serwab qu'est ce que c'est??? (protocol, nettoyage, scan, demo)

felicity33

30 Août 2006 22:17:01

salut tout le monde

j'utilise en ce momment le pc de mon petit frère et j'ai remarqué qu'il était bouré de virus!!!

après un scan avec avast j'ai eu ce message: "fichier C:\documents et settings\all users\application data\platformroamse condmanaer\base dumb.exe [Trj]"

et à l'instant j'ai eu un messae d'alerte: télécharger la solution sécurité pour serwab ?!! :??:

Je suis pas très douée en informatique alors je vous demande quoi faire??

MErci d'avance pour votre aide

Autres pages sur : serwab

| Etre averti des réponses
| Alerter

Répondre à felicity33

felicity33

30 Août 2006 22:20:00

Ah joubliais, si je telechare le winantiviruspro6 contre serwab puis je garder avast comme anti virus??

| Alerter

Répondre à felicity33

chercheur_

30 Août 2006 22:36:10

Bonjour

Ne télécharge pas winantiviruspro6 , c'est un faux utilitaire. C'est lui qui t'infecte pour t'inciter à l'acheter

1 Télécharge
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.

Ewido
Lance Ewido et clique sur le bouton Update (barre d'outils - au haut).
Sous Manual Update clique Start update. Patiente jusqu'à l'affichage "Update successful".

2 Redémarre en mode sans echec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.

3 Lance le nettoyage avec CCleaner.

4 Lance Ewido.
Clique sur le bouton Scanner (de la barre d'outils)
Puis sur l'onglets Settings, pour How to Act. Clique sur Recommanded Actions. Sélectionne Quarantine.
Reviens a l'onglet Scan. Clique Complete system Scan
A la fin du scan, choisis l'option " Apply All Actions " en bas.
Clique sur "Save Report", puis "Save Report As". Ceci génère un rapport en fichier texte. Assure-toi de le sauvegarder dans un endroit facile à retrouver.

5 Redémarre normalement et poste le rapport d'Ewido avec un log HijackThis v1.99.1
http://pchelpbordeaux.free.fr/logiciels.html
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm

| Alerter

Répondre à chercheur_

felicity33

31 Août 2006 07:03:11

salut
voici le rapport hijack avant de commencer

Logfile of HijackThis v1.99.1
Scan saved at 09:00:58, on 31/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\WINDOWS\ehome\ehSched.exe
C:\WINDOWS\System32\gearsec.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\HPMEDI~1\Pavilion\XPEWWBS4\plugin\bin\pchbutton.exe
C:\WINDOWS\system32\OSK.exe
C:\WINDOWS\system32\MSSWCHX.EXE
C:\Documents and Settings\hakha\Local Settings\Temporary Internet Files\Content.IE5\SDA7CXIR\ewido-setup_4.0.0.172b[1].exe
C:\Documents and Settings\hakha\Local Settings\Temporary Internet Files\Content.IE5\CFHVA2VT\ccsetup131[1].exe
C:\Documents and Settings\hakha\Local Settings\Temporary Internet Files\Content.IE5\1Z7Z1X0E\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll (file missing)
O2 - BHO: (no name) - {02080E8A-7584-9338-28CE-FC8260D450F6} - C:\DOCUME~1\sophian\APPLIC~1\ITCHBI~1\Bags Bat.exe (file missing)
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - (no file)
O2 - BHO: SponsorAdulto Class - {511F9316-771B-4953-A268-1C36DA667FE9} - C:\WINDOWS\Downloaded Program Files\sponsoradulto.dll (file missing)
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Program Files\RXToolBar\sfcont.dll (file missing)
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem303.dll (file missing)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O2 - BHO: Class - {DA39029C-D291-A968-3FF4-D0990D5CB5FC} - C:\Program Files\LinkOptimizer\LinkOptimizer.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: YourSiteBar - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - C:\Program Files\YourSiteBar\ysb.dll (file missing)
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [NI.UWFX5V_0001_N57M1212] "C:\Documents and Settings\sophian\Local Settings\Temporary Internet Files\Content.IE5\TRR362KC\WinFixer2005ScannerInstallFRA[1].exe" -nag
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Á²# L"h'þ9Óœð3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\hanhumpv.exe
O4 - HKLM\..\Run: [Á²# K"h'þ9Óœ÷3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\hanhumpv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [vhcp16.exe] C:\WINDOWS\Temp\vhcp16.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] ~"C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPMEDI~1\Pavilion\XPEWWBS4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Error Safe] "C:\Program Files\Error Safe Free\ers.exe" /min
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int12.exe
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} (SponsorAdulto Class) - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.c...
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} - http://installs.hotbar.com/installs/hbtools/programs/hb...
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.playqames.com/default.cab?uid=9&id=60953&1s&...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spyspotter.com/spyspotter/spsp29953.01n...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

| Alerter

Répondre à felicity33

bob_

31 Août 2006 08:17:35

Bonjour,

Fait le scan avec Ewido comme chercheurpca te l'as demandé ensuite poste le rapport Ewido et reposte un nouveau rapport HijackThis car il risque d'être modifié. Pour info il te faut suivre à la lettre (ne pas sauter d'etapes) les procédures que nous allons te demander de faire.

| Alerter

Répondre à bob_

felicity33

31 Août 2006 09:36:32

voici le nouveau rapport hijack

Logfile of HijackThis v1.99.1
Scan saved at 11:33:02, on 31/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\HPMEDI~1\Pavilion\XPEWWBS4\plugin\bin\pchbutton.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\gearsec.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\hakha\Local Settings\Temporary Internet Files\Content.IE5\8RATI7E3\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
O2 - BHO: (no name) - {02080E8A-7584-9338-28CE-FC8260D450F6} - (no file)
O2 - BHO: (no name) - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file)
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - (no file)
O2 - BHO: (no name) - {511F9316-771B-4953-A268-1C36DA667FE9} - (no file)
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - (no file)
O2 - BHO: (no name) - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O2 - BHO: Class - {DA39029C-D291-A968-3FF4-D0990D5CB5FC} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Á²# K"h'þ9Óœ÷3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\hanhumpv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] ~"C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPMEDI~1\Pavilion\XPEWWBS4\plugin\bin\pchbutton.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int12.exe
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.c...
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} - http://installs.hotbar.com/installs/hbtools/programs/hb...
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.playqames.com/default.cab?uid=9&id=60953&1s&...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spyspotter.com/spyspotter/spsp29953.01n...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

et celui d'ewido

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 11:27:29 31/08/2006

+ Scan result:

