thuraminho
-
Compteur de contenus
3 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par thuraminho
-
Interprétation rapport hijack this
thuraminho a répondu à un(e) sujet de thuraminho dans Analyses et éradication malwares
Bonjour, je me suis mal exprimé, j'ai remplacé ie6 par ie8. Alors donc : Alors le 1er rapport ToolBar S&D : (merci énormément d'avance) -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : Intel® Celeron® M CPU 430 @ 1.73GHz ) BIOS : Ver 1.00PARTTBL USER : Adrien ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.26 (Activated) Firewall : ZoneAlarm Firewall 7.0.483.000 (Not Activated) C:\ (Local Disk) - NTFS - Total:74 Go (Free:37 Go) D:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [1] ( 03/06/2009|11:36 ) -----------\\ Recherche de Fichiers / Dossiers ... [service] ASKService [service] ASKUpgrade C:\Program Files\AskBarDis C:\Program Files\AskBarDis\bar C:\Program Files\AskBarDis\unins000.dat C:\Program Files\AskBarDis\unins000.exe C:\Program Files\AskBarDis\bar\bin C:\Program Files\AskBarDis\bar\Cache C:\Program Files\AskBarDis\bar\History C:\Program Files\AskBarDis\bar\Settings C:\Program Files\AskBarDis\bar\bin\askBar.dll C:\Program Files\AskBarDis\bar\bin\askPopStp.dll C:\Program Files\AskBarDis\bar\bin\AskService.exe C:\Program Files\AskBarDis\bar\bin\AskSplash.exe C:\Program Files\AskBarDis\bar\bin\AskTBApp.exe C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe C:\Program Files\AskBarDis\bar\bin\psvince.dll C:\Program Files\AskBarDis\bar\Cache\016E5000 C:\Program Files\AskBarDis\bar\Cache\016E536B.bin C:\Program Files\AskBarDis\bar\Cache\016E5649.bin C:\Program Files\AskBarDis\bar\Cache\016E57DF.bin C:\Program Files\AskBarDis\bar\Cache\016E5A12.bin C:\Program Files\AskBarDis\bar\Cache\016E5BB8.bin C:\Program Files\AskBarDis\bar\Cache\016E5D6D.bin C:\Program Files\AskBarDis\bar\Cache\016E5EF4.bin C:\Program Files\AskBarDis\bar\Cache\files.ini C:\Program Files\AskBarDis\bar\History\search C:\Program Files\AskBarDis\bar\Settings\AskLogo.ico C:\Program Files\AskBarDis\bar\Settings\config.dat C:\Program Files\AskBarDis\bar\Settings\config.dat.bak C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm C:\Program Files\AskBarDis\bar\Settings\prevCfg2.htm -----------\\ Extensions (Adrien) - {0b457cAA-602d-484a-8fe7-c1d894a011ba} => fireshot (Adrien) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar (Adrien) - {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} => livehttpheaders (Adrien) - {9c51bd27-6ed8-4000-a2bf-36cb95c0c947} => tamperdata (Adrien) - {c45c406e-ab73-11d8-be73-000a95be3b12} => webdeveloper (Adrien) - {d9284e50-81fc-11da-a72b-0800200c9a66} => yoono (Adrien) - {d9284e50-81fc-11da-a72b-0800200c9a66} => sidebar (Adrien) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar (Adrien) - {EF522540-89F5-46b9-B6FE-1829E2B572C6} => googlepreview (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ca (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-cs (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-da (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-de (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-en-US (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-es-AR (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-es-ES (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-eu (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-fr (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ga-IE (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-hu (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-is (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-it (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ja-JP-mac (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ja (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ka (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ko (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-lt (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-nb-NO (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-nl (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-nn-NO (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-pl (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-pt-BR (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-pt-PT (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ro (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ru (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-sk (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-sl (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-sv-SE (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-uk (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-zh-CN (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-zh-TW (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ca (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-cs (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-da (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-de (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-en-US (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-es-AR (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-es-ES (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-eu (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-fr (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ga-IE (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-hu (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-is (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-it (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ja-JP-mac (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ja (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ka (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ko (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-lt (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-nb-NO (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-nl (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-nn-NO (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-pl (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-pt-BR (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-pt-PT (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ro (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ru (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-sk (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-sl (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-sv-SE (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-uk (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-zh-CN (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-zh-TW (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157" "Search Page"="http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR"'>http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "First Home Page"="http://www.windows.fr/ie8/bienvenue"'>http://www.windows.fr/ie8/bienvenue" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\Adrien\Bureau\S‚curit‚ + Probleme connexion + m\photoshop7\Crack.exe 1 - "C:\ToolBar SD\TB_1.txt" - 03/06/2009|11:42 - Option : [1] -----------\\ Fin du rapport a 11:42:45,43 le 2e rapport toolbar sd : -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : Intel® Celeron® M CPU 430 @ 1.73GHz ) BIOS : Ver 1.00PARTTBL USER : Adrien ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.26 (Activated) Firewall : ZoneAlarm Firewall 7.0.483.000 (Not Activated) C:\ (Local Disk) - NTFS - Total:74 Go (Free:37 Go) D:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [2] ( 03/06/2009|18:14 ) -----------\\ SUPPRESSION Supprime! - [service] ASKService Supprime! - [service] ASKUpgrade Supprime! - C:\Program Files\AskBarDis\bar Supprime! - C:\Program Files\AskBarDis\unins000.dat Supprime! - C:\Program Files\AskBarDis\unins000.exe Supprime! - C:\Program Files\AskBarDis -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ Extensions (Adrien) - {0b457cAA-602d-484a-8fe7-c1d894a011ba} => fireshot (Adrien) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar (Adrien) - {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} => livehttpheaders (Adrien) - {9c51bd27-6ed8-4000-a2bf-36cb95c0c947} => tamperdata (Adrien) - {c45c406e-ab73-11d8-be73-000a95be3b12} => webdeveloper (Adrien) - {d9284e50-81fc-11da-a72b-0800200c9a66} => yoono (Adrien) - {d9284e50-81fc-11da-a72b-0800200c9a66} => sidebar (Adrien) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar (Adrien) - {EF522540-89F5-46b9-B6FE-1829E2B572C6} => googlepreview (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ca (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-cs (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-da (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-de (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-en-US (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-es-AR (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-es-ES (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-eu (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-fr (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ga-IE (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-hu (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-is (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-it (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ja-JP-mac (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ja (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ka (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ko (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-lt (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-nb-NO (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-nl (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-nn-NO (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-pl (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-pt-BR (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-pt-PT (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ro (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ru (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-sk (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-sl (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-sv-SE (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-uk (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-zh-CN (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-zh-TW (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ca (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-cs (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-da (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-de (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-en-US (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-es-AR (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-es-ES (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-eu (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-fr (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ga-IE (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-hu (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-is (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-it (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ja-JP-mac (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ja (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ka (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ko (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-lt (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-nb-NO (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-nl (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-nn-NO (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-pl (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-pt-BR (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-pt-PT (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ro (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ru (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-sk (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-sl (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-sv-SE (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-uk (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-zh-CN (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-zh-TW (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://fr.msn.com/" "Search Page"="http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "First Home Page"="http://www.windows.fr/ie8/bienvenue" "Search Bar"="http://search.msn.fr/spbasic.htm" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.msn.com/" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\Adrien\Bureau\S‚curit‚ + Probleme connexion + m\photoshop7\Crack.exe 1 - "C:\ToolBar SD\TB_1.txt" - 03/06/2009|11:42 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 03/06/2009|18:21 - Option : [2] -----------\\ Fin du rapport a 18:21:00,31 Et le rapport hijack this : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:23:37, on 03/06/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\acs.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\TODDSrv.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe C:\WINDOWS\system32\ZoomingHook.exe C:\WINDOWS\system32\TPSMain.exe C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe C:\Program Files\TOSHIBA\Tvs\TvsTray.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\Documents and Settings\Adrien\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe C:\Program Files\FileZilla FTP Client\filezilla.exe C:\Documents and Settings\Adrien\Bureau\Sécurité + Probleme connexion + m\HJT.exe.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.windows.fr/ie8/bienvenue R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\Adrien\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 7800 bytes Merci ! -
Interprétation rapport hijack this
thuraminho a répondu à un(e) sujet de thuraminho dans Analyses et éradication malwares
