Aller au contenu

emmanuelle

Membres
  • Compteur de contenus

    15
  • Inscription

  • Dernière visite

emmanuelle's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Ha oui, il me semblait problematique egalement. Je m'en vais de ce pas le bouter hors de la. :°
  2. bien bien. J'ai suivit tous vos conseils. J'utilise maintenant les logiciels recommander par le site. Il faut dire que cet ordi a ete tres peu connecté depuis deux ans, d'ou de grandes faiblesses au niveau protection. Voici mon log et mon impressionnant scan report. Maintenant tout devrait etre en ordre. Merci pour votre aide Logfile of HijackThis v1.99.1 Scan saved at 5:58:31 PM, on 9/10/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://herspace.mail.everyone.net/email/scripts/loginuser.pl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tele2internet.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - fourni par Tele2 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [Mediafour Mac Volume Notifications] "C:\Program Files\Common Files\Mediafour\MACVNTFY.EXE" /auto O4 - HKLM\..\Run: [Outpost Firewall] "C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe" /waitservice O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Getting Started with MacDrive 5.lnk = ? O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1126358272546 O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum - C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe ewido security suite - Scan report --------------------------------------------------------- + Created on: 5:55:55 PM, 9/10/2005 + Report-Checksum: C3A9AD11 + Scan result: HKLM\SOFTWARE\Altnet -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Altnet\ADM -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Altnet\Dashboard -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Altnet\Dashboard\Settings -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Altnet\Dashboard\Setup -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Altnet\Dashboard\Temp Internet Shares -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Altnet\DownloadManager -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Altnet\LocalFiles -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Altnet\TopSearch -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Avenue Media -> Spyware.InternetOptimizer : Cleaned with backup HKLM\SOFTWARE\Avenue Media\Internet Optimizer -> Spyware.InternetOptimizer : Cleaned with backup HKLM\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper -> Spyware.InternetOptimizer : Cleaned with backup HKLM\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper\cf1 -> Spyware.InternetOptimizer : Cleaned with backup HKLM\SOFTWARE\Classes\ADM.ADM -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\ADM.ADM\CLSID -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\ADM.ADM\CurVer -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\ADM25.ADM25 -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\ADM25.ADM25\CurVer -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\ADM4.ADM4 -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\ADM4.ADM4\CurVer -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\ADP.UrlCatcher -> Spyware.BargainBuddy : Cleaned with backup HKLM\SOFTWARE\Classes\ADP.UrlCatcher\CLSID -> Spyware.BargainBuddy : Cleaned with backup HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\AppID\{8B0FEF15-54DC-49F5-8377-8172DE975F75} -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\AppID\{99A8E2B2-3405-4C0D-9110-131C14CAAF62} -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{00000010-6F7D-442C-93E3-4A4827C2E4C8} -> Spyware.InternetOptimizer : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{1D3BCE37-7834-4579-8169-E67681420A98} -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{3646C2BD-3554-49CA-8125-44DEEFB881DE} -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{3f4d4f88-0198-4921-b630-957f3eb814e0} -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{4D1C4E89-A32A-416b-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{4D1C4E8B-A32A-416b-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{4F7681E5-6CAF-478D-9CB8-4CA593BEE7FB} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{630D6140-04C5-4db0-B27A-020D766FF09B} -> Spyware.Need2Find : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{86227D9C-0EFE-4f8a-AA55-30386A3F5686} -> Spyware.YourSiteBar : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{8CBA1B49-8144-4721-A7B1-64C578C9EED7} -> Spyware.SideFind : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} -> Spyware.Mirar : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} -> Spyware.NetNucleus : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8} -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{A7798D6C-C6B5-4F26-9363-F7CDBBFFA607} -> Spyware.SpeedDelivery : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D} -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{C91E8926-D4BE-4685-99F4-0D996B96BAC0} -> Spyware.P2PNetworking : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{DEF37997-D9C9-4A4B-BF3C-88F99EACEEC2} -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{E813099D-5529-47F4-9B37-4AFAFCB00A43} -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{F4E04583-354E-4076-BE7D-ED6A80FD66DA} -> Spyware.BargainBuddy : Cleaned with backup HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj -> Spyware.MoneyTree : Cleaned with backup HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj\CLSID -> Spyware.MoneyTree : Cleaned with backup HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj\CurVer -> Spyware.MoneyTree : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{16097036-894C-4C00-A61F-93CA0D49A70E} -> Spyware.TOPicks : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{1C01D150-91A4-4DE0-9BF8-A35D1BDF1001} -> Spyware.SafeSurfing : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{258A3625-183B-4477-AEE2-EA54DF6D878D} -> Spyware.TOPicks : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{29E825AA-13BC-457C-806A-D72E4A25B3C5} -> Spyware.BrilliantDigital : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{2ED5AF98-9258-45BA-B79B-06625C92F662} -> Spyware.TOPicks : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{339D8AFF-0B42-4260-AD82-78CE605A9543} -> Spyware.SideFind : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{4D1C4E8A-A32A-416B-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{4D1C4E8C-A32A-416B-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{700DC0DD-F409-42E0-9DE5-21EE1A2BA9FD} -> Spyware.TOPicks : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{8EEE58D5-130E-4CBD-9C83-35A0564E5678} -> Spyware.BargainBuddy : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{9D4548CE-92FD-4C6C-AE7F-3DBE3BC763D8} -> Spyware.BrilliantDigital : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{A36A5936-CFD9-4B41-86BD-319A1931887F} -> Spyware.SideFind : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{AD5BC1F0-72D8-44B3-8E3D-8E8FECCE43FB} -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{C6906A23-4717-4E1F-B6FD-F06EBED15678} -> Spyware.BargainBuddy : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{C91E8926-D4BE-4685-99F4-0D996B96BAC0} -> Spyware.P2PNetworking : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{E79DADC6-18D0-4A2A-831F-D196D41F8438} -> Spyware.BrilliantDigital : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{E813099D-5529-47F4-9B37-4AFAFCB00A43} -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{FD42F6D3-7AB1-470C-979B-7996EDC99099} -> Spyware.TOPicks : Cleaned with backup HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin -> Spyware.Need2Find : Cleaned with backup HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin\CLSID -> Spyware.Need2Find : Cleaned with backup HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin\CurVer -> Spyware.Need2Find : Cleaned with backup HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin -> Spyware.Need2Find : Cleaned with backup HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin\CLSID -> Spyware.Need2Find : Cleaned with backup HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin\CurVer -> Spyware.Need2Find : Cleaned with backup HKLM\SOFTWARE\Classes\SigningModule.SigningModule -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\SigningModule.SigningModule\CLSID -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\SigningModule.SigningModule\CurVer -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\TypeLib\{40B1D454-9CA4-43CC-86AA-CB175EAC52FB} -> Spyware.MoneyTree : Cleaned with backup HKLM\SOFTWARE\Classes\TypeLib\{4EB7BBE8-2E15-424B-9DDB-2CDB9516B2C3} -> Spyware.NaviSearch : Cleaned with backup HKLM\SOFTWARE\Classes\TypeLib\{5830698F-7FC0-40CD-A453-9A0CAFDF3A64} -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\TypeLib\{58634367-D62B-4C2C-86BE-5AAC45CDB671} -> Spyware.SideFind : Cleaned with backup HKLM\SOFTWARE\Classes\TypeLib\{676F6D1D-C559-42A9-860B-27C1477B7179} -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\TypeLib\{BFF4F684-677E-44F4-8C74-1D575C950E10} -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\TypeLib\{C5991634-0185-4B0D-B4F9-6C45597962B7} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\TypeLib\{D0288A41-9855-4A9B-8316-BABE243648DA} -> Spyware.SideFind : Cleaned with backup HKLM\SOFTWARE\Classes\TypeLib\{EE79D398-AAAF-47B1-8C9E-11F7D4C9111B} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\XPlugin.XFilter -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\XPlugin.XFilter\CLSID -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\XPlugin.XFilter\CurVer -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\ZToolbar.activator -> Spyware.Azsearch : Cleaned with backup HKLM\SOFTWARE\Classes\ZToolbar.activator\CLSID -> Spyware.Azsearch : Cleaned with backup HKLM\SOFTWARE\Classes\ZToolbar.activator\CurVer -> Spyware.Azsearch : Cleaned with backup HKLM\SOFTWARE\Classes\ZToolbar.ParamWr -> Spyware.Azsearch : Cleaned with backup HKLM\SOFTWARE\Classes\ZToolbar.ParamWr\CLSID -> Spyware.Azsearch : Cleaned with backup HKLM\SOFTWARE\Classes\ZToolbar.ParamWr\CurVer -> Spyware.Azsearch : Cleaned with backup HKLM\SOFTWARE\Classes\ZToolbar.StockBar -> Spyware.Azsearch : Cleaned with backup HKLM\SOFTWARE\Classes\ZToolbar.StockBar\CLSID -> Spyware.Azsearch : Cleaned with backup HKLM\SOFTWARE\Classes\ZToolbar.StockBar\CurVer -> Spyware.Azsearch : Cleaned with backup HKLM\SOFTWARE\Microsoft\SideFind -> Spyware.SideFind : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Need2FindBar Uninstall -> Spyware.Need2Find : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/istactivex.dll -> Spyware.ISTBar : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\AMeOpt -> Spyware.InternetOptimizer : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DyFuCA -> Spyware.MoneyTree : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Optimizer -> Spyware.InternetOptimizer : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Update\{357A87ED-3E5D-437d-B334-DEB7EB4982A3} -> Trojan.Agent.eo : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Kapabout -> Spyware.InternetOptimizer : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Need2FindBar Uninstall -> Spyware.Need2Find : Cleaned with backup HKLM\SOFTWARE\Need2Find -> Spyware.Need2Find : Cleaned with backup HKLM\SOFTWARE\Need2Find\bar -> Spyware.Need2Find : Cleaned with backup HKLM\SOFTWARE\Need2Find\bar\Partner -> Spyware.Need2Find : Cleaned with backup HKLM\SOFTWARE\Policies\Avenue Media -> Spyware.InternetOptimizer : Cleaned with backup HKLM\SOFTWARE\PowerScan -> Spyware.PowerScan : Cleaned with backup HKLM\SOFTWARE\PSguard.com -> Spyware.PSGuard : Cleaned with backup HKLM\SOFTWARE\PSguard.com\PSGuard -> Spyware.PSGuard : Cleaned with backup HKLM\SOFTWARE\TMKSoft -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\TMKSoft\XPlugin -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\VGroup -> Spyware.SAHA : Cleaned with backup