HKLM\SOFTWARE\Altnet -> Adware.Altnet : Error during cleaning.
HKLM\SOFTWARE\Altnet\Dashboard -> Adware.Altnet : Error during cleaning.
HKLM\SOFTWARE\Altnet\Dashboard\Settings -> Adware.Altnet : Error during cleaning.
HKLM\SOFTWARE\Altnet\Dashboard\Setup -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Altnet\Dashboard\Temp Internet Shares -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Altnet\LocalFiles -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Altnet\TopSearch -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM25.ADM25 -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM25.ADM25.1 -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM25.ADM25\CurVer -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM4.ADM4 -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM4.ADM4.1 -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM4.ADM4\CurVer -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\TopSearch.TSLink -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\TopSearch.TSLink.1 -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\TopSearch.TSLink\CLSID -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\TopSearch.TSLink\CurVer -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Cydoor -> Adware.Cydoor : Cleaned with backup (quarantined).
C:\Documents and Settings\Invité\Application Data\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\Config.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\db\Aliases.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\db\Sites.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\persist.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\report -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml.db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\report\send_ShopperReports.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\report\send_ShopperReports.xml.db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\res2 -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\res2\WhiteList.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Invité\Application Data\ShopperReports\shprrprt.log -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Invité\Application Data\ShopperReports\shprrprt_1135365257.log -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Mohamed\Application Data\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Mohamed\Application Data\ShopperReports\cs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Mohamed\Application Data\ShopperReports\cs\Config.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Mohamed\Application Data\ShopperReports\cs\db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Mohamed\Application Data\ShopperReports\cs\db\Aliases.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Mohamed\Application Data\ShopperReports\cs\db\Sites.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Mohamed\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Mohamed\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Mohamed\Application Data\ShopperReports\cs\persist.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Mohamed\Application Data\ShopperReports\cs\report -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Mohamed\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Mohamed\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml.db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Mohamed\Application Data\ShopperReports\cs\report\send_ShopperReports.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Mohamed\Application Data\ShopperReports\cs\report\send_ShopperReports.xml.db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Mohamed\Application Data\ShopperReports\cs\res1 -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Mohamed\Application Data\ShopperReports\cs\res1\WhiteList.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Mohamed\Application Data\ShopperReports\shprrprt.log -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\Mohamed\Application Data\ShopperReports\shprrprt_1137934920.log -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\fatima\Application Data\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\fatima\Application Data\ShopperReports\cs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\fatima\Application Data\ShopperReports\cs\Config.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\fatima\Application Data\ShopperReports\cs\db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\fatima\Application Data\ShopperReports\cs\db\Aliases.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\fatima\Application Data\ShopperReports\cs\db\Sites.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\fatima\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\fatima\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\fatima\Application Data\ShopperReports\cs\persist.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\fatima\Application Data\ShopperReports\cs\report -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\fatima\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\fatima\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml.db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\fatima\Application Data\ShopperReports\cs\report\send_ShopperReports.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\fatima\Application Data\ShopperReports\cs\report\send_ShopperReports.xml.db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\fatima\Application Data\ShopperReports\cs\res2 -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\fatima\Application Data\ShopperReports\cs\res2\WhiteList.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\fatima\Application Data\ShopperReports\shprrprt.log -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\hakha\Application Data\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\hakha\Application Data\ShopperReports\cs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\hakha\Application Data\ShopperReports\cs\Config.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\hakha\Application Data\ShopperReports\cs\db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\hakha\Application Data\ShopperReports\cs\db\Aliases.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\hakha\Application Data\ShopperReports\cs\db\Sites.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\hakha\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\hakha\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\hakha\Application Data\ShopperReports\cs\persist.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\hakha\Application Data\ShopperReports\cs\report -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\hakha\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\hakha\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml.db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\hakha\Application Data\ShopperReports\cs\report\send_ShopperReports.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\hakha\Application Data\ShopperReports\cs\report\send_ShopperReports.xml.db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\hakha\Application Data\ShopperReports\cs\res1 -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\hakha\Application Data\ShopperReports\cs\res1\WhiteList.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\hakha\Application Data\ShopperReports\shprrprt.log -> Adware.HotBar : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\HbInstIE.dll -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\Common -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\Common\Time -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\Common\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\EUI -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\HtmlPPP -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\ImagesHistory -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Install -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\PI -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\PI\3.2 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg800 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg801 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg802 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg803 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg807 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg808 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg810 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg811 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg812 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg818 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg819 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg824 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg825 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg826 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg827 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg828 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg829 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg830 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg842 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg843 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg844 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg845 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg847 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg848 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg849 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg852 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg853 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg856 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg857 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg860 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg861 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg887 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg888 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg889 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg910 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg912 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg914 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\Sample\Hist\sg915 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\UserInfo -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\dynamic -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\init -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\links -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\options -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HbTools\updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HostOI -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HostOI\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HostOL -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HostOL\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\HostOL\soho -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\Time -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\Time\HostIE -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\Time\HostIE\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\Time\HostOI -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\Time\HostOI\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\Time\HostOL -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\HbTools\Time\HostOL\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\ShopperReports\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\ShopperReports\ShopperReports\PostInstaller -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\instafink.INSTAFINK -> Adware.InstaFinder : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\instafink.INSTAFINK\Clsid -> Adware.InstaFinder : Cleaned with backup (quarantined).
C:\Program Files\Internet Optimizer -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
C:\Program Files\Internet Optimizer\update -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Avenue Media -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Avenue Media\Internet Optimizer -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper\cf1 -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf1 -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4 -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Kapabout -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Rotue -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\AMeOpt -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Policies\Avenue Media -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
C:\Program Files\ISTsvc -> Adware.ISTBar : Cleaned with backup (quarantined).
C:\Program Files\ISTsvc\istsvc.exe -> Adware.ISTBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\ISTsvc -> Adware.ISTBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\ISTsvc\history -> Adware.ISTBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISTsvc -> Adware.ISTBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YourSiteBar -> Adware.ISTBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\YourSiteBar -> Adware.ISTBar : Error during cleaning.
HKLM\SOFTWARE\YourSiteBar\Historyfiles -> Adware.ISTBar : Error during cleaning.
HKLM\SOFTWARE\YourSiteBar\Historystring -> Adware.ISTBar : Error during cleaning.
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\IST -> Adware.ISTBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj -> Adware.MoneyTree : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj.1 -> Adware.MoneyTree : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj\CLSID -> Adware.MoneyTree : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj\CurVer -> Adware.MoneyTree : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\DyFuCA_BH.SinkObj -> Adware.MoneyTree : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\DyFuCA_BH.SinkObj.1 -> Adware.MoneyTree : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\DyFuCA_BH.SinkObj\CLSID -> Adware.MoneyTree : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\DyFuCA_BH.SinkObj\CurVer -> Adware.MoneyTree : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DyFuCA -> Adware.MoneyTree : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL10.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL11.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL12.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL13.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL14.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL15.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL16.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL17.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL18.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL19.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL2.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL20.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL21.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL22.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL23.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL24.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL25.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL26.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL27.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL28.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL29.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL3.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL30.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL31.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL32.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL33.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL34.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL35.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL36.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL37.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL38.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL39.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL4.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL40.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL41.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL42.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL43.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL44.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL45.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL46.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL47.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL48.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL49.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL5.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL50.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL51.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL52.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL53.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL54.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL55.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL56.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL57.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL58.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL59.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL6.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL60.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL61.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL62.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL63.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL64.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL65.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL66.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL67.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL68.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL69.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL7.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL70.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL71.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL72.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL73.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL74.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL75.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL76.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL77.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL78.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL79.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL8.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL80.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\MARSHAL9.DLL -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking10.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking11.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking12.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking13.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking14.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking15.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking16.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking17.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking18.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking19.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking2.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking20.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking21.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking22.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking23.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking24.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking25.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking26.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking27.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking28.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking29.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking3.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking30.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking31.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking32.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking33.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking34.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking35.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking36.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking37.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking38.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking39.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking4.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking40.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking41.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking42.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking43.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking44.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking45.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking46.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking47.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking48.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking49.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking5.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking50.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking51.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking52.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking53.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking54.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking55.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking56.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking57.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking58.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking59.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking6.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking60.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking61.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking62.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking63.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking64.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking65.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking66.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking67.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking68.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking69.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking7.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking70.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking71.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking72.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking73.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking74.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking75.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking76.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking77.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking78.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking79.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking8.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking80.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\WINDOWS\system32\P2P Networking\P2P Networking9.ENG -> Adware.P2PNetworking : Cleaned with backup (quarantined).
C:\Program Files\PestTrap\PestTrap.exe -> Adware.PestTrap : Cleaned with backup (quarantined).
C:\Program Files\Power Scan -> Adware.PowerScan : Cleaned with backup (quarantined).
C:\Program Files\Power Scan\powerscan.exe -> Adware.PowerScan : Cleaned with backup (quarantined).
C:\Program Files\Power Scan\uninstall.exe -> Adware.PowerScan : Cleaned with backup (quarantined).
HKLM\SOFTWARE\PowerScan -> Adware.PowerScan : Cleaned with backup (quarantined).
C:\Program Files\RXToolBar -> Adware.RXToolbar : Cleaned with backup (quarantined).
C:\Program Files\RXToolBar\sfcont.bin -> Adware.RXToolbar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{59879FA4-4790-461c-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\RX Toolbar -> Adware.RXToolbar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\WUSE.1 -> Adware.SaveNow : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\WUSN.1 -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Program Files\SideFind -> Adware.SideFind : Cleaned with backup (quarantined).
C:\Program Files\SideFind\sfexd001 -> Adware.SideFind : Cleaned with backup (quarantined).
C:\Program Files\SideFind\update -> Adware.SideFind : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\SideFind.Finder -> Adware.SideFind : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\SideFind.Finder.1 -> Adware.SideFind : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\SideFind.Finder\CLSID -> Adware.SideFind : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\SideFind.Finder\CurVer -> Adware.SideFind : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\SideFind -> Adware.SideFind : Cleaned with backup (quarantined).
HKLM\SOFTWARE\SideFind -> Adware.SideFind : Cleaned with backup (quarantined).
C:\Program Files\SurfAccuracy -> Adware.SurfAccuracy : Cleaned with backup (quarantined).
C:\Program Files\SurfAccuracy\License.lnk -> Adware.SurfAccuracy : Error during cleaning.
C:\Program Files\SurfAccuracy\SAcc.cfg -> Adware.SurfAccuracy : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\{287A2BAD-6590-4EFF-9BBC-494385664A73} -> Adware.SysProtect : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2178F3FB-2560-458F-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005 -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\Activate.dat -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\Backup -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\DataBase.sav -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\Download -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\FileTypeRecognizer.dll -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\FixCore.dll -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\License.rtf -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\MMFix.dll -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\Mp3DB -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\MpegDB -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\Program.sav -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\Repaired -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\StrRes.dll -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\Tasks -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\Template.dbx -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\WaveDB -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\bnlink.dat -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\compcln.dll -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\df_kmd.sys -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\diagnosis.dat -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\flash.ini -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\lapv.dat -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\lock.dat -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\pv.dat -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\sr.log -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\support.url -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\trace.log -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\unins000.dat -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\unins000.exe -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\up.dat -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\update.log -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\updater.dat -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005\wfx5.url -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\FFWraper.DLL -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\FixCore.DLL -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\MMFixCtrl.DLL -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\compcln.dll -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.AppCleaner -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.AppCleaner.1 -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.AppCleaner\CLSID -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.AppCleaner\CurVer -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.CCQuickScan -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.CCQuickScan.1 -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.CCQuickScan\CLSID -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.CCQuickScan\CurVer -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.FileCleaner -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.FileCleaner.1 -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.FileCleaner\CLSID -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.FileCleaner\CurVer -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.InetCleaner -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.InetCleaner.1 -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.InetCleaner\CLSID -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.InetCleaner\CurVer -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.RegCleaner -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.RegCleaner.1 -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.RegCleaner\CLSID -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.RegCleaner\CurVer -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.SystemCleaner -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.SystemCleaner.1 -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.SystemCleaner\CLSID -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CompCleanCore.SystemCleaner\CurVer -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\FFWraper.FFEnginWraper -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\FFWraper.FFEnginWraper.1 -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\FFWraper.FFEnginWraper\CLSID -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\FFWraper.FFEnginWraper\CurVer -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\FixCore.MMFixCore -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\FixCore.MMFixCore.1 -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\FixCore.MMFixCore\CLSID -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\FixCore.MMFixCore\CurVer -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\MMFixCtrl.CoFixEngine -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\MMFixCtrl.CoFixEngine.1 -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\MMFixCtrl.CoFixEngine\CLSID -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\MMFixCtrl.CoFixEngine\CurVer -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\df_fixer.Fixer -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\df_fixer.Fixer.1 -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\df_fixer.Fixer\CLSID -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\df_fixer.Fixer\CurVer -> Adware.WinFixer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\WinSoftware\WinFixer 2005 -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\YourSiteBar -> Adware.YourSiteBar : Cleaned with backup (quarantined).
C:\Program Files\YourSiteBar\imagemap_normal.bmp -> Adware.YourSiteBar : Cleaned with backup (quarantined).
C:\Program Files\YourSiteBar\imagemap_over.bmp -> Adware.YourSiteBar : Cleaned with backup (quarantined).
C:\Program Files\YourSiteBar\version.txt -> Adware.YourSiteBar : Cleaned with backup (quarantined).
C:\Program Files\YourSiteBar\yoursitebar.xml -> Adware.YourSiteBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Ysb.YsbObj -> Adware.YourSiteBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Ysb.YsbObj.1 -> Adware.YourSiteBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Ysb.YsbObj\CLSID -> Adware.YourSiteBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Ysb.YsbObj\CurVer -> Adware.YourSiteBar : Cleaned with backup (quarantined).
C:\WINDOWS\timed.exe -> Backdoor.WebDor : Cleaned with backup (quarantined).
C:\WINDOWS\volumec.exe -> Backdoor.Webdor.af : Cleaned with backup (quarantined).
C:\Documents and Settings\hakha\Local Settings\Temporary Internet Files\Content.IE5\U1QXA5K5\int_ver34[1].CAB/int_ver34.ocx -> Dialer.VB.j : Error during cleaning.
C:\WINDOWS\hanhumpv.exe -> Downloader.IstBar.ij : Cleaned with backup (quarantined).
C:\WINDOWS\logon.exe -> Downloader.VB.fi : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\ABoxInst_int12.exe -> Downloader.VB.ft : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\ABoxInst_int13.exe -> Downloader.VB.ft : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UERSV_0001_N68M0602NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Ignored.
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UERSV_0001_N68M0602NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Ignored.
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\UERSV_0001_N68M0602NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Ignored.
C:\WINDOWS\Downloaded Program Files\CONFLICT.4\UERSV_0001_N68M0602NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Ignored.
C:\WINDOWS\Downloaded Program Files\CONF