Bonsoir, merci pour ton aide, j'ai viré ie 6 et remplacé Avast par Antivir. On reparlera avec plaisir de comment me protéger mieux après, j'en ai bien besoin. Malwarebytes ne m'a rien détecté. Alors le 1er rapport ToolBar S&D : -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : Intel® Celeron® M CPU 430 @ 1.73GHz ) BIOS : Ver 1.00PARTTBL USER : Adrien ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.26 (Activated) Firewall : ZoneAlarm Firewall 7.0.483.000 (Not Activated) C:\ (Local Disk) - NTFS - Total:74 Go (Free:37 Go) D:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [1] ( 03/06/2009|11:36 ) -----------\\ Recherche de Fichiers / Dossiers ... [service] ASKService [service] ASKUpgrade C:\Program Files\AskBarDis C:\Program Files\AskBarDis\bar C:\Program Files\AskBarDis\unins000.dat C:\Program Files\AskBarDis\unins000.exe C:\Program Files\AskBarDis\bar\bin C:\Program Files\AskBarDis\bar\Cache C:\Program Files\AskBarDis\bar\History C:\Program Files\AskBarDis\bar\Settings C:\Program Files\AskBarDis\bar\bin\askBar.dll C:\Program Files\AskBarDis\bar\bin\askPopStp.dll C:\Program Files\AskBarDis\bar\bin\AskService.exe C:\Program Files\AskBarDis\bar\bin\AskSplash.exe C:\Program Files\AskBarDis\bar\bin\AskTBApp.exe C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe C:\Program Files\AskBarDis\bar\bin\psvince.dll C:\Program Files\AskBarDis\bar\Cache\016E5000 C:\Program Files\AskBarDis\bar\Cache\016E536B.bin C:\Program Files\AskBarDis\bar\Cache\016E5649.bin C:\Program Files\AskBarDis\bar\Cache\016E57DF.bin C:\Program Files\AskBarDis\bar\Cache\016E5A12.bin C:\Program Files\AskBarDis\bar\Cache\016E5BB8.bin C:\Program Files\AskBarDis\bar\Cache\016E5D6D.bin C:\Program Files\AskBarDis\bar\Cache\016E5EF4.bin C:\Program Files\AskBarDis\bar\Cache\files.ini C:\Program Files\AskBarDis\bar\History\search C:\Program Files\AskBarDis\bar\Settings\AskLogo.ico C:\Program Files\AskBarDis\bar\Settings\config.dat C:\Program Files\AskBarDis\bar\Settings\config.dat.bak C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm C:\Program Files\AskBarDis\bar\Settings\prevCfg2.htm -----------\\ Extensions (Adrien) - {0b457cAA-602d-484a-8fe7-c1d894a011ba} => fireshot (Adrien) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar (Adrien) - {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} => livehttpheaders (Adrien) - {9c51bd27-6ed8-4000-a2bf-36cb95c0c947} => tamperdata (Adrien) - {c45c406e-ab73-11d8-be73-000a95be3b12} => webdeveloper (Adrien) - {d9284e50-81fc-11da-a72b-0800200c9a66} => yoono (Adrien) - {d9284e50-81fc-11da-a72b-0800200c9a66} => sidebar (Adrien) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar (Adrien) - {EF522540-89F5-46b9-B6FE-1829E2B572C6} => googlepreview (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ca (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-cs (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-da (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-de (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-en-US (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-es-AR (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-es-ES (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-eu (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-fr (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ga-IE (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-hu (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-is (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-it (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ja-JP-mac (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ja (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ka (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ko (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-lt (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-nb-NO (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-nl (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-nn-NO (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-pl (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-pt-BR (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-pt-PT (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ro (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ru (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-sk (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-sl (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-sv-SE (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-uk (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-zh-CN (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-zh-TW (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ca (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-cs (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-da (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-de (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-en-US (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-es-AR (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-es-ES (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-eu (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-fr (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ga-IE (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-hu (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-is (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-it (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ja-JP-mac (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ja (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ka (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ko (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-lt (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-nb-NO (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-nl (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-nn-NO (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-pl (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-pt-BR (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-pt-PT (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ro (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ru (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-sk (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-sl (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-sv-SE (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-uk (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-zh-CN (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-zh-TW (Adrien) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157" "Search Page"="http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "First Home Page"="http://www.windows.fr/ie8/bienvenue" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\Adrien\Bureau\S‚curit‚ + Probleme connexion + m\photoshop7\Crack.exe 1 - "C:\ToolBar SD\TB_1.txt" - 03/06/2009|11:42 - Option : [1] -----------\\ Fin du rapport a 11:42:45,43 -
Interprétation rapport hijack this
thuraminho a posté un sujet dans Analyses et éradication malwares
Bonjour, plusieurs de mes sites web ont été trafiqués à travers la récupération de mes ftp sur filezilla, on m'a suggéré qu'un malware les pompe sur ma machine. Une bonne âme pourrait elle m'aider à interpréter ce rapport HIJACKTHIS (merci énormément d'avance) : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:48:22, on 02/06/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\acs.exe C:\Program Files\AskBarDis\bar\bin\AskService.exe C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\TODDSrv.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\TOSHIBA\TouchPad\TPTray.exe C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe C:\WINDOWS\system32\ZoomingHook.exe C:\WINDOWS\system32\TPSMain.exe C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe C:\Program Files\TOSHIBA\Tvs\TvsTray.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\system32\msiexec.exe C:\Documents and Settings\Adrien\Bureau\Sécurité + Probleme connexion + m\HJT.exe.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 7666 bytes