HKLM\SOFTWARE\VGroup\SAHPopup -> Spyware.SAHA : Cleaned with backup HKLM\SOFTWARE\YourSiteBar -> Spyware.ISTBar : Error during cleaning HKLM\SOFTWARE\YourSiteBar\Historycompare_item -> Spyware.ISTBar : Error during cleaning HKLM\SOFTWARE\YourSiteBar\Historyfiles -> Spyware.ISTBar : Error during cleaning HKU\.DEFAULT\Software\Avenue Media -> Spyware.InternetOptimizer : Cleaned with backup HKU\.DEFAULT\Software\IST -> Spyware.ISTBar : Cleaned with backup HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Explorer Bars\{8CBA1B49-8144-4721-A7B1-64C578C9EED7} -> Spyware.SideFind : Cleaned with backup HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\AMeOpt -> Spyware.InternetOptimizer : Cleaned with backup HKU\.DEFAULT\Software\Policies\Avenue Media -> Spyware.InternetOptimizer : Cleaned with backup HKU\.DEFAULT\Software\PowerScan -> Spyware.PowerScan : Cleaned with backup HKU\.DEFAULT\Software\salm -> Spyware.180Solutions : Cleaned with backup HKU\S-1-5-21-1229272821-507921405-1060284298-1003\Software\Avenue Media -> Spyware.InternetOptimizer : Cleaned with backup HKU\S-1-5-21-1229272821-507921405-1060284298-1003\Software\IST -> Spyware.ISTBar : Cleaned with backup HKU\S-1-5-21-1229272821-507921405-1060284298-1003\Software\Microsoft\Internet Explorer\Explorer Bars\{8CBA1B49-8144-4721-A7B1-64C578C9EED7} -> Spyware.SideFind : Cleaned with backup HKU\S-1-5-21-1229272821-507921405-1060284298-1003\Software\Need2Find -> Spyware.Need2Find : Cleaned with backup HKU\S-1-5-21-1229272821-507921405-1060284298-1003\Software\Need2Find\bar -> Spyware.Need2Find : Cleaned with backup HKU\S-1-5-21-1229272821-507921405-1060284298-1003\Software\PowerScan -> Spyware.PowerScan : Cleaned with backup HKU\S-1-5-21-1229272821-507921405-1060284298-1003\Software\RX Toolbar -> Spyware.RXToolbar : Cleaned with backup HKU\S-1-5-18\Software\Avenue Media -> Spyware.InternetOptimizer : Cleaned with backup HKU\S-1-5-18\Software\IST -> Spyware.ISTBar : Cleaned with backup HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Explorer Bars\{8CBA1B49-8144-4721-A7B1-64C578C9EED7} -> Spyware.SideFind : Cleaned with backup HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\AMeOpt -> Spyware.InternetOptimizer : Cleaned with backup HKU\S-1-5-18\Software\Policies\Avenue Media -> Spyware.InternetOptimizer : Cleaned with backup HKU\S-1-5-18\Software\PowerScan -> Spyware.PowerScan : Cleaned with backup HKU\S-1-5-18\Software\salm -> Spyware.180Solutions : Cleaned with backup :mozilla.26:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup :mozilla.27:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup :mozilla.28:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup :mozilla.29:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup :mozilla.30:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup :mozilla.35:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup :mozilla.36:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup :mozilla.37:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup :mozilla.38:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup :mozilla.39:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup :mozilla.40:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup :mozilla.41:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup :mozilla.42:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup :mozilla.43:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup :mozilla.44:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup :mozilla.45:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup :mozilla.46:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup :mozilla.47:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup :mozilla.48:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup :mozilla.49:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup :mozilla.50:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup :mozilla.51:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup :mozilla.52:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup :mozilla.53:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup :mozilla.54:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup :mozilla.55:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup :mozilla.56:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup :mozilla.57:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup :mozilla.72:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Weborama : Cleaned with backup :mozilla.73:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Smartadserver : Cleaned with backup :mozilla.106:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Smartadserver : Cleaned with backup :mozilla.107:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Smartadserver : Cleaned with backup :mozilla.112:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Smartadserver : Cleaned with backup :mozilla.119:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Sidefind : Cleaned with backup :mozilla.120:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Sidefind : Cleaned with backup :mozilla.127:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup :mozilla.140:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup :mozilla.141:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup :mozilla.174:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.189:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup :mozilla.190:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup :mozilla.191:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup :mozilla.192:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup :mozilla.193:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Estat : Cleaned with backup :mozilla.194:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Estat : Cleaned with backup :mozilla.223:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup :mozilla.238:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup :mozilla.239:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup :mozilla.240:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup :mozilla.241:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup :mozilla.250:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.253:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup :mozilla.254:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup :mozilla.262:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup :mozilla.277:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup :mozilla.278:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup :mozilla.280:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup :mozilla.295:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup :mozilla.302:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup :mozilla.303:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup :mozilla.304:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup :mozilla.305:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup :mozilla.306:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup :mozilla.307:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup :mozilla.310:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup :mozilla.319:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup :mozilla.322:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup :mozilla.323:C:\Documents and Settings\bulle\Application Data\Mozilla\Firefox\Profiles\bz8wv8v0.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup C:\Documents and Settings\bulle\Application Data\PSGuard.com -> Spyware.PSGuard : Cleaned with backup C:\Documents and Settings\bulle\Application Data\PSGuard.com\PSGuard -> Spyware.PSGuard : Cleaned with backup C:\Documents and Settings\bulle\Application Data\PSGuard.com\PSGuard\Quarantine -> Spyware.PSGuard : Cleaned with backup C:\Documents and Settings\bulle\Application Data\PSGuard.com\PSGuard\Quarantine\Autorun -> Spyware.PSGuard : Cleaned with backup C:\Documents and Settings\bulle\Application Data\PSGuard.com\PSGuard\Quarantine\Autorun\HKCU -> Spyware.PSGuard : Cleaned with backup C:\Documents and Settings\bulle\Application Data\PSGuard.com\PSGuard\Quarantine\Autorun\HKCU\RunOnce -> Spyware.PSGuard : Cleaned with backup C:\Documents and Settings\bulle\Application Data\PSGuard.com\PSGuard\Quarantine\Autorun\HKLM -> Spyware.PSGuard : Cleaned with backup C:\Documents and Settings\bulle\Application Data\PSGuard.com\PSGuard\Quarantine\Autorun\HKLM\RunOnce -> Spyware.PSGuard : Cleaned with backup C:\Documents and Settings\bulle\Application Data\PSGuard.com\PSGuard\Quarantine\Autorun\StartMenuAllUsers -> Spyware.PSGuard : Cleaned with backup C:\Documents and Settings\bulle\Application Data\PSGuard.com\PSGuard\Quarantine\Autorun\StartMenuCurrentUser -> Spyware.PSGuard : Cleaned with backup C:\Documents and Settings\bulle\Application Data\PSGuard.com\PSGuard\Quarantine\BrowserObjects -> Spyware.PSGuard : Cleaned with backup C:\Documents and Settings\bulle\Application Data\PSGuard.com\PSGuard\Quarantine\Packages -> Spyware.PSGuard : Cleaned with backup C:\Documents and Settings\bulle\Cookies\bulle@247realmedia[1].txt -> Spyware.Cookie.247realmedia : Cleaned with backup C:\Documents and Settings\bulle\Cookies\bulle@abetterinternet[1].txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup C:\Documents and Settings\bulle\Cookies\[email protected][1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup C:\Documents and Settings\bulle\Cookies\bulle@advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup C:\Documents and Settings\bulle\Cookies\[email protected][1].txt -> Spyware.Cookie.Falkag : Cleaned with backup C:\Documents and Settings\bulle\Cookies\[email protected][2].txt -> Spyware.Cookie.Falkag : Cleaned with backup C:\Documents and Settings\bulle\Cookies\bulle@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup C:\Documents and Settings\bulle\Cookies\bulle@bluestreak[1].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup C:\Documents and Settings\bulle\Cookies\[email protected][1].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup C:\Documents and Settings\bulle\Cookies\bulle@casalemedia[2].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup C:\Documents and Settings\bulle\Cookies\bulle@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup C:\Documents and Settings\bulle\Cookies\bulle@estat[2].txt -> Spyware.Cookie.Estat : Cleaned with backup C:\Documents and Settings\bulle\Cookies\bulle@fastclick[1].txt -> Spyware.Cookie.Fastclick : Cleaned with backup C:\Documents and Settings\bulle\Cookies\bulle@revenue[2].txt -> Spyware.Cookie.Revenue : Cleaned with backup C:\Documents and Settings\bulle\Cookies\[email protected][1].txt -> Spyware.Cookie.Advertising : Cleaned with backup C:\Documents and Settings\bulle\Cookies\bulle@serving-sys[2].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup C:\Documents and Settings\bulle\Cookies\bulle@statcounter[2].txt -> Spyware.Cookie.Statcounter : Cleaned with backup C:\Documents and Settings\bulle\Cookies\bulle@weborama[1].txt -> Spyware.Cookie.Weborama : Cleaned with backup C:\Documents and Settings\bulle\Cookies\[email protected][1].txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup C:\Documents and Settings\bulle\Cookies\[email protected][2].txt -> Spyware.Cookie.Sidefind : Cleaned with backup C:\Documents and Settings\bulle\Cookies\[email protected][2].txt -> Spyware.Cookie.Smartadserver : Cleaned with backup C:\Documents and Settings\bulle\Local Settings\Temp\iinstall.exe -> TrojanDownloader.IstBar.lq : Cleaned with backup C:\Documents and Settings\bulle\Local Settings\Temp\sidefind.exe -> TrojanDownloader.IstBar.jm : Cleaned with backup C:\Documents and Settings\bulle\Local Settings\Temp\uninstall.exe -> Spyware.SurfAccuracy : Cleaned with backup C:\Documents and Settings\LocalService\Cookies\system@abetterinternet[2].txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\89MN012F\proxy_inst[1].exe -> TrojanDropper.Small.aeq : Cleaned with backup