| Alerter

Répondre à felicity33

bob_

31 Août 2006 09:43:23

Re,

Il faudra dire à ton petit frere d'arreter de naviguer sur les sites pour adultes !!

Fait ce scan et on finira le restant à la main :

Télécharge SpySweeper (de Webroot) de ce lien (version d'essai de 14 jours) : http://www.webroot.com/fr/land/karangatrial.php?rc=1611...

Clique sur "Télécharger la version test".

Installe le programme. Une fois installé, il se lancera.

L'option de le mettre à jour s'affichera; clic Oui.

Lorsque les mises à jour seront installées, clic Options sur la gauche.

Clic sur l'onglet Options d'analyse.

Sous A analyser, coche les options suivantes:

Analyser la mémoire

Analyser le Registre

Analyser les cookies

Analyser tous les comptes utilisateurs

Activer l'analyse directe du disque

Analyser le contenu des fichiers compressés

Analyse à la recherche de rootkits

DÉCOCHE Ne pas analyser les dossiers de restauration du système (uniquement pour Windows Me et XP)

Clic Analyser sur la gauche.

Clic sur Démarrer.

Quand le scan est terminé, clic sur Suivant.

Assure-toi que tous les items sont cochés, puis clic sur Suivant.

Tous les items cochés seront éliminés.

Si Spy Sweeper veut redémarrer pour terminer le nettoyage : ACCEPTE.

Clic Journal de session au haut - à droite, et copie tout ce qu'il y a dans la fenêtre.

Clic sur l'onglet Récapitulatif, puis clic sur Terminer.

Colle le contenu du "Journal de session" dans ta prochaine réponse avec un nouveau HijackThis.

