movies0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Music_Search_FR\Music_Search_FROptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Music_Search_FR\Music_Search_FROptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Radio_FR\Radio_FROptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Radio_FR\Radio_FROptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\ScreensaversMarketingSitePager\images\active\ScreensaversMarketingSitePager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1414
Windows 5.1.2600 Service Pack 3
21/11/2008 23:16:42
mbam-log-2008-11-21 (23-16-42).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 154620
Temps écoulé: 26 minute(s), 21 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 20
Fichier(s) infecté(s): 19
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370 (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Games (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Games\images (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Games\images\active (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Games\images\default (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Lyrics_FR (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Marketing4 (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Marketing4\images (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Marketing4\images\active (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Marketing4\images\default (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Movies (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Movies\images (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Movies\images\active (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Movies\images\default (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Music_Search_FR (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Radio_FR (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\ScreensaversMarketingSitePager (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\ScreensaversMarketingSitePager\images (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\ScreensaversMarketingSitePager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\ScreensaversMarketingSitePager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
D:\Documents and Settings\guerville julie.tony\Local Settings\Temp\uneb.exe (Adware.Eurobarre) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Games\GamesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Games\GamesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Games\images\active\Games0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Lyrics_FR\Lyrics_FROptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Lyrics_FR\Lyrics_FROptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Marketing4\Marketing4Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Marketing4\Marketing4Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Marketing4\images\active\Marketing40.bmp (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Movies\MoviesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Movies\MoviesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Movies\images\active\Movies0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Music_Search_FR\Music_Search_FROptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Music_Search_FR\Music_Search_FROptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Radio_FR\Radio_FROptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\Radio_FR\Radio_FROptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\guerville julie.tony\Application Data\Starware370\ScreensaversMarketingSitePager\images\active\ScreensaversMarketingSitePager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
Utilisateur anonyme
22 nov. 2008 à 10:11
22 nov. 2008 à 10:11
réouvre malewarebyte
va sur quarnataine
supprime tout
refais un scan hijackthis et post le rapport stp
va sur quarnataine
supprime tout
refais un scan hijackthis et post le rapport stp
grochoco
Messages postés
209
Date d'inscription
vendredi 18 mai 2007
Statut
Membre
Dernière intervention
18 janvier 2010
50
22 nov. 2008 à 14:09
22 nov. 2008 à 14:09
voici le rapport,
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:09:06, on 22/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Trust\MI-4500X WIRELESS OPTICAL MOUSE\Mouse32a.exe
C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\QTTask.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
C:\Program Files\Netropa\Onscreen Display\OSD.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\julie.110612670314\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-4500X WIRELESS OPTICAL MOUSE\Mouse32a.exe
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://powerchallenge.com/applet/PowerLoader.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} (Java Plug-in 1.6.0_02) -
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) -
O20 - AppInit_DLLs:
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:09:06, on 22/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Trust\MI-4500X WIRELESS OPTICAL MOUSE\Mouse32a.exe
C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\QTTask.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
C:\Program Files\Netropa\Onscreen Display\OSD.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\julie.110612670314\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-4500X WIRELESS OPTICAL MOUSE\Mouse32a.exe
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://powerchallenge.com/applet/PowerLoader.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} (Java Plug-in 1.6.0_02) -
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) -
O20 - AppInit_DLLs:
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
^^Marie^^
Messages postés
113901
Date d'inscription
mardi 6 septembre 2005
Statut
Membre
Dernière intervention
28 août 2020
3 275
22 nov. 2008 à 14:12
22 nov. 2008 à 14:12
Salut
A lire
++
A lire
++
grochoco
Messages postés
209
Date d'inscription
vendredi 18 mai 2007
Statut
Membre
Dernière intervention
18 janvier 2010
50
22 nov. 2008 à 14:57
22 nov. 2008 à 14:57
salut marie
t bien gentil de me recoller mes annonces mais si j en ai posté une autre c est que la premiere n a pas fonctionné.
Je connais la politique du site ou il ne faut pas poser 50 fois la meme question.
Heureusement que t la pour me le rappeler.
Le probleme c est que je n ai pas du tout envie de me séparer d avast car il me convient tres bien et de plus antivir est en anglaisIl y a bien un patch en francais mais celui ci n est pas officiel.
Et de plus je n arrive pas a mettre a jour ie6 dont je ne me sers jamais puisque je navigue avec mozilla.