C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\89MN012F\sacc_remove[1].exe -> Spyware.SurfAccuracy : Cleaned with backup C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\89MN012F\sahagent[1].exe -> Adware.SAHA : Cleaned with backup C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\89MN012F\sidefind[1].exe -> TrojanDownloader.IstBar.jm : Cleaned with backup C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CXAJSXUR\istdownload[1].exe -> TrojanDownloader.IstBar.lq : Cleaned with backup C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CXAJSXUR\ysb[1].dll -> Spyware.YourSiteBar : Cleaned with backup C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CXAJSXUR\ysb_prompt[1].php -> TrojanDownloader.IstBar.j : Cleaned with backup C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CXAJSXUR\ysb_prompt[3].php -> TrojanDownloader.IstBar.j : Cleaned with backup C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GTUJ8XYN\876029[1].exe -> Adware.SaveNow : Cleaned with backup C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GTUJ8XYN\istsvc[1].exe -> TrojanDownloader.IstBar : Cleaned with backup C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GTUJ8XYN\prompt[1].php -> TrojanDownloader.IstBar.j : Cleaned with backup C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GTUJ8XYN\ysb_regular[1].cab/ysbactivex.dll -> TrojanDownloader.IstBar : Cleaned with backup C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OD2RGT6J\0006_regular[1].cab/istactivex.dll -> TrojanDownloader.IstBar : Cleaned with backup C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OD2RGT6J\silent_setup[1].exe -> TrojanDropper.Agent.tv : Cleaned with backup C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OD2RGT6J\thin-149-1-x-x[1].exe -> Adware.BetterInternet : Cleaned with backup C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OD2RGT6J\v3cab[1].cab/v3.dll -> Spyware.EliteBar : Cleaned with backup C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OD2RGT6J\ysb_regular[1].cab/ysbactivex.dll -> TrojanDownloader.IstBar : Cleaned with backup C:\Program Files\AVPersonal\INFECTED\optimize.VIR -> TrojanDownloader.Dyfuca.ei : Cleaned with backup C:\Program Files\AVPersonal\INFECTED\runs.VIR -> Backdoor.Rbot.aap : Cleaned with backup C:\Program Files\AVPersonal\INFECTED\runs.VIR00 -> Backdoor.Rbot.aap : Cleaned with backup C:\Program Files\AVPersonal\INFECTED\soff.VIR -> Backdoor.Rbot.xe : Cleaned with backup C:\Program Files\AVPersonal\INFECTED\soff.VIR00 -> Backdoor.Rbot.xe : Cleaned with backup C:\Program Files\AVPersonal\INFECTED\wssock.VIR -> Backdoor.Rbot : Cleaned with backup C:\Program Files\AVPersonal\INFECTED\wssock.VIR00 -> Backdoor.Rbot : Cleaned with backup C:\Program Files\AVPersonal\INFECTED\wssock.VIR01 -> Backdoor.Rbot : Cleaned with backup C:\Program Files\AVPersonal\INFECTED\wssock.VIR02 -> Backdoor.Rbot : Cleaned with backup C:\Program Files\Hijackthis Version Française\backups\backup-20050708-230651-663.dll -> Spyware.MySearch : Cleaned with backup C:\Program Files\Hijackthis Version Française\backups\backup-20050708-230652-661.dll -> Spyware.Azesearch : Cleaned with backup C:\Program Files\Hijackthis Version Française\backups\backup-20050708-230652-807.dll -> TrojanDownloader.WebP2PInstaller : Cleaned with backup C:\Program Files\Hijackthis Version Française\backups\backup-20050708-230652-907.dll -> Spyware.AzSearch : Cleaned with backup C:\Program Files\Hijackthis Version Française\backups\backup-20050901-180514-441.dll -> Spyware.180Solutions : Cleaned with backup C:\Program Files\Hijackthis Version Française\backups\backup-20050909-124339-382.dll -> Adware.BetterInternet : Cleaned with backup C:\Program Files\Hijackthis Version Française\backups\backup-20050909-162041-918.dll -> TrojanDownloader.IstBar : Cleaned with backup C:\Program Files\Hijackthis Version Française\backups\backup-20050909-162042-982.dll -> TrojanDownloader.IstBar : Cleaned with backup C:\Program Files\Hijackthis Version Française\backups\backup-20050910-161225-123.dll -> TrojanDownloader.IstBar : Cleaned with backup C:\Program Files\INSTAFINK -> Spyware.404Search : Cleaned with backup C:\Program Files\INSTAFINK\Cache -> Spyware.404Search : Cleaned with backup C:\Program Files\INSTAFINK\Cache\instafinktb0302.cfg -> Spyware.404Search : Cleaned with backup C:\Program Files\INSTAFINK\Cache\NewCfg -> Spyware.404Search : Cleaned with backup C:\Program Files\INSTAFINK\instafink.dll -> Spyware.404Search : Cleaned with backup C:\Program Files\INSTAFINK\Uninstall.exe -> Spyware.404Search : Cleaned with backup C:\RECYCLER\S-1-5-21-1229272821-507921405-1060284298-1003\Dc20.tmp/y.bat -> Trojan.Zapchast : Cleaned with backup C:\RECYCLER\S-1-5-21-1229272821-507921405-1060284298-1003\Dc21.tmp/y.bat -> Trojan.Zapchast : Cleaned with backup C:\RECYCLER\S-1-5-21-1229272821-507921405-1060284298-1003\Dc22.tmp/y.bat -> Trojan.Zapchast : Cleaned with backup C:\RECYCLER\S-1-5-21-1229272821-507921405-1060284298-1003\Dc23.tmp/y.bat -> Trojan.Zapchast : Cleaned with backup C:\RECYCLER\S-1-5-21-1229272821-507921405-1060284298-1003\Dc25.tmp -> Backdoor.PoeBot.b : Cleaned with backup C:\RECYCLER\S-1-5-21-1229272821-507921405-1060284298-1003\Dc29.tmp -> TrojanDownloader.IstBar.ij : Cleaned with backup C:\WINDOWS\55959718.exe -> Adware.SAHA : Cleaned with backup C:\WINDOWS\876029.exe -> Adware.SaveNow : Cleaned with backup C:\WINDOWS\Downloaded Program Files\v3.dll -> Spyware.EliteBar : Cleaned with backup C:\WINDOWS\imGiant.dll -> Adware.BetterInternet : Cleaned with backup C:\WINDOWS\imgthin.exe -> TrojanDownloader.VB.if : Cleaned with backup C:\WINDOWS\ra.reg -> Trojan.WinREG.LowZones.f : Cleaned with backup C:\WINDOWS\ss_silent.exe -> TrojanDropper.Small.aeq : Cleaned with backup C:\WINDOWS\system32\2searchinstaller.exe/getst.exe -> Spyware.2Search : Cleaned with backup C:\WINDOWS\system32\9o7raajf.dll -> Adware.SAHA : Cleaned with backup C:\WINDOWS\system32\config\systemprofile\Cookies\[email protected][1].txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\G9MROP27\Gateway[1].exe -> Spyware.WinAD : Cleaned with backup C:\WINDOWS\system32\eraseme_56563.exe -> Backdoor.SdBot.aad : Cleaned with backup C:\WINDOWS\system32\m25kfknc.dat -> Trojan.Smitfraud : Cleaned with backup C:\WINDOWS\system32\mshtml-exe.anc -> Backdoor.Rbot : Cleaned with backup C:\WINDOWS\system32\orans.sys -> Trojan.Rootkit.Agent.ae : Cleaned with backup C:\WINDOWS\system32\p7v1evhq.exe -> Adware.SAHA : Cleaned with backup C:\WINDOWS\system32\TFTP1392 -> Backdoor.Rbot : Cleaned with backup C:\WINDOWS\Temp\180SAAX.cab/clientax.dll -> Spyware.180Solutions : Cleaned with backup C:\WINDOWS\Temp\B1DJJC7G.dll -> Adware.SAHA : Cleaned with backup C:\WINDOWS\Temp\bb.exe -> TrojanDownloader.Adload.a : Cleaned with backup C:\WINDOWS\Temp\clientax.dll -> Spyware.180Solutions : Cleaned with backup C:\WINDOWS\Temp\ICD1.tmp\ysbactivex.dll -> TrojanDownloader.IstBar : Cleaned with backup C:\WINDOWS\Temp\iinstall.exe -> TrojanDownloader.IstBar.lq : Cleaned with backup C:\WINDOWS\Temp\sahagent.exe -> Adware.SAHA : Cleaned with backup C:\WINDOWS\Temp\sidefind.exe -> TrojanDownloader.IstBar.jm : Cleaned with backup C:\WINDOWS\Temp\THI1BD.tmp\imGiant.cab/imGiant.dll -> Adware.BetterInternet : Cleaned with backup C:\WINDOWS\Temp\THI1BD.tmp\imGiant.dll -> Adware.BetterInternet : Cleaned with backup C:\WINDOWS\Temp\update.exe -> Adware.SAHA : Cleaned with backup C:\WINDOWS\wordpad.exe -> Backdoor.SdBot.aad : Cleaned with backup C:\WINDOWS\y.bat -> Trojan.Zapchast : Cleaned with backup F:\DVD MUSIC PC\BMPCHS_1\kit\cyberpress.exe -> Dialer.Generic : Cleaned with backup F:\DVD MUSIC PC\BMPCHS_1\kit\hotpc.exe -> Dialer.Generic : Cleaned with backup F:\DVD MUSIC PC\BMPCHS_1\kit\internetx.exe -> Dialer.Generic : Cleaned with backup ::Report End
  3. Voila, je pense que l'essentiel est parti. Il y a une petite chose qui me chagrine. J'ai voulu desintaller norton pour installer un autre antivirus, mais la desintallation a planter en cours de route. J'ai retire ce qu'il restait a la main et enlever les lignes de demmarage dans highjack. Mais il en reste toujours un peu. Et avast continu de me dire qui ne met pas en route certaines fonction parceque norton est actif. Auriez vous une idee? sinon voici mon nouveau log propre je pense. of HijackThis v1.99.1 Scan saved at 10:22:39 AM, on 9/10/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://herspace.mail.everyone.net/email/scripts/loginuser.pl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tele2internet.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - fourni par Tele2 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [Mediafour Mac Volume Notifications] "C:\Program Files\Common Files\Mediafour\MACVNTFY.EXE" /auto O4 - HKLM\..\Run: [tyack drive] tyack.pif O4 - HKLM\..\Run: [Outpost Firewall] "C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe" /waitservice O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\RunServices: [tyack drive] tyack.pif O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Getting Started with MacDrive 5.lnk = ? O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://216.127.33.119/ist/softwares/v4.0/ysb_regular.cab O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum - C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
  4. bonjour, J'ai quelque petits probleme de logiciels tres indesirable qui ce reinstable tout le temps et ralentissent considerablement mon ordinateur. J'ai tout cleaner en mode sans echec, voici donc mon log. Merci a ceux qui pourrait y jeter un oeil. Logfile of HijackThis v1.99.1 Scan saved at 1:53:42 PM, on 9/9/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://herspace.mail.everyone.net/email/scripts/loginuser.pl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tele2internet.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - fourni par Tele2 R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [sBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe O4 - HKLM\..\Run: [*Wssock] wssock.exe O4 - HKLM\..\Run: [Microsoftf DDEs Control] soff.pif O4 - HKLM\..\Run: [Microsoftf DDos Contr0l] runs.pif O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Mediafour Mac Volume Notifications] "C:\Program Files\Common Files\Mediafour\MACVNTFY.EXE" /auto O4 - HKLM\..\Run: [Microsoft Extension Handler] mshtml.exe O4 - HKLM\..\Run: [Microsoftx turn Control] ried.pif O4 - HKLM\..\Run: [sWOD] C:\WINDOWS\SWOD.exe O4 - HKLM\..\Run: [system service65] C:\WINDOWS\etb\pokapoka65.exe O4 - HKLM\..\Run: [elos] C:\WINDOWS\SWOD.exe O4 - HKLM\..\Run: [iST Service] C:\Program Files\ISTsvc\istsvc.exe O4 - HKLM\..\Run: [jrnp0k98] C:\WINDOWS\System32\jrnp0k98.exe O4 - HKLM\..\RunServices: [*Wssock] wssock.exe O4 - HKLM\..\RunServices: [Microsoftf DDEs Control] soff.pif O4 - HKLM\..\RunServices: [Microsoftf DDos Contr0l] runs.pif O4 - HKLM\..\RunServices: [Microsoft Extension Handler] mshtml.exe O4 - HKLM\..\RunServices: [Microsoftx turn Control] ried.pif O4 - HKLM\..\RunOnce: [DeleteYourSiteBar] rundll32.exe advpack.dll,DelNodeRunDLL32 "C:\Program Files\YourSiteBar\ysb.dll" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [*Wssock] wssock.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Getting Started with MacDrive 5.lnk = ? O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll O15 - Trusted Zone: *.media-motor.net O15 - Trusted Zone: *.popuppers.com O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://216.127.33.119/ist/softwares/v4.0/ysb_regular.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1125582721757 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1125582984805 O16 - DPF: {7149E79C-DC19-4C5E-A53C-A54DDF75EEE9} (IObjSafety.DemoCtl) - http://cabs.media-motor.net/cabs/joysaver.cab O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4...006_regular.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe O23 - Service: netinfo - Unknown owner - C:\WINDOWS\netinfo.exe (file missing) O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: tsecure - Unknown owner - C:\WINDOWS\tsecure.exe (file missing) O23 - Service: wordpad - Unknown owner - C:\WINDOWS\wordpad.exe
