Problème Avast et Spybot

Ghis76 Messages postés 21 Statut Membre -  
 Utilisateur anonyme -
Bonjour,
J'ai un gros problème et je ne sais comment le résoudre, Svp, si
vous pouviez m'aider.
J'ai voulu installé le logiciel Avast, au début il a fonctioné quelques
heures et comme il n'était pas sur toutes les sessions de l'ordi, nous avons essayé de le mettre en partager et depuis plus rien impossible de le faire fonctionner même en le réinstallant, j'ai constater que mon logiciel Spybot est également vide, alors qu'il fonctionnait correctement. Même si je le réinstalle il reste vide.
Actuellement mon ordi n'a plus d'anti virus.
J'ai windows Xp2, et j'ai utilisé le logiciel Hijackthis, je ne sais pas si cela vous sera utile, mais voici le rapport
You can reference this log by going to: http://hjt.networktechs.com/parse.php?log=323566
--------------------------------------------------------------------------------
Logfile of HijackThis v1.99.1Up To Date Version of HijackThis
You are using the latest version of HijackThis. Check www.merijn.org frequently for updates.
Scan saved at 09:42:19, on 18/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exeSmss.exe
What is it?
Session Manager SubSystem - smss.exe

What does it do?
smss.exe - This is the session manager subsystem, which is responsible for starting the user session. This process is initiated by the system thread and is responsible for various activities, including launching the Winlogon and Win32 (Csrss.exe) processes and setting system variables. After it has launched these processes, it waits for either Winlogon or Csrss to end. If this happens "normally," the system shuts down; if it happens unexpectedly, Smss.exe causes the system to stop responding (hang).

Additional Reading:
Smss.exe does not resolve forward references in environment

You will not be able to end this through task manager!

More info

--------------------------------------------------------------------------------

Virus Precaution:

The smss.exe which is from Microsoft is located at c:windowsSystem32smss.exe . We've been able to find several viruses that run as smss to trick you.

Adware.Advision - Symantec Corporation
Adware.DreamAd - Symantec Corporation
Backdoor.IRC.Aladinz.O - Symantec Corporation
Backdoor.IRC.Flood.F - Symantec Corporation
W32.Dalbug.Worm - Symantec Corporation
W32.Resdoc - Symantec Corporation
C:\WINDOWS\system32\winlogon.exeWinlogon.exe

What is it?
Windows Logon Process - Winlogon.exe

What does it do?
Direct Quote from here:
This is the process responsible for managing user logon and logoff. Moreover, Winlogon is active only when the user presses CTRL+ALT+DEL, at which point it shows the security dialog box.

Search MS for more info: Link

Virus Precaution:
The original Winlogon.exe from Microsoft gets placed in the C:WINDOWSSystem32 directory. if you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses. We've been able to find only 1 report of a virus so far.

Troj/Madr-B @ Sophos
Netsky.D @ Trend Micro
C:\WINDOWS\system32\services.exeservices.exe
services.exe is a part of Windows that manages the processes. Anytime a service starts or stops it is through services.exe. During system startup and shutdown is when this process sees most of its action. You should never end this process unless it is running outside of your windows system folder.

C:\WINDOWS\system32\lsass.exelsass.exe
What is it?
Local Security Authentication Server - lsass.exe

What does it do?
lsass.exe - It generates the process responsible for authenticating users for the Winlogon service. This process is performed by using authentication packages such as the default Msgina.dll. If authentication is successful, Lsass generates the user's access token, which is used to launch the initial shell. Other processes that the user initiates inherit this token.

You will not be able to end this through task manager!

From MS

--------------------------------------------------------------------------------

The lsass.exe which is from Microsoft is located at c:windowsSystem32lsass.exe . there's a few viruses that have been found to run as lsass.exe to hide from you.
C:\WINDOWS\system32\svchost.exeSvchost.exe

What is it?
Service Host Process - svchost.exe

What does it do?

Here's a direct quote from MS about this: (source)
Svchost.exe is a generic host process name for services that are run from dynamic-link libraries (DLLs). The Svchost.exe file is located in the %SystemRoot%System32 folder. At startup, Svchost.exe checks the services portion of the registry to construct a list of services that it needs to load. There can be multiple instances of Svchost.exe running at the same time. Each Svchost.exe session can contain a grouping of services, so that separate services can be run depending on how and where Svchost.exe is started. This allows for better control and debugging.

Svchost.exe groups are identified in the following registry key:

HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionSvchost

Each value under this key represents a separate Svchost group and is displayed as a separate instance when you are viewing active processes. Each value is a REG_MULTI_SZ value and contains the services that run under that Svchost group. Each Svchost group can contain one or more service_names extracted from the following registry key, whose Parameters key contains a ServiceDLL value:

HKEY_LOCAL_MACHINESystemCurrentControlSetServicesService

If you're running Windows XP Home edition then you'll have to download this file HERE and put it in your windows/system32 directory. If you're running XP Pro then you won't need that file since you already have it.

1.) Start --> Run --> cmd
2.) Tasklist /svc >C:ianaginfo.txt

Here's an example of what I got when I issued this command if you'd like to take a look at an example.

A Description of Svchost.exe in Windows XP:
https://support.microsoft.com/en-us/windows?ui=en-US&rs=en-001&ad=US

More Info
More Info

Virus Precaution:
The original file from Microsoft gets placed in the Located in C:WINDOWSSystem32 directory. If you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses.

C:\WINDOWS\System32\svchost.exeSvchost.exe

What is it?
Service Host Process - svchost.exe

What does it do?

Here's a direct quote from MS about this: (source)
Svchost.exe is a generic host process name for services that are run from dynamic-link libraries (DLLs). The Svchost.exe file is located in the %SystemRoot%System32 folder. At startup, Svchost.exe checks the services portion of the registry to construct a list of services that it needs to load. There can be multiple instances of Svchost.exe running at the same time. Each Svchost.exe session can contain a grouping of services, so that separate services can be run depending on how and where Svchost.exe is started. This allows for better control and debugging.

Svchost.exe groups are identified in the following registry key:

HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionSvchost

Each value under this key represents a separate Svchost group and is displayed as a separate instance when you are viewing active processes. Each value is a REG_MULTI_SZ value and contains the services that run under that Svchost group. Each Svchost group can contain one or more service_names extracted from the following registry key, whose Parameters key contains a ServiceDLL value:

HKEY_LOCAL_MACHINESystemCurrentControlSetServicesService

If you're running Windows XP Home edition then you'll have to download this file HERE and put it in your windows/system32 directory. If you're running XP Pro then you won't need that file since you already have it.

1.) Start --> Run --> cmd
2.) Tasklist /svc >C:ianaginfo.txt

Here's an example of what I got when I issued this command if you'd like to take a look at an example.

A Description of Svchost.exe in Windows XP:
https://support.microsoft.com/en-us/windows?ui=en-US&rs=en-001&ad=US

More Info
More Info

Virus Precaution:
The original file from Microsoft gets placed in the Located in C:WINDOWSSystem32 directory. If you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses.

C:\WINDOWS\system32\svchost.exeSvchost.exe

What is it?
Service Host Process - svchost.exe

What does it do?

Here's a direct quote from MS about this: (source)
Svchost.exe is a generic host process name for services that are run from dynamic-link libraries (DLLs). The Svchost.exe file is located in the %SystemRoot%System32 folder. At startup, Svchost.exe checks the services portion of the registry to construct a list of services that it needs to load. There can be multiple instances of Svchost.exe running at the same time. Each Svchost.exe session can contain a grouping of services, so that separate services can be run depending on how and where Svchost.exe is started. This allows for better control and debugging.

Svchost.exe groups are identified in the following registry key:

HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionSvchost

Each value under this key represents a separate Svchost group and is displayed as a separate instance when you are viewing active processes. Each value is a REG_MULTI_SZ value and contains the services that run under that Svchost group. Each Svchost group can contain one or more service_names extracted from the following registry key, whose Parameters key contains a ServiceDLL value:

HKEY_LOCAL_MACHINESystemCurrentControlSetServicesService

If you're running Windows XP Home edition then you'll have to download this file HERE and put it in your windows/system32 directory. If you're running XP Pro then you won't need that file since you already have it.

1.) Start --> Run --> cmd
2.) Tasklist /svc >C:ianaginfo.txt

Here's an example of what I got when I issued this command if you'd like to take a look at an example.

A Description of Svchost.exe in Windows XP:
https://support.microsoft.com/en-us/windows?ui=en-US&rs=en-001&ad=US

More Info
More Info

Virus Precaution:
The original file from Microsoft gets placed in the Located in C:WINDOWSSystem32 directory. If you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses.

C:\WINDOWS\system32\spoolsv.exeSpoolsv.exe

What is it?
SPOOLer SerVice - spoolsv.exe

What does it do?
spoolsv.exe - The spooler service is responsible for managing spooled print/fax jobs

You will be able to end this through task manager!

More info

--------------------------------------------------------------------------------

Virus Precaution:
The spoolsv.exe which is from Microsoft is located at c:windowsSystem32spoolsv.exe . We've been able to find several viruses that run as spoolsv to trick you.

Backdoor.Ciadoor.B - Symantec Corporation
Hacktool.Privshell - Symantec Corporation
VBS.Masscal.Worm (vbs) - Symantec Corporation
Graybird-A @ Sophos

C:\Program Files\Executive Software\DiskeeperLite\DKService.exeDkService.exe
DkService.exe is Executive Software's diskeeper. It is the best hard drive disk defragmentation program I've found. In NT based OS's this file will be run as a service and is used for a users sheduled disk defragmentation. It is good to have your drive scheduled to defrag at least once a week at a time when you know you'll be in bed.
C:\WINDOWS\System32\FTRTSVC.exeFTRTSVC.exe
We Don't know! Please post a comment with information about this file
C:\WINDOWS\System32\svchost.exeSvchost.exe

What is it?
Service Host Process - svchost.exe

What does it do?