| Alerter

Répondre à bob_

felicity33

31 Août 2006 14:47:58

16:38: Suppression de la quarantaine terminée Durée 00:01:23
16:38: Traitement : yadro cookie
16:38: Traitement : tradedoubler cookie
16:38: Traitement : xiti cookie
16:38: Traitement : xiti cookie
16:38: Traitement : xiti cookie
16:38: Traitement : xiti cookie
16:38: Traitement : zedo cookie
16:38: Traitement : zedo cookie
16:38: Traitement : bluestreak cookie
16:38: Traitement : bluestreak cookie
16:38: Traitement : bluestreak cookie
16:38: Traitement : bluestreak cookie
16:38: Traitement : metriweb.be cookie
16:38: Traitement : addynamix cookie
16:38: Traitement : adtech cookie
16:38: Traitement : tickle cookie
16:38: Traitement : goclick cookie
16:38: Traitement : atlas dmt cookie
16:38: Traitement : comclick cookie
16:38: Traitement : statcounter cookie
16:38: Traitement : serving-sys cookie
16:38: Traitement : screensavers.com cookie
16:38: Traitement : screensavers.com cookie
16:38: Traitement : redzip cookie
16:38: Traitement : reliablestats cookie
16:38: Traitement : reliablestats cookie
16:38: Traitement : questionmarket cookie
16:38: Traitement : angelfire cookie
16:38: Traitement : passion cookie
16:38: Traitement : revenue.net cookie
16:38: Traitement : 2o7.net cookie
16:38: Traitement : 2o7.net cookie
16:38: Traitement : 2o7.net cookie
16:38: Traitement : tribalfusion cookie
16:38: Traitement : okcounter.com cookie
16:38: Traitement : ru4 cookie
16:38: Traitement : maxserving cookie
16:38: Traitement : lopdotcom cookie
16:38: Traitement : lopdotcom cookie
16:38: Traitement : lopdotcom cookie
16:38: Traitement : lopdotcom cookie
16:38: Traitement : lopdotcom cookie
16:38: Traitement : hotbar cookie
16:38: Traitement : hotbar cookie
16:38: Traitement : hotbar cookie
16:38: Traitement : 180search assistant/zango
16:38: Traitement : falkag cookie
16:38: Traitement : falkag cookie
16:38: Traitement : falkag cookie
16:38: Traitement : falkag cookie
16:38: Traitement : centrport net cookie
16:38: Traitement : findwhat cookie
16:38: Traitement : fe.lea.lycos.com cookie
16:38: Traitement : fe.lea.lycos.com cookie
16:38: Traitement : weborama cookie
16:38: Traitement : weborama cookie
16:38: Traitement : weborama cookie
16:38: Traitement : errorsafe
16:38: Traitement : errorsafe
16:38: Traitement : errorsafe
16:38: Traitement : errorsafe
16:38: Traitement : errorsafe
16:38: Traitement : errorsafe
16:38: Traitement : errorsafe
16:38: Traitement : errorsafe
16:38: Traitement : errorsafe
16:38: Traitement : errorsafe
16:38: Traitement : errorsafe
16:38: Traitement : errorsafe
16:38: Traitement : rn11 cookie
16:38: Traitement : enhance cookie
16:38: Traitement : did-it cookie
16:38: Traitement : go2net.com cookie
16:38: Traitement : bravenet cookie
16:38: Traitement : yieldmanager cookie
16:38: Traitement : yieldmanager cookie
16:38: Traitement : webpower cookie
16:38: Traitement : humanclick cookie
16:38: Traitement : upspiral cookie
16:38: Traitement : touchclarity cookie
16:38: Traitement : casalemedia cookie
16:38: Traitement : belnk cookie
16:38: Traitement : belnk cookie
16:38: Traitement : belnk cookie
16:38: Traitement : fortunecity cookie
16:38: Traitement : infospace cookie
16:38: Traitement : hbmediapro cookie
16:38: Traitement : gostats cookie
16:38: Traitement : gostats cookie
16:38: Traitement : pointroll cookie
16:38: Traitement : bs.serving-sys cookie
16:38: Traitement : burstnet cookie
16:38: Traitement : apmebf cookie
16:38: Traitement : overture cookie
16:38: Traitement : overture cookie
16:38: Traitement : adultfriendfinder cookie
16:38: Traitement : dealtime cookie
16:38: Traitement : dealtime cookie
16:38: Traitement : sandboxer cookie
16:38: Traitement : servedby advertising cookie
16:38: Traitement : linksynergy cookie
16:38: Traitement : commission junction cookie
16:38: Traitement : commission junction cookie
16:38: Traitement : advertising cookie
16:38: Traitement : advertising cookie
16:38: Traitement : fastclick cookie
16:38: Traitement : fastclick cookie
16:38: Traitement : mediaplex cookie
16:38: Traitement : mediaplex cookie
16:38: Traitement : mediaplex cookie
16:38: Traitement : tripod cookie
16:38: Traitement : sextracker cookie
16:38: Traitement : sextracker cookie
16:38: Traitement : desktop kazaa cookie
16:38: Traitement : 247realmedia cookie
16:38: Traitement : realmedia cookie
16:38: Traitement : syswebtelecom
16:38: Traitement : syswebtelecom
16:38: Traitement : syswebtelecom
16:38: Traitement : syswebtelecom
16:38: Traitement : syswebtelecom
16:38: Traitement : syswebtelecom
16:38: Traitement : syswebtelecom
16:38: Traitement : syswebtelecom
16:38: Traitement : syswebtelecom
16:38: Traitement : ist surf accuracy
16:38: Traitement : ist surf accuracy
16:38: Traitement : system doctor 2006
16:38: Traitement : ist sidefind
16:38: Traitement : ist sidefind
16:38: Traitement : ist sidefind
16:38: Traitement : ist sidefind
16:38: Traitement : ist sidefind
16:38: Traitement : ist sidefind
16:38: Traitement : ist sidefind
16:38: Traitement : rx toolbar
16:38: Traitement : rx toolbar
16:38: Traitement : rx toolbar
16:38: Traitement : rx toolbar
16:38: Traitement : rx toolbar
16:38: Traitement : rx toolbar
16:38: Traitement : rx toolbar
16:38: Traitement : rx toolbar
16:38: Traitement : rx toolbar
16:38: Traitement : rx toolbar
16:38: Traitement : rx toolbar
16:38: Traitement : rx toolbar
16:38: Traitement : rx toolbar
16:38: Traitement : rx toolbar
16:38: Traitement : ist powerscan
16:38: Traitement : ist powerscan
16:38: Traitement : ist powerscan
16:38: Traitement : ist powerscan
16:38: Traitement : topsearch
16:38: Traitement : java byteverify
16:38: Traitement : java byteverify
16:38: Traitement : java byteverify
16:38: Traitement : java byteverify
16:38: Traitement : moneytree
16:38: Traitement : moneytree
16:38: Traitement : moneytree
16:38: Traitement : instafinder
16:38: Traitement : instafinder
16:38: Traitement : instafinder
16:38: Traitement : instafinder
16:38: Traitement : instafinder
16:38: Traitement : instafinder
16:38: Traitement : ist software
16:38: Traitement : ist software
16:38: Traitement : ist software
16:38: Traitement : ist software
16:38: Traitement : linkoptimizer
16:37: Traitement : altnet
16:37: Traitement : altnet
16:37: Traitement : altnet
16:37: Traitement : altnet
16:37: Traitement : altnet
16:37: Traitement : pesttrap
16:37: Traitement : pesttrap
16:37: Traitement : pesttrap
16:37: Traitement : pesttrap
16:37: Traitement : edipol alloticket dialer
16:37: Traitement : hotconnect dialer
16:37: Traitement : hotconnect dialer
16:37: Traitement : hotconnect dialer
16:37: Traitement : cydoor peer-to-peer dependency
16:37: Traitement : cydoor
16:37: Traitement : cydoor
16:37: Traitement : cydoor
16:37: Traitement : cydoor
16:37: Traitement : cydoor
16:37: Traitement : abox
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : hotbar
16:37: Traitement : internetoptimizer
16:37: Traitement : internetoptimizer
16:37: Traitement : internetoptimizer
16:37: Traitement : internetoptimizer
16:37: Traitement : internetoptimizer
16:37: Traitement : internetoptimizer
16:37: Traitement : internetoptimizer
16:37: Traitement : internetoptimizer
16:37: Traitement : internetoptimizer
16:37: Traitement : internetoptimizer
16:37: Traitement : ist yoursitebar
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:37: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : potentially rootkit-masked files
16:36: Traitement : lopdotcom
16:36: Traitement : lopdotcom
16:36: Suppression de la quarantaine lancée
Protection anti-enregistreurs de frappe: Désactivé
Protection BHO: Activé
Protection Paramètres de sécurité Internet Explorer: Activé
Protection Exécution Alternate Data Stream (ADS): Activé
Protection de démarrage: Activé
Protection des Sites publicitaires connus: Désactivé
Protection du fichier d'hôtes: Activé
Protection anti-communication d'espions: Activé
Protection anti-ActiveX: Activé
Protection Service Affichage des messages: Activé
Protection des Favoris Internet Explorer: Activé
Protection contre l'installation de logiciels espions: Activé
Protection Mémoire: Activé
Protection de détournement Internet Explorer: Activé
Protection Cookies de suivi Internet Explorer: Désactivé
16:35: État des Protections
16:35: Définitions de logiciels espions : 752
16:35: Spy Sweeper 5.0.7.1608 démarrée
Protection anti-enregistreurs de frappe: Désactivé
Protection BHO: Activé
Protection Paramètres de sécurité Internet Explorer: Activé
Protection Exécution Alternate Data Stream (ADS): Activé
Protection de démarrage: Activé
Protection des Sites publicitaires connus: Désactivé
Protection du fichier d'hôtes: Activé
Protection anti-communication d'espions: Activé
Protection anti-ActiveX: Activé
Protection Service Affichage des messages: Activé
Protection des Favoris Internet Explorer: Activé
Protection contre l'installation de logiciels espions: Activé
Protection Mémoire: Activé
Protection de détournement Internet Explorer: Activé
Protection Cookies de suivi Internet Explorer: Désactivé
15:19: État des Protections
15:19: Définitions de logiciels espions : 752
15:19: Spy Sweeper 5.0.7.1608 démarrée
13:27: | Fin de session, jeudi 31 août 2006 |