  5. Super super. Ca marche. Merci docteur. Je me sens beaucoup mieux. Et bravo pour ce forum qui est tres accueillant. Bonne continuation a tous. Emmanuelle
  6. Ok merci stonangel. Je vais essayer tout ça.
  7. A oui et aussi. Je n'ai pas trouvé le fichier C:\WINDOWS\system32\tmksrvu.exe
  8. Voila j'ai fait ce que tu m'as dit. Il y a des ameliorations. Mon fond d'ecran est bleu uni (plus d'erreur fatal dessus) Mais je n'ai toujours pas acces a mes propriétés. Une idée?
  9. aussi j'ai bien essayé 2 fois de downloader l'antivirus que vous conseillez (avec le parapluie). Mais quand je double clic sur le fichiers d'instalation on me dit que mon fichier est endommagé.... hum J'ai une conection téléphone alors ca met chaque fois pas mal de temps.
  10. oulala Beaucoup de desordre. Pourquoi norton ne voit rien. pourtant il est parfaitement ajour. Spyware:Spyware/Altnet No disinfected C:\Documents and Settings\bulle\Local Settings\Temp\asmfiles.cab Spyware:Spyware/Altnet No disinfected C:\Documents and Settings\bulle\Local Settings\Temp\asmfiles.cab[asm.exe] Spyware:Spyware/Altnet No disinfected C:\Documents and Settings\bulle\Local Settings\Temp\asmfiles.cab[asmps.dll] Adware:Adware/P2PNetworking No disinfected C:\Documents and Settings\bulle\Local Settings\Temp\p2psetup.exe Spyware:Spyware/Altnet No disinfected C:\Program Files\Altnet\Download Manager\adm25.dll Spyware:Spyware/Altnet No disinfected C:\Program Files\Altnet\Download Manager\adm4.dll Spyware:Spyware/Altnet No disinfected C:\Program Files\Altnet\Download Manager\adm4005.exe Spyware:Spyware/Altnet No disinfected C:\Program Files\Altnet\Download Manager\admdata.dll Spyware:Spyware/Altnet No disinfected C:\Program Files\Altnet\Download Manager\admdloader.dll Spyware:Spyware/Altnet No disinfected C:\Program Files\Altnet\Download Manager\admfdi.dll Spyware:Spyware/Altnet No disinfected C:\Program Files\Altnet\Download Manager\admprog.dll Spyware:Spyware/Altnet No disinfected C:\Program Files\Altnet\Download Manager\altnetuninstall.exe Spyware:Spyware/Altnet No disinfected C:\Program Files\Altnet\Download Manager\asm.exe Spyware:Spyware/Altnet No disinfected C:\Program Files\Altnet\Download Manager\asmend.exe Spyware:Spyware/Altnet No disinfected C:\Program Files\Altnet\Download Manager\asmps.dll Spyware:Spyware/Altnet No disinfected C:\Program Files\Altnet\Points Manager\Points Manager.exe Spyware:Spyware/Altnet No disinfected C:\Program Files\Altnet\Points Manager\sysdetect.dll Adware:Adware/BrilliantDigitalNo disinfected C:\Program Files\Common Files\Wise Installation Wizard\WIS4574B9B383144C0F88634796CC739CEF_2_0_2_1.MSI[unk_0021][bdcore.dll] Adware:Adware/Need2Find No disinfected C:\Program Files\Hijackthis Version Française\backups\backup-20050708-230651-663.dll Adware:Adware/AzeSearch No disinfected C:\Program Files\Hijackthis Version Française\backups\backup-20050708-230652-661.dll Adware:Adware/P2PNetworking No disinfected C:\Program Files\Hijackthis Version Française\backups\backup-20050708-230652-807.dll Adware:Adware/InstaFinder No disinfected C:\Program Files\INSTAFINK\InstaFinderK_inst.exe Adware:Adware/InstaFinder No disinfected C:\Program Files\INSTAFINK\instafink.dll Adware:Adware/TopSearch No disinfected C:\Program Files\Kazaa\TopSearch.dll Adware:Adware/BrilliantDigitalNo disinfected C:\Program Files\KaZaA Lite\bdcore.dll Spyware:Spyware/Altnet No disinfected C:\WINDOWS\smdat32a.sys Adware:Adware/Twain-Tech No disinfected C:\WINDOWS\smdat32m.sys Adware:Adware/P2PNetworking No disinfected C:\WINDOWS\system32\P2P Networking v126.cpl Adware:Adware/XPlugin No disinfected C:\WINDOWS\system32\sysupd1003.exe Adware:Adware/Admess No disinfected C:\WINDOWS\system32\TCPService2.exe Adware:Adware/XPlugin No disinfected C:\WINDOWS\system32\tksrv99.exe Virus:Trj/Downloader.WE Disinfected C:\WINDOWS\system32\tmksrvu.exe Adware:Adware/Admess No disinfected C:\WINDOWS\system32\tmp3.txt Adware:Adware/Admess No disinfected C:\WINDOWS\system32\uc1362.exe Adware:Adware/Admess No disinfected C:\WINDOWS\system32\ucsi.exe Adware:Adware/Admess No disinfected C:\WINDOWS\system32\ucsl.exe Adware:Adware/Smitfraud No disinfected C:\WINDOWS\system32\wp.bmp Adware:Adware/Admess No disinfected C:\WINDOWS\system32\WStart.dll Adware:Adware/XPlugin No disinfected C:\WINDOWS\system32\xplugin.dll Adware:Adware/InstaFinder No disinfected C:\WINDOWS\Temp\Adware\InstaFinderK_inst.exe Spyware:Spyware/Altnet No disinfected C:\WINDOWS\Temp\Altnet\adm.exe Spyware:Spyware/Altnet No disinfected C:\WINDOWS\Temp\Altnet\adm25.dll Spyware:Spyware/Altnet No disinfected C:\WINDOWS\Temp\Altnet\adm4.dll Spyware:Spyware/Altnet No disinfected C:\WINDOWS\Temp\Altnet\admdata.dll Spyware:Spyware/Altnet No disinfected C:\WINDOWS\Temp\Altnet\admdloader.dll Spyware:Spyware/Altnet No disinfected C:\WINDOWS\Temp\Altnet\admfdi.dll Spyware:Spyware/Altnet No disinfected C:\WINDOWS\Temp\Altnet\admprog.dll Spyware:Spyware/Altnet No disinfected C:\WINDOWS\Temp\Altnet\dmfiles.cab Spyware:Spyware/Altnet No disinfected C:\WINDOWS\Temp\Altnet\dmfiles.cab[AltnetUninstall.exe] Spyware:Spyware/Altnet No disinfected C:\WINDOWS\Temp\Altnet\dmfiles.cab[asmend.exe] Spyware:Spyware/Altnet No disinfected C:\WINDOWS\Temp\Altnet\pmexe.cab Spyware:Spyware/Altnet No disinfected C:\WINDOWS\Temp\Altnet\pmexe.cab[Points Manager.exe] Spyware:Spyware/Altnet No disinfected C:\WINDOWS\Temp\Altnet\pmfiles.cab Spyware:Spyware/Altnet No disinfected C:\WINDOWS\Temp\Altnet\pmfiles.cab[sysdetect.dll] Spyware:Spyware/Altnet No disinfected C:\WINDOWS\Temp\Altnet\Setup.exe
  11. et bien oui. En fait j'ai, je pense, w32.desktophijack sur mon ordi (ecran bleu erreur fatal en fond d'ecran, pas acces au propriete d'ecran). Je croix que j'ai aussi mydoom. Il revient regulierement sur mes fichiers de restauration de windows. Je viens d'ailleurs de desactiver le systeme de restaurations. voila. Qu'n penses tu?