Here's a direct quote from MS about this: (source)
Svchost.exe is a generic host process name for services that are run from dynamic-link libraries (DLLs). The Svchost.exe file is located in the %SystemRoot%System32 folder. At startup, Svchost.exe checks the services portion of the registry to construct a list of services that it needs to load. There can be multiple instances of Svchost.exe running at the same time. Each Svchost.exe session can contain a grouping of services, so that separate services can be run depending on how and where Svchost.exe is started. This allows for better control and debugging.

Svchost.exe groups are identified in the following registry key:

HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionSvchost

Each value under this key represents a separate Svchost group and is displayed as a separate instance when you are viewing active processes. Each value is a REG_MULTI_SZ value and contains the services that run under that Svchost group. Each Svchost group can contain one or more service_names extracted from the following registry key, whose Parameters key contains a ServiceDLL value:

HKEY_LOCAL_MACHINESystemCurrentControlSetServicesService

If you're running Windows XP Home edition then you'll have to download this file HERE and put it in your windows/system32 directory. If you're running XP Pro then you won't need that file since you already have it.

1.) Start --> Run --> cmd
2.) Tasklist /svc >C:ianaginfo.txt

Here's an example of what I got when I issued this command if you'd like to take a look at an example.

A Description of Svchost.exe in Windows XP:
https://support.microsoft.com/en-us/windows?ui=en-US&rs=en-001&ad=US

More Info
More Info

Virus Precaution:
The original file from Microsoft gets placed in the Located in C:WINDOWSSystem32 directory. If you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses.

C:\WINDOWS\system32\nvsvc32.exenvsvc32.exe
What is it?
NVIDIA Driver Helper Service - nvsvc32.exe

What does it do?
nvsvc32.exe - For all of you that have video cards that utilize one of the Nvidia chipsets running under Windows NT4/2k/XP/2k3 they install a driver help service. We have emailed Nvidia asking them about this but haven't been able to get a response. I was able to to end this task without any issues.

There have been a number of reports that say this service is the root of some nasty shutdown slowdowns! Even though I haven't experienced this personally, Black Viper is a source that I trust and he has stated this service has caused extreme slowdowns during shutdown.

There's been a number of rumors posted that state that this is some form of spyware. I have not found it to transmit any form of data while I've been using it. I also don't believe Nvidia is stupid enough to package spyware and send it to their massive installation base.

You'll want to visit nvidia.com for more information about them and their products. You may also want to download the latest drivers from them.

Virus Precaution:
nvsvc32.exe is located at c:windowsSystem32 vsvc32.exe . We've been unable to find any threats that run as nvsvc32.exe to trick you.

C:\WINDOWS\system32\svchost.exeSvchost.exe

What is it?
Service Host Process - svchost.exe

What does it do?

Here's a direct quote from MS about this: (source)
Svchost.exe is a generic host process name for services that are run from dynamic-link libraries (DLLs). The Svchost.exe file is located in the %SystemRoot%System32 folder. At startup, Svchost.exe checks the services portion of the registry to construct a list of services that it needs to load. There can be multiple instances of Svchost.exe running at the same time. Each Svchost.exe session can contain a grouping of services, so that separate services can be run depending on how and where Svchost.exe is started. This allows for better control and debugging.

Svchost.exe groups are identified in the following registry key:

HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionSvchost

Each value under this key represents a separate Svchost group and is displayed as a separate instance when you are viewing active processes. Each value is a REG_MULTI_SZ value and contains the services that run under that Svchost group. Each Svchost group can contain one or more service_names extracted from the following registry key, whose Parameters key contains a ServiceDLL value:

HKEY_LOCAL_MACHINESystemCurrentControlSetServicesService

If you're running Windows XP Home edition then you'll have to download this file HERE and put it in your windows/system32 directory. If you're running XP Pro then you won't need that file since you already have it.

1.) Start --> Run --> cmd
2.) Tasklist /svc >C:ianaginfo.txt

Here's an example of what I got when I issued this command if you'd like to take a look at an example.

A Description of Svchost.exe in Windows XP:
https://support.microsoft.com/en-us/windows?ui=en-US&rs=en-001&ad=US

More Info
More Info

Virus Precaution:
The original file from Microsoft gets placed in the Located in C:WINDOWSSystem32 directory. If you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses.

C:\WINDOWS\Explorer.EXEexplorer.exe

What is it?
Windows Explorer - explorer.exe

What does it do?
explorer.exe - Below is a direct quote from Microsoft found on THIS page:

This is the user shell, which we see as the familiar taskbar, desktop, and so on. This process isn't as vital to the running of Windows as you might expect, and can be stopped (and restarted) from Task Manager, usually with no negative side effects on the system.

I have found that stopping this process is needed sometimes to stop some other processes.

More Info
More Info

Virus Precaution:
The original file from Microsoft gets placed at C:WINDOWSSystem32explorer.exe . if you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses. There's only one unique virus found through this search. All of the results are the various names of this single virus.

Deloder-A @ Sophos
MyDoom.B @ Symantec

C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exeWkUFind.exe
WkUFind.exe is related to Microsoft Works/PictureIt! and will check for software updates. It is safe to remove this from your system startup.
C:\WINDOWS\system32\rundll32.exerundll32.exe

What is it?
Run a DLL as an App - rundll32.exe

What does it do?
Direct Quote from MS: (Source)
Microsoft Windows 95, Windows 98, and Windows Millennium Edition (Me) contains two command-line utility programs named Rundll.exe and Rundll32.exe that allow you to invoke a function exported from a DLL, either 16-bit or 32-bit. However, Rundll and Rundll32 programs do not allow you to call any exported function from any DLL. For example, you can not use these utility programs to call the Win32 API (Application Programming Interface) calls exported from the system DLLs. The programs only allow you to call functions from a DLL that are explicitly written to be called by them. This article provides more details on the use of Rundll and Rundll32 programs under the Windows operating systems listed above.

More Info
More Info

Virus Precaution:
The original file from Microsoft gets placed in the Located at C:WINDOWSSystem32 undll32.exe . If you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses.

.

W32.Miroot.Worm @ Symantec
Backdoor.Lastdoor @ Symantec
Trojan.StartPage @ Symantec

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exehpztsb10.exe

What is it?

hpztsb10.exe is?associated with HP printer products software and drivers.

What does it do?

HP spool service application for Windows 32 bit environments on X86 platforms "PC's"

More info:

www.hp.com

C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exePrintScreen.exe
"Gadwin PrintScreen - utility to capture
C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exeRoboTaskBarIcon.exe
Roboform - password manager and web form filler. Will work without this startup entry, as the "active" component is an integrated Internet Explorer browser plugin More information can be found here.

Quote:

Save and Remember Online Passwords
Every other site these days forces you to create a UserID and Password combination. RoboForm saves the day by saving the online passwords (AutoSave dialog) and then filling login forms from the saved data (AutoFill dialog).

C:\PROGRA~1\Wanadoo\EspaceWanadoo.exeEspaceWanadoo.exe

What is it?

EspaceWanadoo.exe is software associated with an internet provider called Wanadoo.

What does it do?

Wanadoo's software provides connection configuration and other "kit" for their Internet Services.

More info:

Check out this google search for more info about Wanadoo Internet services.

C:\WINDOWS\system32\ctfmon.exectfmon.exe

What is it?
Language bar AKA Alternative User Input Services - ctfmon.exe

What does it do?
ctfmon.exe - it's an ever annoying helper tool that comes rather unexpectedly at times and liked by nearly nobody.

Ctfmon.exe monitors the active windows and provides text input service support for speech recognition, handwriting recognition, keyboard, translation, and other alternative user input technologies.

Loads of information can be found on microsoft's site here.

Unless you're using anything in that list above you'll want to stop this file from loading!

How do I get rid of it?
There's been a number of threads in our forum as well as others about this. A typical thread can be found here.

control panel --> regional and language options --> languages tab --> details button --> language bar button

Virus Precaution:
Just like so many of the other files I've written about so far, ctfmon.exe is located in the c:windowsSystem32ctfmon.exe. At the time of this writing there isn't any spyware, viruses or anything like that masking itself as this file. If you find any info on one then please let me know!
C:\Program Files\Antipub\antipub.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\PROGRA~1\Wanadoo\ComComp.exeComComp.exe

Common Components? (ComComp.EXE) is a prerequisite for any VisualTax? program?

It MUST be downloaded and installed once by first time users of any VisualTax product (T1, T2, T3, T4, FP).?There is no need to download again for each product.

C:\PROGRA~1\Wanadoo\Toaster.exeToaster.exe
We Don't know! Please post a comment with information about this file
C:\PROGRA~1\Wanadoo\Inactivity.exeInactivity.exe
We Don't know! Please post a comment with information about this file
C:\PROGRA~1\Wanadoo\PollingModule.exePollingModule.exe
We Don't know! Please post a comment with information about this file
C:\PROGRA~1\Magentic\bin\MgApp.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXEALERTM~1.EXE
We Don't know! Please post a comment with information about this file
C:\PROGRA~1\Wanadoo\Watch.exeWatch.exe
Watch.exe - This is a process from Lavasoft for Ad ware this monitors your system and entries for spyware that tries to changeyour system, for Ad ware to work this should not be removed.