13:27: Suppression de la quarantaine terminée Durée 00:00:33
13:27: Traitement : ist yoursitebar
13:27: Traitement : ist yoursitebar
13:27: Traitement : ist yoursitebar
13:27: Traitement : ist yoursitebar
13:27: Traitement : ist yoursitebar
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:27: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : potentially rootkit-masked files
13:26: Traitement : lopdotcom
13:26: Traitement : lopdotcom
13:26: Traitement : lopdotcom
13:26: Traitement : lopdotcom
13:26: Traitement : lopdotcom
13:26: Traitement : lopdotcom
13:26: Traitement : lopdotcom
13:26: Traitement : lopdotcom
13:26: Traitement : lopdotcom
13:26: Traitement : lopdotcom
13:26: Traitement : lopdotcom
13:26: Traitement : lopdotcom
13:26: Traitement : lopdotcom
13:26: Traitement : lopdotcom
13:26: Traitement : lopdotcom
13:26: Traitement : lopdotcom
13:26: Traitement : lopdotcom
13:26: Traitement : lopdotcom
13:26: Traitement : ist istbar
13:26: Suppression de la quarantaine lancée
Protection anti-enregistreurs de frappe: Désactivé
Protection BHO: Activé
Protection Paramètres de sécurité Internet Explorer: Activé
Protection Exécution Alternate Data Stream (ADS): Activé
Protection de démarrage: Activé
Protection des Sites publicitaires connus: Désactivé
Protection du fichier d'hôtes: Activé
Protection anti-communication d'espions: Activé
Protection anti-ActiveX: Activé
Protection Service Affichage des messages: Activé
Protection des Favoris Internet Explorer: Activé
Protection contre l'installation de logiciels espions: Activé
Protection Mémoire: Activé
Protection de détournement Internet Explorer: Activé
Protection Cookies de suivi Internet Explorer: Désactivé
13:25: État des Protections
13:25: Définitions de logiciels espions : 752
13:24: Spy Sweeper 5.0.7.1608 démarrée
12:00: Les définitions de logiciels espions ont été mises à jour.
Opération : Accès à un fichier
Cible :
Source : C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
12:00: Détection d’une falsification
Protection anti-enregistreurs de frappe: Désactivé
Protection BHO: Activé
Protection Paramètres de sécurité Internet Explorer: Activé
Protection Exécution Alternate Data Stream (ADS): Activé
Protection de démarrage: Activé
Protection des Sites publicitaires connus: Désactivé
Protection du fichier d'hôtes: Activé
Protection anti-communication d'espions: Activé
Protection anti-ActiveX: Activé
Protection Service Affichage des messages: Activé
Protection des Favoris Internet Explorer: Activé
Protection contre l'installation de logiciels espions: Activé
Protection Mémoire: Activé
Protection de détournement Internet Explorer: Activé
Protection Cookies de suivi Internet Explorer: Désactivé
11:54: État des Protections
11:54: Définitions de logiciels espions : 723
11:53: Spy Sweeper 5.0.7.1608 démarrée
11:53: Spy Sweeper 5.0.7.1608 démarrée
11:53: | Début de session, jeudi 31 août 2006 |
********
13:00: Mise en quarantaine de toutes les traces : potentially rootkit-masked files
13:00: Mise en quarantaine de toutes les traces : lopdotcom
13:00: Mise en quarantaine de toutes les traces : ist istbar
13:00: Mise en quarantaine de toutes les traces : spysheriff fakealert
13:00: Mise en quarantaine de toutes les traces : ist yoursitebar
13:00: Processus de suppression lancé.
12:39: Traces trouvées : 7447
12:39: Analyse complète terminée. Durée 00:37:05
12:39: Analyse des fichiers terminée, temps passé : 00:34:55
12:39: c:\recycler\s-1-5-21-43340872-2332929812-3977521966-1011\dc145.lnk (12 traces secondaires) (ID = 2147507944)
12:39: C:\Documents and Settings\Mohamed\Menu Démarrer\Programmes\PestTrap\PestTrap.lnk (12 traces secondaires) (ID = 2147507944)
12:38: c:\documents and settings\sophian\application data\sun\java\deployment\cache\javapi\v1.0\jar\loaderadv470.jar-22afad61-4a7fd4ba.zip (ID = 64819)
12:35: Avertissement: Stream read error
12:34: Avertissement: Stream read error
12:34: Avertissement: Stream read error
12:31: c:\documents and settings\administrateur.nom-69pxtzsc526\local settings\temp\asmfiles.cab (ID = 165635)
12:31: Avertissement: Stream read error
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\03 - gorillaz - g-sides\08 - hipalbatross.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\04 - gorillaz - laika come home\artist - piste 7.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\04 - gorillaz - laika come home\artist - piste 6.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\04 - gorillaz - laika come home\artist - piste 5.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\04 - gorillaz - laika come home\artist - piste 4.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\04 - gorillaz - laika come home\artist - piste 3.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\45 scientifiques\92i le cd qui met la pression rap fr 45 scientific lunatic booba 92i malekal morte lim ripby v10tdi315ch\45 scientific - 18 sang d encre-lunatic feat arsenik.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\l'école du micro d'argent - 1998 -\cd 1 - l'école du micro d'argent\11 - chez le mac.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\45 scientifiques\92i le cd qui met la pression rap fr 45 scientific lunatic booba 92i malekal morte lim ripby v10tdi315ch\45 scientific - 03 le dawa-malekal morte beat de boul.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\local settings\temp\répertoire temporaire 1 pour tandem - jeunesse enflammée - apres la trilogie - avec busta, arsenik, sinik, tandem, booba, rohff - son inedit avant sa sortie septembre 2005.zip\rohff ft tandem - tu fais pas le poids.mpeg (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\ombres est lumiéres - 1993 -\ombres est lumiéres - cd1 -\12 - la mousse a riton.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\45 scientifiques\92i le cd qui met la pression rap fr 45 scientific lunatic booba 92i malekal morte lim ripby v10tdi315ch\45 scientific - 17 rien ne m'arrete-ill feat freddy k.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\45 scientifiques\92i le cd qui met la pression rap fr 45 scientific lunatic booba 92i malekal morte lim ripby v10tdi315ch\45 scientific - 11sensinobienvenue-movez lang.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\45 scientifiques\92i le cd qui met la pression rap fr 45 scientific lunatic booba 92i malekal morte lim ripby v10tdi315ch\45 scientific - 08 ma définition remix-booba feat kery james.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\45 scientifiques\92i le cd qui met la pression rap fr 45 scientific lunatic booba 92i malekal morte lim ripby v10tdi315ch\45 scientific - 14 time bomb explose-45 scientific.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\freeman\l'palais de justice - 1999 -\la terre n'est pas mon chez moi.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\45 scientifiques\92i le cd qui met la pression rap fr 45 scientific lunatic booba 92i malekal morte lim ripby v10tdi315ch\45 scientific - 06 boulogne business-lim malekal.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\05 - gorillaz - demon days\11gori~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\01 - gorillaz - gorillaz\gorillaz-02-54-rev.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\05 - gorillaz - demon days\14gori~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\01 - gorillaz - gorillaz\gorillaz-13-starshine-rev.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\01 - gorillaz - gorillaz\gorillaz-12-latin_simon.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\01 - gorillaz - gorillaz\gorillaz-11-19-2000-rev.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\01 - gorillaz - gorillaz\gorillaz-10-rock_the_house-rev.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\01 - gorillaz - gorillaz\gorillaz-09-double_bass-rev.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\01 - gorillaz - gorillaz\go399f~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\01 - gorillaz - gorillaz\goa16d~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\01 - gorillaz - gorillaz\gorillaz-05-clint_eastwood-rev.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\01 - gorillaz - gorillaz\gorill~4.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\01 - gorillaz - gorillaz\gorill~3.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\01 - gorillaz - gorillaz\gorillaz-01-re-hash-rev.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\03 - gorillaz - g-sides\10 - dracula.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\05 - gorillaz - demon days\01gori~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\ombres est lumiéres - 1993 -\ombres est lumiéres - cd1 -\16 - alone tout seul forever.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\03 - gorillaz - g-sides\01 - 19-2000 (soulchildremix).mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\04 - gorillaz - laika come home\artist - piste 10.