Voila pourquoi j ai mis un deuxieme post
t bien gentil de me recoller mes annonces mais si j en ai posté une autre c est que la premiere n a pas fonctionné.
Je connais la politique du site ou il ne faut pas poser 50 fois la meme question.
Heureusement que t la pour me le rappeler.
Le probleme c est que je n ai pas du tout envie de me séparer d avast car il me convient tres bien et de plus antivir est en anglaisIl y a bien un patch en francais mais celui ci n est pas officiel.
Et de plus je n arrive pas a mettre a jour ie6 dont je ne me sers jamais puisque je navigue avec mozilla.
Voila pourquoi j ai mis un deuxieme post
Utilisateur anonyme
>
grochoco
Messages postés
209
Date d'inscription
vendredi 18 mai 2007
Statut
Membre
Dernière intervention
18 janvier 2010
22 nov. 2008 à 15:00
22 nov. 2008 à 15:00
on a jamias obligé personne
breff reste sur l autre topic
je sors
@++
breff reste sur l autre topic
je sors
@++
grochoco
Messages postés
209
Date d'inscription
vendredi 18 mai 2007
Statut
Membre
Dernière intervention
18 janvier 2010
50
>
Utilisateur anonyme
22 nov. 2008 à 15:11
22 nov. 2008 à 15:11
t a pas bien compris je crois.
Je ne dis que l on m a obligé a quoi que ce soit.J ai juste expliqué la raison pour laquelle j avais exposer deux fois le meme probleme.
Maintenant si tu fais la tete parce que je dis ce que je pense a marie,pas de souci.
Merci pour ton aide.
Je ne dis que l on m a obligé a quoi que ce soit.J ai juste expliqué la raison pour laquelle j avais exposer deux fois le meme probleme.
Maintenant si tu fais la tete parce que je dis ce que je pense a marie,pas de souci.
Merci pour ton aide.
^^Marie^^
Messages postés
113901
Date d'inscription
mardi 6 septembre 2005
Statut
Membre
Dernière intervention
28 août 2020
3 275
>
grochoco
Messages postés
209
Date d'inscription
vendredi 18 mai 2007
Statut
Membre
Dernière intervention
18 janvier 2010
22 nov. 2008 à 15:15
22 nov. 2008 à 15:15
Re bonjour
t bien gentil de me recoller mes annonces mais si j en ai posté une autre c est que la premiere n a pas fonctionné.
C'est surtout pour éviter certains conflits et de faire un travail en double, donc J'AI donne lecture a Chiqui ))
Tu aurais pu poursuivre sur l'autre poste en soulignant que tu as toujours des soucis
++
t bien gentil de me recoller mes annonces mais si j en ai posté une autre c est que la premiere n a pas fonctionné.
C'est surtout pour éviter certains conflits et de faire un travail en double, donc J'AI donne lecture a Chiqui ))
Tu aurais pu poursuivre sur l'autre poste en soulignant que tu as toujours des soucis
++
Utilisateur anonyme
22 nov. 2008 à 14:14
22 nov. 2008 à 14:14
regarde ceci concernant avast :
antivir vs avast :
-> http://forum.malekal.com/ftopic3528.php
alors je te conseille de le desinstaller et d´installer antivir a la place
Telecharge et instales l'antivirus Antivir Personal Edition Classic :
->Antivir le telecharger
tuto : https://www.malekal.com/avira-free-security-antivirus-gratuit/
tuto : http://www.swl1f.net/viewtopic.php?f=14&t=59
Pour désinstaller Avast telecharge cet outil
Désinstal java car pas a jours et telecharge et instal cette version :
https://www.java.com/fr/download/manual.jsp
met internet explorer a jours : IE 7 : ftp://ftp.telecharger.com/01net/IE7Setup.exe
ensuite refais un scan hijackthis et post le rapport stp
antivir vs avast :
-> http://forum.malekal.com/ftopic3528.php
alors je te conseille de le desinstaller et d´installer antivir a la place
Telecharge et instales l'antivirus Antivir Personal Edition Classic :
->Antivir le telecharger
tuto : https://www.malekal.com/avira-free-security-antivirus-gratuit/
tuto : http://www.swl1f.net/viewtopic.php?f=14&t=59
Pour désinstaller Avast telecharge cet outil
Désinstal java car pas a jours et telecharge et instal cette version :
https://www.java.com/fr/download/manual.jsp
met internet explorer a jours : IE 7 : ftp://ftp.telecharger.com/01net/IE7Setup.exe
ensuite refais un scan hijackthis et post le rapport stp