C:\HTJ\HijackThis.exeHijackThis.exe
This is our favorite application for fighting against malware and other trashy application that bog systems down. Our guide to using this software can be found here. We have also taken the time to write a system to process the log files created from this application here.
C:\Program Files\Executive Software\DiskeeperLite\DfrgNTFS.exedfrgntfs.exe
dfrgntfs.exe
--------------------------------------------------------------------------------

What is it?
Windows Defrag - dfrgntfs.exe

What does it do?
This is the process in Windows 2000 and XP that handles the file defragmentation process. This helps to speed up things like opening and reading files which will make it so that your applications run as fast as they can on your system. NEVER end this process, if you do it can cause corruption in whatever file it was processing when you ended it.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don't know here clean this line!
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/?ref=go Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don't know here clean this line!
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.exalead.fr/search/??definition=homepageInternet Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don't know here clean this line!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/?ref=go Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don't know here clean this line!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/?ref=go Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don't know here clean this line!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/?ref=go Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don't know here clean this line!
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/?ref=go Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don't know here clean this line!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =Internet Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don't know here clean this line!
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBRInternet&cc=fr&toHttps=1&redig=2F6538E9BD8A42E3A46A123231DB1B43 Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don't know here clean this line!
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = WanadooInternet Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don't know here clean this line!
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = LiensInternet Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don't know here clean this line!
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLLDefault Search Page
When using the search toolbar this is your default search. Should be either yahoo, msn or google cause all others suck
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)File Missing
When a file is missing, you should always have HijackThis fix the item.
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllAcroIEhelper.ocx AcroIEhelper.dll - Adobe Acrobat reader http://www.adobe.com/products/acrobat/reads
AcroIEhelper.ocx AcroIEhelper.dll - Adobe Acrobat reader https://get2.adobe.com/reader/otherversions/
O2 - BHO: CJava Object - {43F7497C-7687-4DEA-A057-F21BD81BC896} - C:\WINDOWS\System32\msjava32.dllmsjava32.dll - Trojan connecting to/hailing from adult chat sites (camscenter.com sexecam.net) - WAR
msjava32.dll - Trojan connecting to/hailing from adult chat sites (camscenter.com sexecam.net) - WARNING despite all apprearances this is in NO way a Microsoft file!
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)File Missing
When a file is missing, you should always have HijackThis fix the item.
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezobho.dll (file missing)File Missing
When a file is missing, you should always have HijackThis fix the item.
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dllUnnamed BHO
RoboForm.dll - RoboForm https://www.roboform.com/
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dllUnnamed BHO
ssv.dll - Related to Sun_Java_software https://www.java.com/en/download/
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)File Missing
When a file is missing, you should always have HijackThis fix the item.
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dllUnnamed BHO
WindowsLiveLogin.dll - Microsoft Windows_Live https://support.microsoft.com/en-us/windows/windows-essentials-2707b879-5004-4349-c4a4-e5900945f2a9
O2 - BHO: (no name) - {A685D287-785F-9822-002D-7F4A37C2D302} - (no file)File Missing
When a file is missing, you should always have HijackThis fix the item.
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dllUnnamed BHO
msntb.dll - MSN Toolbar https://www.bing.com/?toHttps=1&redig=C5A5F4D5ECA345F689A948C005FF88A7
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)File Missing
When a file is missing, you should always have HijackThis fix the item.
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dllUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O3 - Toolbar: Sonerie Toolbar - {157B91D9-D643-403b-92FE-FB48DA68D6C4} - (no file)File Missing
When a file is missing, you should always have HijackThis fix the item.
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)File Missing
When a file is missing, you should always have HijackThis fix the item.
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dllUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exeMicrosoft Works Update Detection
Checks for updates to MS Works
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgentUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exeHPDJ Taskbar Utility
"(1) Ghostscript device driver for printers understanding Hewlett-Packard's Printer Command Language - see here for more info or (2) Creates 1 or all 3 icons on taskbar. The 1st one has a yellow border around it warning that ink is low on the printer. The 2nd one is HP Device Detection Software and the 3rd one is about a card being inserted into the Hp printer"
O4 - HKLM\..\Run: [ekiofdjhne] c:\windows\system32\ekiofdjhne.exe ekiofdjhneUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKCU\..\Run: [Gadwin PrintScreen 2.6] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplashUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKCU\..\Run: [Copernic Desktop Search 2] "C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe" /trayUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /cUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"RoboForm
"Roboform - password manager and web form filler. Will work without this startup entry
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeCtfmon.exe
"CoolWebSearch Ctfmon32 parasite variant"
O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe

O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htmInternet Right Click Menu
Most of the time this is garbage leave it only if you actually use this function. Otherwise for the sake of cleanliness get rid of this sucker. A wise man once said Cleanliness is next to godliness
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTMLInternet Right Click Menu
Most of the time this is garbage leave it only if you actually use this function. Otherwise for the sake of cleanliness get rid of this sucker. A wise man once said Cleanliness is next to godliness
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.htmlInternet Right Click Menu
Most of the time this is garbage leave it only if you actually use this function. Otherwise for the sake of cleanliness get rid of this sucker. A wise man once said Cleanliness is next to godliness
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000Internet Right Click Menu
Most of the time this is garbage leave it only if you actually use this function. Otherwise for the sake of cleanliness get rid of this sucker. A wise man once said Cleanliness is next to godliness
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.htmlInternet Right Click Menu
Most of the time this is garbage leave it only if you actually use this function. Otherwise for the sake of cleanliness get rid of this sucker. A wise man once said Cleanliness is next to godliness
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?f2323b672d014723b8a2a74b390ef92Internet Right Click Menu
Most of the time this is garbage leave it only if you actually use this function. Otherwise for the sake of cleanliness get rid of this sucker. A wise man once said Cleanliness is next to godliness
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?f2323b672d014723b8a2a74b390ef92Internet Right Click Menu
Most of the time this is garbage leave it only if you actually use this function. Otherwise for the sake of cleanliness get rid of this sucker. A wise man once said Cleanliness is next to godliness
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.htmlInternet Right Click Menu
Most of the time this is garbage leave it only if you actually use this function. Otherwise for the sake of cleanliness get rid of this sucker. A wise man once said Cleanliness is next to godliness
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.htmlInternet Right Click Menu
Most of the time this is garbage leave it only if you actually use this function. Otherwise for the sake of cleanliness get rid of this sucker. A wise man once said Cleanliness is next to godliness
O8 - Extra context menu item: Voir les cookies - C:\WINDOWS\web\showcookies.htmInternet Right Click Menu
Most of the time this is garbage leave it only if you actually use this function. Otherwise for the sake of cleanliness get rid of this sucker. A wise man once said Cleanliness is next to godliness
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dllSun Java Console
Related to Sun Java
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dllSun Java Console
Related to Sun Java
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.htmlCompila
Related to Roboform Note: File is located under C:ProgrammiSiber SystemsAI RoboForm
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.htmlCompila
Related to Roboform Note: File is located under C:ProgrammiSiber SystemsAI RoboForm
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.htmlSave Forms
Related to Roboform Password Manager and Web Form Filler that completely automates password entering and form filling. Note: file is found under C:Program FilesSiber SystemsAI RoboForm folder.
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.htmlSave Forms
Related to Roboform Password Manager and Web Form Filler that completely automates password entering and form filling. Note: file is found under C:Program FilesSiber SystemsAI RoboForm folder.
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.htmlRoboForm
Related to Roboform Password Manager and Web Form Filler that completely automates password entering and form filling. Note: file is found under C:Program FilesSiber SystemsAI RoboForm folder.
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.htmlRoboForm
Related to Roboform Password Manager and Web Form Filler that completely automates password entering and form filling. Note: file is found under C:Program FilesSiber SystemsAI RoboForm folder.
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)File Missing
When a file is missing, you should always have HijackThis fix the item.
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)File Missing
When a file is missing, you should always have HijackThis fix the item.
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\WINDOWS\system32\shdocvw.dllYahoo! Messenger
Yahoo Messenger
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\WINDOWS\system32\shdocvw.dllYahoo! Messenger
Yahoo Messenger
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)File Missing
When a file is missing, you should always have HijackThis fix the item.
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)File Missing
When a file is missing, you should always have HijackThis fix the item.
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)File Missing
When a file is missing, you should always have HijackThis fix the item.
O11 - Options group: [INTERNATIONAL] International*IE Advanced Options
This is rarely modified by programs.
O16 - DPF: PackageHtmlCab - http://acces.blonde.com/package/PackageHtmlCab.CABUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - https://www.microsoft.com/fr-fr/?ref=go BHO
http://www.microsoft.com/genuine/downloads/WhyValidate.aspx?FamilyID=b446ae53-3759-40cf-80d5-cde4bbe07999&displaylang=en
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/ BHO
MsnPUpld.cab - MSN photo upload tool
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/... BHO
http://v5.windowsupdate.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
Microsoft Windows Update more here
O16 - DPF: {F4653484-F38C-455F-BB15-1175E527754E} (VideoProducer Class) - http://www.normal.video-party.com/class/webcam2.cabUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O17 - HKLM\System\CCS\Services\Tcpip\..\{2A3AE27A-53CB-459C-A5DB-E0BB58355CEC}: NameServer = 85.255.113.130,85.255.112.113Internet Settings
These may not be bad if your internet connection is set manually
O17 - HKLM\System\CCS\Services\Tcpip\..\{655AB98D-28FB-4721-A02C-7E88AAE5AD4C}: NameServer = 85.255.113.130,85.255.112.113Internet Settings
These may not be bad if your internet connection is set manually
O17 - HKLM\System\CCS\Services\Tcpip\..\{7AC237AB-9C87-439A-B4BC-A28DB452638A}: NameServer = 85.255.113.130,85.255.112.113Internet Settings
These may not be bad if your internet connection is set manually
O17 - HKLM\System\CCS\Services\Tcpip\..\{C1097410-77C7-446D-B7F4-B80DA6E836B6}: NameServer = 85.255.113.130,85.255.112.113Internet Settings
These may not be bad if your internet connection is set manually
O17 - HKLM\System\CCS\Services\Tcpip\..\{C7CA6BE1-BAF3-4A5E-BBCA-7CB22B7C33A3}: NameServer = 85.255.113.130,85.255.112.113Internet Settings
These may not be bad if your internet connection is set manually
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.130 85.255.112.113Internet Settings
These may not be bad if your internet connection is set manually
O17 - HKLM\System\CS1\Services\Tcpip\..\{2A3AE27A-53CB-459C-A5DB-E0BB58355CEC}: NameServer = 85.255.113.130,85.255.112.113Internet Settings
These may not be bad if your internet connection is set manually
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.130 85.255.112.113Internet Settings
These may not be bad if your internet connection is set manually
O17 - HKLM\System\CS2\Services\Tcpip\..\{2A3AE27A-53CB-459C-A5DB-E0BB58355CEC}: NameServer = 85.255.113.130,85.255.112.113Internet Settings
These may not be bad if your internet connection is set manually
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.130 85.255.112.113Internet Settings
These may not be bad if your internet connection is set manually
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLLExtra Protocols
There's a few known hijackers that use this but I haven't found anything good come out of these
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLLExtra Protocols
There's a few known hijackers that use this but I haven't found anything good come out of these
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dllAppInit_DLLs Registry value autorun
Very few known *good* purposes of this. Norton Cleansweep being the headliner of good items
Loads a .dll into memory when a user logs in. Frequently used by VERY bad hijackers.
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dllShellServiceObjectDelayLoad Registry key autorun
HJT automatically weeds out the good ones here so we'll flag this as bad. Consult a HJT expert before cleaning anything.
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exeDiskeeper
Executive Software's Diskeeper (Defragmenter)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: InCD Helper (InCDsrv) - Unknown owner - C:\Documents and Settings\ghislaine\Mes documents\imagine\InCD\InCDsrv.exe (file missing)File Missing
When a file is missing, you should always have HijackThis fix the item.
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeNVIDIA Driver Helper Service
Related to NVIDIA drivers.
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)File Missing
When a file is missing, you should always have HijackThis fix the item.
Merci de me répondre
Configuration: Windows XP
Internet Explorer 7.0