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\04 - gorillaz - laika come home\artist - piste 1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\05 - gorillaz - demon days\15gori~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\05 - gorillaz - demon days\13gori~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\05 - gorillaz - demon days\12gori~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\05 - gorillaz - demon days\10gori~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\05 - gorillaz - demon days\08gori~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\ombres est lumiéres - 1993 -\ombres est lumiéres - cd1 -\08 - le rétor de malek sultan.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\ombres est lumiéres - 1993 -\ombres est lumiéres - cd2 -\15 - où sont les roses intro.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\ombres est lumiéres - 1993 -\ombres est lumiéres - cd2 -\03 - le slow de lai t'es.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\akhenaton\electro cypher - 2000 -\akhenaton - dj sya styles - wonder.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\akhenaton\electro cypher - 2000 -\akhenaton - dj sya styles - who drives the car.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\akhenaton\electro cypher - 2000 -\akhenaton - dj sya styles - space cannibals.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\akhenaton\electro cypher - 2000 -\akhenaton - dj sya styles - city 3000.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\akhenaton\electro cypher - 2000 -\akhenaton - bruizza, zen & baron - marseille is in the house.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\akhenaton\electro cypher - 2000 -\akhenaton - bruizza, hal - how it is.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\akhenaton\electro cypher - 2000 -\akhenaton - akhenaton - yes ya'll.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\akhenaton\electro cypher - 2000 -\akhenaton - akhenaton - the battle.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\ombres est lumiéres - 1993 -\ombres est lumiéres - cd2 -\05 - l'échantillon.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\l'école du micro d'argent - 1998 -\cd 1 - l'école du micro d'argent\05 - petit frére.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\l'école du micro d'argent - 1998 -\cd 1 - l'école du micro d'argent\04 - la saga.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\l'école du micro d'argent - 1998 -\cd 1 - l'école du micro d'argent\02 - dangereux.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\05 - gorillaz - demon days\02gori~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\taratata 2005 - gérard de palmas - 256kbps - (m.mendès_s.kiberlain_c.bazbaz_l.chédid_j.cherhal_james blunt_matmatah_kt.tunstall) @ bypull\11-ski~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\taratata 2005 - gérard de palmas - 256kbps - (m.mendès_s.kiberlain_c.bazbaz_l.chédid_j.cherhal_james blunt_matmatah_kt.tunstall) @ bypull\10-mat~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\taratata 2005 - gérard de palmas - 256kbps - (m.mendès_s.kiberlain_c.bazbaz_l.chédid_j.cherhal_james blunt_matmatah_kt.tunstall) @ bypull\1 - gdp.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\akhenaton\electro cypher - 2000 -\akhenaton - akhenaton - stomp ya feet.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\1998 - greatest hits\alibi montana feat. kheimer et zone - le block• scez\15-a.montana, kheimer & zone - nouveau départ ft k-reen• scez.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\1998 - greatest hits\alibi montana feat. kheimer et zone - le block• scez\14-a.montana, kheimer & zone - réflexion face a un canon• scez.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\1998 - greatest hits\alibi montana feat. kheimer et zone - le block• scez\13-a.montana, kheimer & zone - meurtre sans alibi• scez.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\1998 - greatest hits\alibi montana feat. kheimer et zone - le block• scez\11-a.montana, kheimer & zone - son de sang• scez.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\1998 - greatest hits\alibi montana feat. kheimer et zone - le block• scez\12-alibi montana, kheimer & zone - je me vois ft adebussy• sce.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\1998 - greatest hits\alibi montana feat. kheimer et zone - le block• scez\10-a.montana, kheimer et zone - pleine lune ft sefyu• scez.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\1998 - greatest hits\alibi montana feat. kheimer et zone - le block• scez\09-a.montana, kheimer & zone - ce qui ne tue pas endurci• scez.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\1998 - greatest hits\alibi montana feat. kheimer et zone - le block• scez\07-a.montana, kheimer & zone - nouveau départ ft k-reen• scez.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\1998 - greatest hits\alibi montana feat. kheimer et zone - le block• scez\08-a.montana, kheimer & zone -assoc de malfaiteurs ft ikbal• s.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\1998 - greatest hits\alibi montana feat. kheimer et zone - le block• scez\06-a.montana, kheimer & zone - j'suis là• scez.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\1998 - greatest hits\alibi montana feat. kheimer et zone - le block• scez\05-a.montana, kheimer & zone - le rap de demain• scez.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\1998 - greatest hits\alibi montana feat. kheimer et zone - le block• scez\03-a.montana, kheimer & zone - aucun changement• scez.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\1998 - greatest hits\alibi montana feat. kheimer et zone - le block• scez\02-a.montana, kheimer & zone - le block• scez.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\1998 - greatest hits\alibi montana feat. kheimer et zone - le block• scez\01-a.montana, kheimer & zone - intro• scez.mp3 (ID = 0)
12:30: c:\program files\emule\incoming\ben harper - diamonds on the inside (2003) - album complet - format mp3 (archiver cree par mapics) winrar 3.0\akhenaton - métèque et mat - eac - mpc q6 - [mpcovore] - by patman\19 - akhenaton - bad boys de marseille (part ii ).mpc (ID = 0)
12:30: c:\program files\emule\incoming\ben harper - diamonds on the inside (2003) - album complet - format mp3 (archiver cree par mapics) winrar 3.0\akhenaton - métèque et mat - eac - mpc q6 - [mpcovore] - by patman\16 - akhenaton - prométhée (avec la fonky family).mpc (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\january hits 2006\gorillaz - discography - discografia (gorillaz,g sides, lika come home, demon days 2005\01 - gorillaz - gorillaz\gorillaz-07-punk-rev.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\204-jo~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\201-dj~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\202-os~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\203-fd~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\121-di~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\122-ex~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\120-un~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\119-un~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\116-al~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\114-op~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam - l'école du micro d'argent +bonus - 1998 - 224 kbps\my playlists\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\akhénaton (akh) - soldats de fortune - edition limitée digipack 2006\113-ol~1.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\ombres est lumiéres - 1993 -\ombres est lumiéres - cd2 -\20 - pharaon reviens.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\ombres est lumiéres - 1993 -\ombres est lumiéres - cd2 -\19 - sachet blanc.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\ombres est lumiéres - 1993 -\ombres est lumiéres - cd2 -\17 - bang bang.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\ombres est lumiéres - 1993 -\ombres est lumiéres - cd2 -\16 - où sont les roses.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\ombres est lumiéres - 1993 -\ombres est lumiéres - cd2 -\14 - achevez-les.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\ombres est lumiéres - 1993 -\ombres est lumiéres - cd2 -\12 - je lache la meute.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\ombres est lumiéres - 1993 -\ombres est lumiéres - cd2 -\11 - le dernier empereur.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\ombres est lumiéres - 1993 -\ombres est lumiéres - cd2 -\09 - laissez-nous danser.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\ombres est lumiéres - 1993 -\ombres est lumiéres - cd2 -\08 - interview.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\ombres est lumiéres - 1993 -\ombres est lumiéres - cd2 -\07 - le repos c'est la santé.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\ombres est lumiéres - 1993 -\ombres est lumiéres - cd2 -\06 - affaire en cours.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\ombres est lumiéres - 1993 -\ombres est lumiéres - cd2 -\04 - les je veux etre.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversations\ma musique\iam\album- iam all album avec les albums de akh et de shurik'n et du freeman certifié par d@rk saien\iam\ombres est lumiéres - 1993 -\ombres est lumiéres - cd2 -\02 - attentat 2.mp3 (ID = 0)
12:30: c:\documents and settings\sophian\mes documents\mes archives de conversation