  12. bonjour, voili voilo, j'ai fait ce que tu m'a dit. Mis a part le fichier C:\WINDOWS\System32\taskmon.exe que je n'ai pas trouvé. Il y en a un qui s'apelle taskman. Mais dans le doute je ne l'ai pas touché.... sinon il y a egalement WS_FTP Pro qui est logiciel de transfert htp. Bon je ne m'en sert pas. J'ai donc commencer a le retirer manuellement. Il y des fichiers qui n'ont pas voulu partir. J'aurais du le retirer avec ajout supression de programme. Mais bon c'est trop tard. J'imagine que c'est pas tres grave. Tu m'a egalement dit de retirer, dans hijackthis un truc concernant macdrive. ca c'est un driver pour un disque dur mac et pc. Je l'ai retirer dans le doute qu'il puisse avoir un rapport avec un probleme. Bon mais a priori je ne pense pas. Voila, voici donc mon nouveau log tout frais. Logfile of HijackThis v1.99.1 Scan saved at 11:32:32 PM, on 7/8/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tele2internet.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - fourni par Tele2 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [sBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://c:\windows\GoogleToolbar1.dll/cmtrans.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\System32\Tablet.exe
  13. Rebonjour, me revoila apres les etapes de nettoyages. J'ai eut pas mal de problemes. Le logiciel pour nettoyer le disque dur a bloqué sur un fichier plus d'une heure. Prise d'impatience j'ai decidé de jeter les fichiers a la main. Concernant l'anti virus que tu m'a conseillé. Je l'ai telecharger mais le .zip etait endommagé. Le probleme c'est que j'ai une connection telephone hyper lente et honereuse. A la place j'ai lancer norton qui est up to date. Sinon en revenant en mode normal et sur internet, j'ai directement une un message de norton a propos de W32.Desktophijack. Bon cela dit, c'est monnaie courante sur mn ordi..... Voila donc le nouveau log Merci a tout ceux qui peuvent m'aider gfile of HijackThis v1.99.1 Scan saved at 4:49:06 PM, on 7/8/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://hot-searches.com/search.php?v=6&aff=8555849 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://hot-searches.com/index.php?v=6&aff=8555849 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hot-searches.com/index.php?v=6&aff=8555849 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tele2internet.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - fourni par Tele2 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *hot-searches.com*;*lender-search.com* O1 - Hosts file is located at: C:\WINDOWS\nsdb\hosts O1 - Hosts: 82.179.166.164 lender-search.com O1 - Hosts: 82.179.166.165 hot-searches.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\WS_FTP Pro\wsbho2K0.dll O2 - BHO: WHttpHelper Class - {9896231A-C487-43A5-8369-6EC9B0A96CC0} - C:\WINDOWS\System32\WStart.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: ZToolbar Activator Class - {da7ff3f8-08be-4cac-bc00-94d91c6ae7f4} - C:\WINDOWS\pumba3.dll O2 - BHO: AddressBar Class - {f65b197f-8260-4d52-909a-f70118e646eb} - C:\WINDOWS\system32\iasada.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Search Toolbar - {a19ef336-01d4-48e6-926a-fe7e1c747aed} - C:\WINDOWS\pumba3.dll O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [internet Explorer Library] C:\WINDOWS\system32\ieupdates.exe O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [sBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Mediafour Mac Volume Notifications] "C:\Program Files\Common Files\Mediafour\MACVNTFY.EXE" /auto O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TaskMon] C:\WINDOWS\System32\taskmon.exe O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART O4 - HKLM\..\Run: [PSGuard] C:\Program Files\PSGuard\PSGuard.exe O4 - HKLM\..\Run: [Win32] C:\Win32\dll\Win32k.exe -starthide C:\Win32\dll\Win32.exe -local O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Getting Started with MacDrive 5.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Search - http://ka.bar.need2find.com/KA/menusearch.html?p=KA O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://c:\windows\GoogleToolbar1.dll/cmtrans.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll O14 - IERESET.INF: START_PAGE_URL=http://www.tele2internet.fr O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) - O18 - Filter: text/html - {4F7681E5-6CAF-478D-9CB8-4CA593BEE7FB} - C:\WINDOWS\System32\xplugin.dll O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\System32\Tablet.exe
  14. bonjour, Quelqu'un pourrait il m'interpreter mon log? En fait, je suis virusé de partout. J'ai deja viré mes fichiers internet temporaire. Fait plusieurs scan avec la version mise a jour de norton Ainsi que despywarisé la bete. Mais j'ai de mechants virus qui collent de type mydoom, trojan et autres. Donc voici mon log. Je ne sais pas si c'est la demarche a suivre. Merci beaucoup Logfile of HijackThis v1.99.1 Scan saved at 12:10:02 PM, on 7/8/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\NavNT\defwatch.exe C:\Program Files\NavNT\rtvscan.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\Mixer.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\System32\Tablet.exe C:\Program Files\NavNT\vptray.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE C:\WINDOWS\System32\CTHELPER.EXE C:\Program Files\Common Files\Mediafour\MACVNTFY.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe C:\Program Files\Ahead\InCD\InCD.exe C:\WINDOWS\System32\P2P Networking\P2P Networking.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe c:\win32\dll\win32.exe C:\WINDOWS\System32\MsgSys.EXE C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://hot-searches.com/search.php?v=6&aff=8555849 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://hot-searches.com/index.php?v=6&aff=8555849 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hot-searches.com/index.php?v=6&aff=8555849 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tele2internet.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - fourni par Tele2 O1 - Hosts file is located at: C:\WINDOWS\nsdb\hosts O1 - Hosts: 82.179.166.164 lender-search.com O1 - Hosts: 82.179.166.165 hot-searches.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\WS_FTP Pro\wsbho2K0.dll O2 - BHO: WHttpHelper Class - {9896231A-C487-43A5-8369-6EC9B0A96CC0} - C:\WINDOWS\System32\WStart.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: ZToolbar Activator Class - {da7ff3f8-08be-4cac-bc00-94d91c6ae7f4} - C:\WINDOWS\pumba3.dll O2 - BHO: AddressBar Class - {f65b197f-8260-4d52-909a-f70118e646eb} - C:\WINDOWS\system32\iasada.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Search Toolbar - {a19ef336-01d4-48e6-926a-fe7e1c747aed} - C:\WINDOWS\pumba3.dll O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [internet Explorer Library] C:\WINDOWS\system32\ieupdates.exe O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [sBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Mediafour Mac Volume Notifications] "C:\Program Files\Common Files\Mediafour\MACVNTFY.EXE" /auto O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TaskMon] C:\WINDOWS\System32\taskmon.exe O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART O4 - HKLM\..\Run: [PSGuard] C:\Program Files\PSGuard\PSGuard.exe O4 - HKLM\..\Run: [Win32] C:\Win32\dll\Win32k.exe -starthide C:\Win32\dll\Win32.exe -local O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Getting Started with MacDrive 5.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Search - http://ka.bar.need2find.com/KA/menusearch.html?p=KA O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://c:\windows\GoogleToolbar1.dll/cmtrans.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll O14 - IERESET.INF: START_PAGE_URL=http://www.tele2internet.fr O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://en.install.pixnetwork.com/install.exe O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU-newOCX/ocx/12110/CTSUEng.cab O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) - O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/18e5e54a89b119c14f22/...ip/RdxIE601.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab O16 - DPF: {A7798D6C-C6B5-4F26-9363-F7CDBBFFA607} (download Class) - http://www.gigex.com/ActiveX/vxpspeeddelivery.dll O16 - DPF: {E0B795B4-FD95-4ABD-A375-27962EFCE8CF} (StarInstall Control) - http://install.serviceurl.de/StarInstall.ocx O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU-newOCX/ocx/12110/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{57B4AF35-74EA-47DB-9E7F-1667474D499B}: NameServer = 212.151.136.246 130.244.127.161 O18 - Filter: text/html - {4F7681E5-6CAF-478D-9CB8-4CA593BEE7FB} - C:\WINDOWS\System32\xplugin.dll O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\System32\Tablet.exe
×
×
  • Créer...