41 réponses

  • 1
  • 2
  • 3
Résumé de la discussion

Problème central : après avoir tenté d'installer Avast sur un PC Windows XP SP2, le programme ne démarre plus et les outils antivirus tels que Spybot restent vides, même après réinstallation. Des éléments du comportement laissent penser à une infection éventuelle ou à une corruption de l'installation, et HijackThis est utilisé pour diagnostiquer des traces résiduelles. Des avertissements sur des processus système tels que smss.exe, lsass.exe et svchost.exe suggèrent une possible manipulation ou infection au niveau profond du système. Pour la suite, des pistes d'action possibles incluent la vérification des services système et des processus malveillants et la restauration d'options de sécurité via outils fiables, sans tirer de conclusion sur l'évolution du problème.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. baby2109 Messages postés 189 Date d'inscription   Statut Membre Dernière intervention   8
     
    bonjour!j'ai compris que tu as des virus sur ton ordi mais j'ai pas compris les autres(suis pas douée en informatique) va sur le site avast pour le réinstaller,fo aussi t'enregistrer et enregistrer avast,il a besoin d'une clé,si c'est fait,réactive avast et spybot,moi j'ai avast et spybot & destroy,ils fonctionnent très bien.
    1
  2. Utilisateur anonyme
     
    salut à toi,
    fais ceci pour commencer:
    https://leblogdeclaude.blogspot.com/2007/03/informatique-procdure-de-nettoyage.html
    ensuite tu désinstalles ton Hijackthis, avec lui-même.
    Tu le réinstalles et tu le renommes:
    procédure ici:
    https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
    0
    1. Ghis76 Messages postés 21 Statut Membre
       
      Merci Philo de votre réponse
      J'ai téléchargé super antispyware, et pendant le scan
      est apparu un écran bleu sur lequel etait écrit:
      Sur votre ordinateur le problème semble être causé par le fichier suivant: m_hook.sys pag-fault-in nonpageg-area
      puis, l'ordi c'est éteint et rallumé tout seul.
      ensuite, un écran ma informé que le système avait récupérer d'une erreure sérieuse
      que dois-je faire, je refais le scan?
      Je fais ccleaner que j'ai déja sur l'ordi?
      merci de votre aide
      0
  3. Ghis76 Messages postés 21 Statut Membre
     
    J'ai réinstallé hijack this en français
    et voici le rapport
    je vais maintenant faire un nettoyage avec ccleaner, j'espère que cela vous apportera quelques informations , merci

    Logfile of HijackThis v1.99.1
    Scan saved at 12:16:09, on 18/04/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.exalead.fr/search/??definition=homepage
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: CJava Object - {43F7497C-7687-4DEA-A057-F21BD81BC896} - C:\WINDOWS\System32\msjava32.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezobho.dll (file missing)
    O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {A685D287-785F-9822-002D-7F4A37C2D302} - (no file)
    O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
    O3 - Toolbar: Sonerie Toolbar - {157B91D9-D643-403b-92FE-FB48DA68D6C4} - (no file)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
    O4 - HKLM\..\Run: [ekiofdjhne] c:\windows\system32\ekiofdjhne.exe ekiofdjhne
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
    O4 - HKCU\..\Run: [Gadwin PrintScreen 2.6] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
    O4 - HKCU\..\Run: [Copernic Desktop Search 2] "C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe" /tray
    O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
    O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
    O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
    O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?f2323b672d014723b8a2a74b390ef92
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?f2323b672d014723b8a2a74b390ef92
    O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O8 - Extra context menu item: Voir les cookies - C:\WINDOWS\web\showcookies.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: PackageHtmlCab - http://acces.blonde.com/package/PackageHtmlCab.CAB
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
    O16 - DPF: {F4653484-F38C-455F-BB15-1175E527754E} (VideoProducer Class) - http://www.normal.video-party.com/class/webcam2.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{2A3AE27A-53CB-459C-A5DB-E0BB58355CEC}: NameServer = 85.255.113.130,85.255.112.113
    O17 - HKLM\System\CCS\Services\Tcpip\..\{655AB98D-28FB-4721-A02C-7E88AAE5AD4C}: NameServer = 85.255.113.130,85.255.112.113
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7AC237AB-9C87-439A-B4BC-A28DB452638A}: NameServer = 85.255.113.130,85.255.112.113
    O17 - HKLM\System\CCS\Services\Tcpip\..\{BC808BE1-E16F-4815-A278-75E7169A4AAC}: NameServer = 80.10.246.130 80.10.246.3
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C1097410-77C7-446D-B7F4-B80DA6E836B6}: NameServer = 85.255.113.130,85.255.112.113
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C7CA6BE1-BAF3-4A5E-BBCA-7CB22B7C33A3}: NameServer = 85.255.113.130,85.255.112.113
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.130 85.255.112.113
    O17 - HKLM\System\CS1\Services\Tcpip\..\{2A3AE27A-53CB-459C-A5DB-E0BB58355CEC}: NameServer = 85.255.113.130,85.255.112.113
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.130 85.255.112.113
    O17 - HKLM\System\CS2\Services\Tcpip\..\{2A3AE27A-53CB-459C-A5DB-E0BB58355CEC}: NameServer = 85.255.113.130,85.255.112.113
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.130 85.255.112.113
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: InCD Helper (InCDsrv) - Unknown owner - C:\Documents and Settings\ghislaine\Mes documents\imagine\InCD\InCDsrv.exe (file missing)
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
    0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. Ghis76 Messages postés 21 Statut Membre
     
    Bonsoir,
    je n'arrive pas à faire le mode sans echec, une fois que je clique sur entré, la fenête pour le oui n'arrive pas et tout recommence au début.
    J'ai pourtant suivi les instruction du blog de Claude
    J'ai réessayé de faire fonctioner Super anti spyware, mais l'ordi c'est éteint.
    Merci de prendre de votre temps.
    0
  6. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Kikou

    C'est sûr qu'en visitant des sites de Q, on chope des merdouilles

    Dis moi Philo, pourquoi tu ne lui fais pas supprimer les 017 tout de suite, et les lignes douteuses ???

    0
  7. Utilisateur anonyme
     
    ben, j'aurais voulu un pré nettoyage....
    On verra ce que raconte AVG.
    mais tu as raison...parfois, je préfère un pré-nettoyage devant un tel..."bazar" !
    ----------------------------
    je verrais bien si ça bloque AVG....
    merci Marie...;-)

    0
  8. Ghis76 Messages postés 21 Statut Membre
     
    Bonjour,
    Vous m'impressionnez! je ne sais ce qui se passe sur mon ordi, mais vos conversations m'inquiète.
    J'ai téléchargé AVG et vous trouverez ci-joint le scan:
    ---------------------------------------------------------
    AVG Anti-Spyware - Rapport d'analyse
    ---------------------------------------------------------

    + Créé à: 19:29:03 19/04/2007

    + Résultat de l'analyse:

    C:\Program Files\MediaLoads\v1\ML.exe -> Adware.DownloadWare : Ignoré.
    HKLM\SOFTWARE\Classes\CLSID\{43F7497C-7687-4DEA-A057-F21BD81BC896} -> Adware.Generic : Ignoré.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{43F7497C-7687-4DEA-A057-F21BD81BC896} -> Adware.Generic : Ignoré.
    HKU\S-1-5-21-840360825-3438141586-1453689397-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{43F7497C-7687-4DEA-A057-F21BD81BC896} -> Adware.Generic : Ignoré.
    C:\Program Files\HomelandNetwork\HomelandNetwork.exe -> Adware.HomeLand : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\IESkins -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0 -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOI -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOI\dynamic -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOI\static -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOL -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOL\dynamic -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOL\static -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\dynamic -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1 -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_categorize.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_favorites.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_hotbarcom.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_hsskin.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_premium.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_searchfor.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_searchgo.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_weather.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_yellowpages.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Top7_theweb.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\ads.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\bubbles.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\bubbles2.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\bubbles2_Bubbles2.bbl -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\bubbles_Bubbles.bbl -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\business_promo.htm -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\buttondir.txt -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\components.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_1000.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_2000.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_3000.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bar.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar1.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar10.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar11.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar12.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar13.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar14.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar2.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar3.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar4.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar5.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar6.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar7.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar8.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar9.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_logos.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_other.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_x.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\default.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\email-t1-bg.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbar_promo.htm -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbarcom.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\icons2.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords_idx.idx -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords_sdf.sdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\layout.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\linkpathlegal.txt -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\progress.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\s_icons_buttons.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\samplegroups2.txt -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\t2_bg.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\theweb.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\top7.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\tsd_bg.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2 -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_categorize.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_favorites.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_hotbarcom.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_hsskin.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_premium.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_searchfor.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_searchgo.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_weather.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_yellowpages.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Top7_theweb.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\ads.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles2.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles2_Bubbles2.bbl -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles_Bubbles.bbl -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\business_promo.htm -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\buttondir.txt -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\components.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_1000.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_2000.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_3000.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bar.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar1.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar10.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar11.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar12.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar13.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar14.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar2.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar3.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar4.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar5.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar6.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar7.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar8.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar9.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_logos.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_other.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_x.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\default.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\email-t1-bg.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbar_promo.htm -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbarcom.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\icons2.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\keywords_idx.idx -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\keywords_sdf.sdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\layout.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\linkpathlegal.txt -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\progress.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\s_icons_buttons.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\samplegroups2.txt -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\t2_bg.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\theweb.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\top7.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\tsd_bg.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\ads.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\bubbles.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\bubbles2.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\business_promo.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\buttondir.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_1000.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_2000.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_3000.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bar.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar1.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar10.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar11.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar12.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar13.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar14.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar2.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar3.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar4.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar5.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar6.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar7.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar8.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar9.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_logos.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_other.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_x.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\default.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\email-t1-bg.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hotbar_promo.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\icons2.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords_idx.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords_sdf.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\layout.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\linkpathlegal.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\progress.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\s_icons_buttons.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\t2_bg.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\top7.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\tsd_bg.xip -> Adware.HotBar : Ignoré.
    C:\WINDOWS\NDNuninstall4_80.exe -> Adware.NewDotNet : Ignoré.
    C:\WINDOWS\NDNuninstall4_88.exe -> Adware.NewDotNet : Ignoré.
    C:\WINDOWS\NDNuninstall5_40.exe -> Adware.NewDotNet : Ignoré.
    C:\WINDOWS\NDNuninstall5_48.exe -> Adware.NewDotNet : Ignoré.
    C:\WINDOWS\NDNuninstall5_64.exe -> Adware.NewDotNet : Ignoré.
    C:\WINDOWS\NDNuninstall6_10.exe -> Adware.NewDotNet : Ignoré.
    C:\WINDOWS\NDNuninstall6_22.exe -> Adware.NewDotNet : Ignoré.
    C:\Program Files\Messenger Plus! 3\Setup.dat/sponsor.exe -> Downloader.Swizzor.ag : Ignoré.
    C:\raddrv.dll -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.20 : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@247realmedia[1].txt -> TrackingCookie.247realmedia : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@adtech[2].txt -> TrackingCookie.Adtech : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@atdmt[1].txt -> TrackingCookie.Atdmt : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@bluestreak[2].txt -> TrackingCookie.Bluestreak : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@casalemedia[1].txt -> TrackingCookie.Casalemedia : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@estat[1].txt -> TrackingCookie.Estat : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@fastclick[1].txt -> TrackingCookie.Fastclick : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@ehg-telecomitalia.hitbox[1].txt -> TrackingCookie.Hitbox : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@overture[1].txt -> TrackingCookie.Overture : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@revenue[1].txt -> TrackingCookie.Revenue : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@serving-sys[2].txt -> TrackingCookie.Serving-sys : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@statcounter[1].txt -> TrackingCookie.Statcounter : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@weborama[2].txt -> TrackingCookie.Weborama : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@zedo[1].txt -> TrackingCookie.Zedo : Ignoré.

    Fin du rapport

    merci à vous
    0
  9. Ghis76 Messages postés 21 Statut Membre
     
    Vous voyez tout!
    Je m'en suis aperçue et je refais actuellement le scan avg. Ca fait plus d'une heure qu'il tourne, je ne vais pas tarder à vous le faire parvenir. J'espère ne pas faire d'erreure cette fois.
    Merci
    0
  10. Ghis76 Messages postés 21 Statut Membre
     
    Le scan est terminé, mais j'ai un problème :
    en fin d'analyse je ne peux cliquer sur 'appliquer toutes les actions ' ni enregistre le rapport sous, tout reste grisé.
    J'ai pourtant bien été dans l'onglet paramètre et cocher 'générer un rapport après chaque analyse, ainsi que configuré sur Supprimer
    j'ai fait un imprime écran, de la fenêtre d'analyse mais je ne sais plus quoi faire, je vais essayer de télécharger l'aide en francais d'AVG.
    Je suis désolée. merci
    0
  11. Ghis76 Messages postés 21 Statut Membre
     
    ---------------------------------------------------------
    je vous joins le rapport:

    AVG Anti-Spyware - Rapport d'analyse
    ---------------------------------------------------------

    + Créé à: 22:18:10 19/04/2007

    + Résultat de l'analyse:

    C:\Program Files\MediaLoads\v1\ML.exe -> Adware.DownloadWare : Ignoré.
    HKLM\SOFTWARE\Classes\CLSID\{43F7497C-7687-4DEA-A057-F21BD81BC896} -> Adware.Generic : Ignoré.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{43F7497C-7687-4DEA-A057-F21BD81BC896} -> Adware.Generic : Ignoré.
    HKU\S-1-5-21-840360825-3438141586-1453689397-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{43F7497C-7687-4DEA-A057-F21BD81BC896} -> Adware.Generic : Ignoré.
    C:\Program Files\HomelandNetwork\HomelandNetwork.exe -> Adware.HomeLand : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\IESkins -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0 -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOI -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOI\dynamic -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOI\static -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOL -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOL\dynamic -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOL\static -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\dynamic -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1 -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_categorize.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_favorites.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_hotbarcom.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_hsskin.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_premium.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_searchfor.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_searchgo.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_weather.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_yellowpages.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Top7_theweb.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\ads.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\bubbles.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\bubbles2.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\bubbles2_Bubbles2.bbl -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\bubbles_Bubbles.bbl -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\business_promo.htm -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\buttondir.txt -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\components.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_1000.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_2000.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_3000.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bar.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar1.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar10.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar11.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar12.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar13.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar14.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar2.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar3.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar4.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar5.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar6.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar7.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar8.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar9.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_logos.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_other.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_x.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\default.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\email-t1-bg.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbar_promo.htm -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbarcom.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\icons2.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords_idx.idx -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords_sdf.sdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\layout.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\linkpathlegal.txt -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\progress.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\s_icons_buttons.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\samplegroups2.txt -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\t2_bg.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\theweb.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\top7.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\tsd_bg.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2 -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_categorize.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_favorites.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_hotbarcom.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_hsskin.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_premium.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_searchfor.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_searchgo.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_weather.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_yellowpages.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Top7_theweb.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\ads.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles2.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles2_Bubbles2.bbl -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles_Bubbles.bbl -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\business_promo.htm -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\buttondir.txt -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\components.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_1000.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_2000.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_3000.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bar.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar1.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar10.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar11.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar12.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar13.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar14.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar2.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar3.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar4.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar5.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar6.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar7.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar8.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar9.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_logos.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_other.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_x.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\default.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\email-t1-bg.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbar_promo.htm -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbarcom.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\icons2.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\keywords_idx.idx -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\keywords_sdf.sdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\layout.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\linkpathlegal.txt -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\progress.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\s_icons_buttons.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\samplegroups2.txt -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\t2_bg.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\theweb.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\top7.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\tsd_bg.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\ads.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\bubbles.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\bubbles2.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\business_promo.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\buttondir.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_1000.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_2000.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_3000.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bar.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar1.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar10.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar11.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar12.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar13.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar14.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar2.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar3.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar4.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar5.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar6.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar7.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar8.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar9.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_logos.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_other.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_x.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\default.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\email-t1-bg.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hotbar_promo.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\icons2.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords_idx.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords_sdf.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\layout.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\linkpathlegal.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\progress.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\s_icons_buttons.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\t2_bg.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\top7.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\tsd_bg.xip -> Adware.HotBar : Ignoré.
    C:\WINDOWS\NDNuninstall4_80.exe -> Adware.NewDotNet : Ignoré.
    C:\WINDOWS\NDNuninstall4_88.exe -> Adware.NewDotNet : Ignoré.
    C:\WINDOWS\NDNuninstall5_40.exe -> Adware.NewDotNet : Ignoré.
    C:\WINDOWS\NDNuninstall5_48.exe -> Adware.NewDotNet : Ignoré.
    C:\WINDOWS\NDNuninstall5_64.exe -> Adware.NewDotNet : Ignoré.
    C:\WINDOWS\NDNuninstall6_10.exe -> Adware.NewDotNet : Ignoré.
    C:\WINDOWS\NDNuninstall6_22.exe -> Adware.NewDotNet : Ignoré.
    C:\WINDOWS\Downloaded Program Files\MonLiveShow.exe -> Dialer.Generic : Ignoré.
    C:\Program Files\Messenger Plus! 3\Setup.dat/sponsor.exe -> Downloader.Swizzor.ag : Ignoré.
    C:\raddrv.dll -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.20 : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@247realmedia[1].txt -> TrackingCookie.247realmedia : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@adtech[2].txt -> TrackingCookie.Adtech : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@atdmt[1].txt -> TrackingCookie.Atdmt : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@bluestreak[2].txt -> TrackingCookie.Bluestreak : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@casalemedia[1].txt -> TrackingCookie.Casalemedia : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@estat[1].txt -> TrackingCookie.Estat : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@fastclick[1].txt -> TrackingCookie.Fastclick : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@ehg-telecomitalia.hitbox[1].txt -> TrackingCookie.Hitbox : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@overture[1].txt -> TrackingCookie.Overture : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@revenue[1].txt -> TrackingCookie.Revenue : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@serving-sys[2].txt -> TrackingCookie.Serving-sys : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@statcounter[1].txt -> TrackingCookie.Statcounter : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@weborama[2].txt -> TrackingCookie.Weborama : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@zedo[2].txt -> TrackingCookie.Zedo : Ignoré.
    C:\WINDOWS\Kusje.scr -> Trojan.Delf.tm : Ignoré.
    C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP428\A0168175.sys -> Worm.Bagle.hp : Nettoyé.
    C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP428\A0168189.sys -> Worm.Bagle.hp : Nettoyé.
    C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP429\A0169189.sys -> Worm.Bagle.hp : Nettoyé.
    C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP430\A0170191.sys -> Worm.Bagle.hp : Nettoyé.
    C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP431\A0170223.sys -> Worm.Bagle.hp : Nettoyé.
    C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP431\A0170239.sys -> Worm.Bagle.hp : Nettoyé.
    C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP431\A0170255.sys -> Worm.Bagle.hp : Nettoyé.
    C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP431\A0170273.sys -> Worm.Bagle.hp : Nettoyé.
    0
  12. Ghis76 Messages postés 21 Statut Membre
     