| Alerter

Répondre à felicity33

felicity33

31 Août 2006 14:51:54

re,
ci dessus j'ai posté le rapport dde sweeper
c'était long!
voici un noueau hijack:

Logfile of HijackThis v1.99.1
Scan saved at 16:51:34, on 31/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\gearsec.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\HPMEDI~1\Pavilion\XPEWWBS4\plugin\bin\pchbutton.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\osk.exe
C:\WINDOWS\system32\MSSWCHX.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\hakha\Local Settings\Temporary Internet Files\Content.IE5\8RATI7E3\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {02080E8A-7584-9338-28CE-FC8260D450F6} - (no file)
O2 - BHO: (no name) - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file)
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O2 - BHO: Class - {DA39029C-D291-A968-3FF4-D0990D5CB5FC} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE" /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [Á²# K"h'þ9Óœ÷3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\hanhumpv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] ~"C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPMEDI~1\Pavilion\XPEWWBS4\plugin\bin\pchbutton.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int12.exe
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.c...
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.playqames.com/default.cab?uid=9&id=60953&1s&...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spyspotter.com/spyspotter/spsp29953.01n...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

| Alerter

Répondre à felicity33

Angeldark

31 Août 2006 17:12:42

Bonjour,

Et on continue...
Je sais meme pas comment ton ordi pouvait s'allumer...