    Je viens de refaire un scan:
    je ne vois pas beaucoup de changement avec le précédent, mais j'ai enfin réussi à cliquer sur : appliquer toutes les actions

    + Résultat de l'analyse:

    C:\Program Files\MediaLoads\v1\ML.exe -> Adware.DownloadWare : Ignoré.
    HKLM\SOFTWARE\Classes\CLSID\{43F7497C-7687-4DEA-A057-F21BD81BC896} -> Adware.Generic : Ignoré.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{43F7497C-7687-4DEA-A057-F21BD81BC896} -> Adware.Generic : Ignoré.
    HKU\S-1-5-21-840360825-3438141586-1453689397-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{43F7497C-7687-4DEA-A057-F21BD81BC896} -> Adware.Generic : Ignoré.
    C:\Program Files\HomelandNetwork\HomelandNetwork.exe -> Adware.HomeLand : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\IESkins -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0 -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOI -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOI\dynamic -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOI\static -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOL -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOL\dynamic -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOL\static -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\dynamic -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1 -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_categorize.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_favorites.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_hotbarcom.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_hsskin.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_premium.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_searchfor.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_searchgo.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_weather.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_yellowpages.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\Top7_theweb.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\ads.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\bubbles.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\bubbles2.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\bubbles2_Bubbles2.bbl -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\bubbles_Bubbles.bbl -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\business_promo.htm -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\buttondir.txt -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\components.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_1000.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_2000.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_3000.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bar.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar1.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar10.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar11.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar12.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar13.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar14.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar2.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar3.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar4.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar5.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar6.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar7.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar8.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar9.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_logos.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_other.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_x.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\default.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\email-t1-bg.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbar_promo.htm -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbarcom.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\icons2.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords_idx.idx -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords_sdf.sdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\layout.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\linkpathlegal.txt -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\progress.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\s_icons_buttons.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\samplegroups2.txt -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\t2_bg.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\theweb.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\top7.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1\tsd_bg.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2 -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_categorize.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_favorites.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_hotbarcom.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_hsskin.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_premium.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_searchfor.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_searchgo.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_weather.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_yellowpages.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\Top7_theweb.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\ads.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles2.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles2_Bubbles2.bbl -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles_Bubbles.bbl -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\business_promo.htm -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\buttondir.txt -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\components.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_1000.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_2000.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_3000.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bar.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar1.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar10.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar11.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar12.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar13.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar14.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar2.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar3.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar4.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar5.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar6.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar7.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar8.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar9.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_logos.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_other.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_x.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\default.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\email-t1-bg.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbar_promo.htm -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbarcom.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\icons2.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\keywords_idx.idx -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\keywords_sdf.sdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\layout.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\linkpathlegal.txt -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\progress.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\s_icons_buttons.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\samplegroups2.txt -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\t2_bg.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\theweb.mnu -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\top7.cdf -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2\tsd_bg.res -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\ads.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\bubbles.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\bubbles2.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\business_promo.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\buttondir.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_1000.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_2000.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_3000.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bar.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar1.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar10.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar11.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar12.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar13.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar14.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar2.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar3.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar4.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar5.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar6.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar7.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar8.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar9.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_logos.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_other.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_x.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\default.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\email-t1-bg.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hotbar_promo.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\icons2.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords_idx.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords_sdf.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\layout.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\linkpathlegal.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\progress.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\s_icons_buttons.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\t2_bg.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\top7.xip -> Adware.HotBar : Ignoré.
    C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\tsd_bg.xip -> Adware.HotBar : Ignoré.
    C:\WINDOWS\NDNuninstall4_80.exe -> Adware.NewDotNet : Ignoré.
    C:\WINDOWS\NDNuninstall4_88.exe -> Adware.NewDotNet : Ignoré.
    C:\WINDOWS\NDNuninstall5_40.exe -> Adware.NewDotNet : Ignoré.
    C:\WINDOWS\NDNuninstall5_48.exe -> Adware.NewDotNet : Ignoré.
    C:\WINDOWS\NDNuninstall5_64.exe -> Adware.NewDotNet : Ignoré.
    C:\WINDOWS\NDNuninstall6_10.exe -> Adware.NewDotNet : Ignoré.
    C:\WINDOWS\NDNuninstall6_22.exe -> Adware.NewDotNet : Ignoré.
    C:\WINDOWS\Downloaded Program Files\MonLiveShow.exe -> Dialer.Generic : Ignoré.
    C:\Program Files\Messenger Plus! 3\Setup.dat/sponsor.exe -> Downloader.Swizzor.ag : Ignoré.
    C:\raddrv.dll -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.20 : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@247realmedia[1].txt -> TrackingCookie.247realmedia : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@adtech[2].txt -> TrackingCookie.Adtech : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@atdmt[1].txt -> TrackingCookie.Atdmt : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@bluestreak[2].txt -> TrackingCookie.Bluestreak : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@casalemedia[1].txt -> TrackingCookie.Casalemedia : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@estat[1].txt -> TrackingCookie.Estat : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@fastclick[1].txt -> TrackingCookie.Fastclick : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@ehg-telecomitalia.hitbox[1].txt -> TrackingCookie.Hitbox : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@overture[1].txt -> TrackingCookie.Overture : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@revenue[1].txt -> TrackingCookie.Revenue : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@serving-sys[2].txt -> TrackingCookie.Serving-sys : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@statcounter[1].txt -> TrackingCookie.Statcounter : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@weborama[2].txt -> TrackingCookie.Weborama : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Ignoré.
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@zedo[2].txt -> TrackingCookie.Zedo : Ignoré.
    C:\WINDOWS\Kusje.scr -> Trojan.Delf.tm : Ignoré.
    C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP428\A0168175.sys -> Worm.Bagle.hp : Nettoyé.
    C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP428\A0168189.sys -> Worm.Bagle.hp : Nettoyé.
    C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP429\A0169189.sys -> Worm.Bagle.hp : Nettoyé.
    C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP430\A0170191.sys -> Worm.Bagle.hp : Nettoyé.
    C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP431\A0170223.sys -> Worm.Bagle.hp : Nettoyé.
    C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP431\A0170239.sys -> Worm.Bagle.hp : Nettoyé.
    C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP431\A0170255.sys -> Worm.Bagle.hp : Nettoyé.
    C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP431\A0170273.sys -> Worm.Bagle.hp : Nettoyé.

    Fin du rapport

    Bonne soirée
    0
  13. Utilisateur anonyme
     
    En effet, c'est curieux....
    Si tu me dis qu'il est configuré sur "supprimé" je ne vois pas bien le soucis !
    Je voudrais voir la réaction de a2:
    https://www.01net.com/telecharger/
    essayes de me copier le log de a2.
    0
  14. ghis76
     
    Bonjour,
    voici le log demandé, j'ai mis tous les objets détectés en quarantaine.
    Version - a-squared Free 2.1

    Réglages Scan:

    Objets: Mémoire, Traces, Cookies, C:\
    Scan archives: Marche
    Heuristiques: Marche
    Scan ADS: Marche

    Début du scan: 20/04/2007 12:43:06

    C:\WINDOWS\browserxtras\pn Détecter: Trace.Directory.KaZaA
    C:\WINDOWS\cache329 Détecter: Trace.Directory.KaZaA
    C:\WINDOWS\system32\ifhelper.dll Détecter: Trace.File.SearchCentrix
    Value: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/hdplugin1018.dll --> .owner Détecter: Trace.Registry.AdDestroyer
    Value: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/hdplugin1018.dll --> {dbae7000-01ec-4162-8feb-8a27ac937ca0} Détecter: Trace.Registry.AdDestroyer
    Key: HKEY_CURRENT_USER\software\medialoads Détecter: Trace.Registry.DownloadWare
    Value: HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\shellbrowser --> {b195b3b3-8a05-11d3-97a4-0004aca6948e} Détecter: Trace.Registry.HotBar
    Key: HKEY_CURRENT_USER\software\kazaa Détecter: Trace.Registry.KaZaA
    Value: HKEY_CURRENT_USER\software\kazaa --> tmp Détecter: Trace.Registry.KaZaA
    Key: HKEY_LOCAL_MACHINE\software\kazaa\localcontent Détecter: Trace.Registry.KaZaA
    Value: HKEY_LOCAL_MACHINE\software\kazaa\localcontent --> databasedir Détecter: Trace.Registry.KaZaA
    Key: HKEY_LOCAL_MACHINE\software\kazaa Détecter: Trace.Registry.KaZaA
    Value: HKEY_LOCAL_MACHINE\software\kazaa --> listenport Détecter: Trace.Registry.KaZaA
    Value: HKEY_LOCAL_MACHINE\software\kazaa --> tmp Détecter: Trace.Registry.KaZaA
    Value: HKEY_CLASSES_ROOT\AppID\DownloadManager.EXE --> AppID Détecter: Trace.Registry.MediaPipe
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\DownloadManager.EXE --> AppID Détecter: Trace.Registry.MediaPipe
    Value: HKEY_CURRENT_USER\Software\Kazaa\LocalContent --> ChannelsDir Détecter: Trace.Registry.Kazaa
    Value: HKEY_CURRENT_USER\Software\Kazaa\Settings --> Quarantine Détecter: Trace.Registry.Kazaa
    Value: HKEY_CURRENT_USER\Software\Kazaa\Settings --> SearchDir Détecter: Trace.Registry.Kazaa
    Value: HKEY_CURRENT_USER\Software\Kazaa\Skins --> SkinsDir Détecter: Trace.Registry.Kazaa
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@247realmedia[1].txt Détecter: Trace.TrackingCookie
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@adtech[2].txt Détecter: Trace.TrackingCookie
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@bluestreak[1].txt Détecter: Trace.TrackingCookie
    C:\Documents and Settings\ghislaine\Cookies\ghislaine@weborama[2].txt Détecter: Trace.TrackingCookie
    C:\!KillBox\flec003.exe Détecter: Email-Worm.Win32.Bagle.hp
    C:\!KillBox\hidr.exe Détecter: Email-Worm.Win32.Bagle.hp
    C:\Documents and Settings\All Users\Application Data\Corndownloadcdromcreative\secondonce.exe Détecter: Heuristic.LOP

    Scanné

    Fichiers: 162290
    Traces: 109813
    Cookies: 29
    Processus: 26

    Trouver

    Fichiers: 3
    Traces: 20
    Cookies: 4
    Processus: 0
    Clés de Registre: 0

    Fin du Scan: 20/04/2007 14:19:52
    Temps du Scan: 01:36:46

    Bonne journée
    0
  15. Utilisateur anonyme
     
    ça c'est mieux passé, dirait-on...
    je repasse demain.
    a+
    0
    1. Ghis76 Messages postés 21 Statut Membre
       
      Bonjour,
      je viens de refaire un scan AVG, il me semble avec succès et voici le résultat:

      AVG Anti-Spyware - Rapport d'analyse
      ---------------------------------------------------------

      + Créé à: 10:08:14 21/04/2007

      + Résultat de l'analyse:



      C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP432\A0170313.exe -> Adware.DownloadWare : Nettoyé.
      C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP432\A0170312.exe -> Adware.HomeLand : Nettoyé.
      C:\Documents and Settings\REBECCA\Application Data\Hotbar -> Adware.HotBar : Nettoyé.
      C:\Documents and Settings\REBECCA\Application Data\Hotbar\IESkins -> Adware.HotBar : Nettoyé.
      C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0 -> Adware.HotBar : Nettoyé.
      C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOI -> Adware.HotBar : Nettoyé.
      C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOI\dynamic -> Adware.HotBar : Nettoyé.
      C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOI\static -> Adware.HotBar : Nettoyé.
      C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOL -> Adware.HotBar : Nettoyé.
      C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOL\dynamic -> Adware.HotBar : Nettoyé.
      C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\HostOL\static -> Adware.HotBar : Nettoyé.
      C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar -> Adware.HotBar : Nettoyé.
      C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\dynamic -> Adware.HotBar : Nettoyé.
      C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static -> Adware.HotBar : Nettoyé.
      C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\1 -> Adware.HotBar : Nettoyé.
      C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\2 -> Adware.HotBar : Nettoyé.
      C:\Documents and Settings\REBECCA\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad -> Adware.HotBar : Nettoyé.
      C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP432\A0170424.exe -> Adware.Lop : Nettoyé.
      C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP432\A0170427.exe -> Adware.Lop : Nettoyé.
      C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP432\A0170430.exe -> Adware.Lop : Nettoyé.
      C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP432\A0170431.exe -> Adware.Lop : Nettoyé.
      C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP432\A0170316.exe -> Adware.NewDotNet : Nettoyé.
      C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP432\A0170317.exe -> Adware.NewDotNet : Nettoyé.
      C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP432\A0170318.exe -> Adware.NewDotNet : Nettoyé.
      C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP432\A0170319.exe -> Adware.NewDotNet : Nettoyé.
      C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP432\A0170320.exe -> Adware.NewDotNet : Nettoyé.
      C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP432\A0170321.exe -> Adware.NewDotNet : Nettoyé.
      C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP432\A0170322.exe -> Adware.NewDotNet : Nettoyé.
      C:\Program Files\Messenger Plus! 3\Setup.dat/sponsor.exe -> Downloader.Swizzor.ag : Nettoyé.
      C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP432\A0170314.dll -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.20 : Nettoyé.
      C:\Documents and Settings\ghislaine\Cookies\ghislaine@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
      C:\Documents and Settings\ghislaine\Cookies\ghislaine@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
      C:\Documents and Settings\ghislaine\Cookies\ghislaine@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
      C:\Documents and Settings\ghislaine\Cookies\ghislaine@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
      C:\Documents and Settings\ghislaine\Cookies\ghislaine@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
      C:\Documents and Settings\ghislaine\Cookies\ghislaine@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
      C:\Documents and Settings\ghislaine\Cookies\ghislaine@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
      C:\Documents and Settings\ghislaine\Cookies\ghislaine@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
      C:\Documents and Settings\ghislaine\Cookies\ghislaine@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
      C:\Documents and Settings\ghislaine\Cookies\ghislaine@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
      C:\Documents and Settings\ghislaine\Cookies\ghislaine@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
      C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP432\A0170315.scr -> Trojan.Delf.tm : Nettoyé.
      C:\Program Files\MSN Messenger\msnpolygamy-universalpatch.zip/msn_messenger_polygamy_5.exe -> Trojan.Feutel.av : Nettoyé.
      C:\System Volume Information\_restore{CE874499-21C3-47FD-BFBE-115EF086A919}\RP432\A0170311.sys -> Worm.Bagle.hp : Nettoyé.


      Fin du rapport
      0
  16. Utilisateur anonyme
     
    Bien, beau nettoyage.
    refaits un log Hijackthis.
    Dis-moi aussi le comportement de la machine à ce point.

    0
    1. Ghis76 Messages postés 21 Statut Membre
       
      bonjour,
      Pensez-vous que mes problèmes seront maintenant résolus et puis-je réinstaller Avast en multi-sessions?
      Merci

      voici le log Hijack This demandé:

      Logfile of HijackThis v1.99.1
      Scan saved at 14:34:56, on 21/04/2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.5730.0011)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
      C:\WINDOWS\System32\FTRTSVC.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
      C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      C:\Program Files\Antipub\antipub.exe
      C:\PROGRA~1\Magentic\bin\MgApp.exe
      C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
      C:\Program Files\MSN Messenger\msnmsgr.exe
      C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
      C:\PROGRA~1\Wanadoo\ComComp.exe
      C:\PROGRA~1\Wanadoo\Toaster.exe
      C:\PROGRA~1\Wanadoo\Inactivity.exe
      C:\PROGRA~1\Wanadoo\PollingModule.exe
      C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
      C:\PROGRA~1\Wanadoo\Watch.exe
      C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.exalead.fr/search/??definition=homepage
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
      O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
      O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
      O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: (no name) - {A685D287-785F-9822-002D-7F4A37C2D302} - (no file)
      O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
      O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
      O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
      O3 - Toolbar: Sonerie Toolbar - {157B91D9-D643-403b-92FE-FB48DA68D6C4} - (no file)
      O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
      O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
      O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
      O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
      O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
      O4 - HKCU\..\Run: [Gadwin PrintScreen 2.6] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
      O4 - HKCU\..\Run: [Copernic Desktop Search 2] "C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe" /tray
      O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
      O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
      O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
      O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
      O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
      O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
      O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?f2323b672d014723b8a2a74b390ef92
      O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?f2323b672d014723b8a2a74b390ef92
      O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
      O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
      O8 - Extra context menu item: Voir les cookies - C:\WINDOWS\web\showcookies.htm
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
      O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
      O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
      O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
      O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
      O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
      O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\WINDOWS\system32\shdocvw.dll
      O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\WINDOWS\system32\shdocvw.dll
      O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
      O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
      O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
      O11 - Options group: [INTERNATIONAL] International*
      O16 - DPF: PackageHtmlCab - http://acces.blonde.com/package/PackageHtmlCab.CAB
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
      O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
      O16 - DPF: {F4653484-F38C-455F-BB15-1175E527754E} (VideoProducer Class) - http://www.normal.video-party.com/class/webcam2.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{2A3AE27A-53CB-459C-A5DB-E0BB58355CEC}: NameServer = 85.255.113.130,85.255.112.113
      O17 - HKLM\System\CCS\Services\Tcpip\..\{655AB98D-28FB-4721-A02C-7E88AAE5AD4C}: NameServer = 85.255.113.130,85.255.112.113
      O17 - HKLM\System\CCS\Services\Tcpip\..\{7AC237AB-9C87-439A-B4BC-A28DB452638A}: NameServer = 85.255.113.130,85.255.112.113
      O17 - HKLM\System\CCS\Services\Tcpip\..\{BC808BE1-E16F-4815-A278-75E7169A4AAC}: NameServer = 80.10.246.1 80.10.246.132
      O17 - HKLM\System\CCS\Services\Tcpip\..\{C1097410-77C7-446D-B7F4-B80DA6E836B6}: NameServer = 85.255.113.130,85.255.112.113
      O17 - HKLM\System\CCS\Services\Tcpip\..\{C7CA6BE1-BAF3-4A5E-BBCA-7CB22B7C33A3}: NameServer = 85.255.113.130,85.255.112.113
      O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.130 85.255.112.113
      O17 - HKLM\System\CS1\Services\Tcpip\..\{2A3AE27A-53CB-459C-A5DB-E0BB58355CEC}: NameServer = 85.255.113.130,85.255.112.113
      O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.130 85.255.112.113
      O17 - HKLM\System\CS2\Services\Tcpip\..\{2A3AE27A-53CB-459C-A5DB-E0BB58355CEC}: NameServer = 85.255.113.130,85.255.112.113
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.130 85.255.112.113
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
      O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
      O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
      O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
      O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
      O23 - Service: InCD Helper (InCDsrv) - Unknown owner - C:\Documents and Settings\ghislaine\Mes documents\imagine\InCD\InCDsrv.exe (file missing)
      O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
      0
  17. Utilisateur anonyme
     