La procédure est longue et en partie en mode sans échec,
imprime ou mets dans un fichier texte les instructions.
Les manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer.

Redémarre en mode sans échec

Ferme TOUS les fenêtres ouvertes (sauf Hijackthis)
et les logiciels de protection en temps réel (antivirus...)

- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :

R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {02080E8A-7584-9338-28CE-FC8260D450F6} - (no file)
O2 - BHO: (no name) - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file)
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O2 - BHO: Class - {DA39029C-D291-A968-3FF4-D0990D5CB5FC} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O4 - HKLM\..\Run: [Á²# K"h'þ9Óœ÷3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\hanhumpv.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int12.exe
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/3/ [...] comInt.cab
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.playqames.com/default.c [...] s&ex&ppd=4
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spyspotter.com/spy [...] nstall.cab
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)

Clique sur Fix checked (en bas à gauche)

- Assure toi d'avoir accès aux dossiers/fichiers cachés
-> Démarrer
-> Panneau de configuration
-> Options des Dossiers, onglet Affichage :
. Clique sur Afficher les dossiers cachés
. Décoche Masquer les extensions des fichiers dont le type est connu
. Décoche Masquer les fichiers protégés du système d'exploitation

- Suppime ces fichiers et/ou dossiers s'ils existent encore :

C:\WINDOWS\hanhumpv.exe
C:\Program Files\PartyPoker\

- Lance un nettoyage Ccleaner :
Clique sur le bouton "Analyse" puis "Lancer le Néttoyage"

Redémarre normalement.

- Fais un scan en ligne Kaspersky :
. Scan la zone critique
. Sauvegarde puis colle le rapport en fin d'analyse
Aide pour le scan en ligne.

NOTES :

- Si ce message apparaît :
"La licence de Kaspersky On-line Scanner est périmée"
Vas dans Ajout/Suppression de programmes pour désinstaller l'Online Scanner
Retente ensuite le scan.

- Si tu n'arrive toujours pas à utiliser le scan en ligne, fait un scan en ligne Panda
. /!\ Lorsqu'il te faudra entrée ton adresse e-mail, clique sur I don't accept (en bas)
. Poste le rapport en fin d'analyse
. Si tu as Avast! désactive-le.

| Alerter

Répondre à Angeldark

felicity33

1 Septembre 2006 07:29:39

salut
j'ai suivi a la lettre ce que tu m'as dit mais le Kasperski online ne fonctionne pas à cause apparament de l'active X.
Je fais quoi alors?

| Alerter

Répondre à felicity33

felicity33

1 Septembre 2006 07:34:25

je précise panda non plus ne fonctionne pas!!

| Alerter

Répondre à felicity33

felicity33

1 Septembre 2006 10:54:44

a defaut voici celui d'ewido!!

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:52:39 01/09/2006

+ Scan result:

C:\Program Files\eMule\Incoming\ The Songs That We Sing - Charlotte Gainsbourg [ full album mp3 player ].zip.exe -> Adware.Casino : Cleaned with backup (quarantined).
HKU\S-1-5-21-43340872-2332929812-3977521966-1017\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : Cleaned with backup (quarantined).
C:\WINDOWS\system32:sraa.dll -> Downloader.Small.jh : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UERSV_0001_N68M0602NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Ignored.
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UERSV_0001_N68M0602NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Ignored.
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\UERSV_0001_N68M0602NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Ignored.
C:\WINDOWS\Downloaded Program Files\CONFLICT.4\UERSV_0001_N68M0602NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Ignored.
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UERSV_0001_N68M0602NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Ignored.
C:\WINDOWS\Downloaded Program Files\CONFLICT.6\UERSV_0001_N68M0602NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Ignored.
C:\WINDOWS\Downloaded Program Files\UERSV_0001_N68M0602NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Ignored.
C:\Documents and Settings\hakha\Application Data\winantiviruspro2006freeinstall_fr[1].exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Ignored.
C:\WINDOWS\ABox.exe -> Not-A-Virus.PornTool.Win32.ABox.a : Ignored.
C:\Documents and Settings\hakha\Cookies\hakha@112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\hakha\Cookies\hakha@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\hakha\Cookies\hakha@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\hakha\Cookies\hakha@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\hakha\Cookies\hakha@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\hakha\Cookies\hakha@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\hakha\Cookies\hakha@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\hakha\Cookies\hakha@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\hakha\Cookies\hakha@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.

::Report end

| Alerter

Répondre à felicity33

Angeldark

1 Septembre 2006 12:12:01

Reposte un rapport Hijackthis.

| Alerter

Répondre à Angeldark

felicity33

2 Septembre 2006 09:12:31

salut

voici le rapport hijack
Logfile of HijackThis v1.99.1
Scan saved at 11:11:50, on 02/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\gearsec.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\HPMEDI~1\Pavilion\XPEWWBS4\plugin\bin\pchbutton.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Documents and Settings\hakha\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02080E8A-7584-9338-28CE-FC8260D450F6} - (no file)
O2 - BHO: Class - {DA39029C-D291-A968-3FF4-D0990D5CB5FC} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE" /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] ~"C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPMEDI~1\Pavilion\XPEWWBS4\plugin\bin\pchbutton.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

| Alerter

Répondre à felicity33

felicity33

3 Septembre 2006 07:19:50

up!

| Alerter

Répondre à felicity33

esteban54

3 Septembre 2006 08:25:04

Bonjour,

Relance HijackThis et fixe ces lignes :

O2 - BHO: (no name) - {02080E8A-7584-9338-28CE-FC8260D450F6} - (no file)
O2 - BHO: Class - {DA39029C-D291-A968-3FF4-D0990D5CB5FC} - (no file)

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

Citation :

potentially rootkit-masked files

--> on va vérifier s'il reste un rootkit :
Télécharge F-Secure Blacklight
- Lance F-Secure Blacklight (fichier blbeta.exe)
- Accepte la licence, et clique enfin sur "Scan" puis Next et Exit.
- Un rapport fsbl-bxxxx.log (xx sont des chiffres) va être créé dans le même dossier que blbeta.exe
- Ouvre fsbl-bxxxx.log et copie/colle le contenu ici