    fais un scan seul avec Hijackthis
    coches ces cases
    Ensuites tu fais fixer objets
    -------------------------------------------------------
    O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {A685D287-785F-9822-002D-7F4A37C2D302} - (no file)
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: Sonerie Toolbar - {157B91D9-D643-403b-92FE-FB48DA68D6C4} - (no file)
    O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: PackageHtmlCab - http://acces.blonde.com/package/PackageHtmlCab.CAB
    Inconnu
    O16 - DPF: {F4653484-F38C-455F-BB15-1175E527754E} (VideoProducer Class) - http://www.normal.video-party.com/class/webcam2.cab

    O17 - HKLM\System\CCS\Services\Tcpip\..\{2A3AE27A-53CB-459C-A5DB-E0BB58355CEC}: NameServer = 85.255.113.130,85.255.112.113
    O17 - HKLM\System\CCS\Services\Tcpip\..\{655AB98D-28FB-4721-A02C-7E88AAE5AD4C}: NameServer = 85.255.113.130,85.255.112.113
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7AC237AB-9C87-439A-B4BC-A28DB452638A}: NameServer = 85.255.113.130,85.255.112.113

    O17 - HKLM\System\CCS\Services\Tcpip\..\{C1097410-77C7-446D-B7F4-B80DA6E836B6}: NameServer = 85.255.113.130,85.255.112.113
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C7CA6BE1-BAF3-4A5E-BBCA-7CB22B7C33A3}: NameServer = 85.255.113.130,85.255.112.113
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.130 85.255.112.113
    O17 - HKLM\System\CS1\Services\Tcpip\..\{2A3AE27A-53CB-459C-A5DB-E0BB58355CEC}: NameServer = 85.255.113.130,85.255.112.113
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.130 85.255.112.113
    O17 - HKLM\System\CS2\Services\Tcpip\..\{2A3AE27A-53CB-459C-A5DB-E0BB58355CEC}: NameServer = 85.255.113.130,85.255.112.113
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.130 85.255.112.113
    --------------------------------------------------------------------
    fais ceci ensuite:
    https://leblogdeclaude.blogspot.com/2007/03/informatique-procdure-navifix.html
    0
    1. Ghis76 Messages postés 21 Statut Membre
       
      Voila, j'ai fait tout ce que l'on m'a demandé et voici le log:

      Search Navipromo version 1.1.5 commencé le 21/04/2007 à 15:32:36,84

      !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
      !!! Poster ce rapport sur le forum pour le faire analyser !!!
      !!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

      Fix lancé depuis C:\Documents and Settings\ghislaine\Mes documents\TELECHARGEMENT GIGI\NAVIFIX
      Mise a jour le 13.04.2007 a 20h00 by IL-MAFIOSO

      Executé en mode normal

      *** Recherche Programmes installes ***


      InternetGameBox


      *** Recherche dossiers dans C:\WINDOWS ***


      C:\WINDOWS\msskinner trouvé !


      *** Recherche dossiers dans C:\Program Files ***


      C:\Program Files\InternetGameBox trouvé !


      *** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***




      *** Recherche dossiers dans C:\Documents and Settings\ghislaine\Application Data ***



      *** Recherche avec BlackLight Engine/F-secure ***
      BlackLight Engine est un produit de F-secure, pour + d'infos :
      https://www.f-secure.com/en

      Fichier(s) caché(s) dans C:\WINDOWS\system32 :

      c:\WINDOWS\system32\ekiofdjhne.dat
      C:\windows\system32\ekiofdjhne.exe
      c:\WINDOWS\system32\ekiofdjhne_nav.dat
      c:\WINDOWS\system32\ekiofdjhne_navps.dat

      Processus caché(s) dans C:\WINDOWS\system32 :

      C:\windows\system32\ekiofdjhne.exe


      *** Recherche fichiers ***


      C:\WINDOWS\pack.epk trouvé !
      C:\WINDOWS\system32\nvs2.inf trouvé !


      *** Recherche cles registre ***


      Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]



      Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]



      Recherche Clé Magic Control

      HKEY_CURRENT_USER\Software\Lanconfig trouvé !


      *** Module de Recherche complémentaire ***
      (Recherche fichiers spécifiques)

      1)Recherche fichiers connus:


      2)Recherche Heuristique :
      *
      **
      C:\WINDOWS\system32\ekiofdjhne.dat trouvé !
      ***
      ****
      C:\WINDOWS\system32\ekiofdjhne_navps.dat trouvé !
      *****
      ******
      *******
      ********
      C:\WINDOWS\system32\ekiofdjhne.exe trouvé !


      *** Analyse Terminé le 21/04/2007 à 16:06:48,54 ***
      0
  18. Utilisateur anonyme
     
    re,
    repasse ta machine en mode sans échec
    https://leblogdeclaude.blogspot.com/2007/04/informatique-rebooter-xp-en-mode-sans.html
    relances alors Navipromo
    choisis alors l'option 2

    0
    1. Ghis76 Messages postés 21 Statut Membre
       
      Je viens de refaire le log avec fixnavi, je n'avais pas coché les case dans hijak-this, excusez moi!

      j'attends votre réponse pour savoir si je dois tout de même faire:

      "repasse ta machine en mode sans échec
      https://leblogdeclaude.blogspot.com/
      relances alors Navipromo
      choisis alors l'option 2 "

      https://leblogdeclaude.blogspot.com/ j'ai essayé d'aller voir la page, mais elle est introuvable!


      voici le log:

      Search Navipromo version 1.1.5 commencé le 21/04/2007 à 17:13:44,53

      !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
      !!! Poster ce rapport sur le forum pour le faire analyser !!!
      !!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

      Fix lancé depuis C:\Documents and Settings\ghislaine\Mes documents\TELECHARGEMENT GIGI\NAVIFIX
      Mise a jour le 13.04.2007 a 20h00 by IL-MAFIOSO

      Executé en mode normal

      *** Recherche Programmes installes ***


      Instant Access
      InternetGameBox


      *** Recherche dossiers dans C:\WINDOWS ***


      C:\WINDOWS\msskinner trouvé !


      *** Recherche dossiers dans C:\Program Files ***


      C:\Program Files\Instant Access trouvé !
      C:\Program Files\InternetGameBox trouvé !


      *** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***




      *** Recherche dossiers dans C:\Documents and Settings\ghislaine\Application Data ***



      *** Recherche avec BlackLight Engine/F-secure ***
      BlackLight Engine est un produit de F-secure, pour + d'infos :
      https://www.f-secure.com/en

      Fichier(s) caché(s) dans C:\WINDOWS\system32 :

      c:\WINDOWS\system32\ekiofdjhne.dat
      C:\windows\system32\ekiofdjhne.exe
      c:\WINDOWS\system32\ekiofdjhne_nav.dat
      c:\WINDOWS\system32\ekiofdjhne_navps.dat

      Processus caché(s) dans C:\WINDOWS\system32 :

      C:\windows\system32\ekiofdjhne.exe


      *** Recherche fichiers ***


      C:\WINDOWS\pack.epk trouvé !
      C:\WINDOWS\system32\linkprd.exe trouvé !
      C:\WINDOWS\system32\nvs2.inf trouvé !


      *** Recherche cles registre ***


      Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]



      Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]



      Recherche Clé Magic Control

      HKEY_CURRENT_USER\Software\Lanconfig trouvé !


      *** Module de Recherche complémentaire ***
      (Recherche fichiers spécifiques)

      1)Recherche fichiers connus:


      2)Recherche Heuristique :
      *
      C:\WINDOWS\system32\ekiofdjhne.dat trouvé !
      **
      C:\WINDOWS\system32\ekiofdjhne.dat trouvé !
      ***
      ****
      C:\WINDOWS\system32\ekiofdjhne_navps.dat trouvé !
      *****
      ******
      *******
      ********
      C:\WINDOWS\system32\ekiofdjhne.exe trouvé !
      C:\WINDOWS\system32\linkprd.exe trouvé !


      *** Analyse Terminé le 21/04/2007 à 17:47:54,03 ***
      0
  • 1
  • 2
  • 3