Sujet Précédent Sujet Suivant

[Hijackthis] rapport

Résolu
Riwalenn Messages postés 370 Statut Membre -  
Riwalenn Messages postés 370 Statut Membre -
Bonjour,

j'ai un nouveau pc infecté sur mon réseau alors que je viens d'éradiquer sober d'un autre... j'ai passé hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 9:01:35 AM, on 1/27/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\NavNT\vptray.exe
C:\Program Files\HbTools\Bin\4.7.2.1\HbtOEAddOn.exe
C:\Program Files\HbTools\Bin\4.7.2.1\HbtWeatherOnTray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
C:\Program Files\HbTools\Bin\4.7.2.1\HbtSrv.exe
C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/SmartOffers/Services/resultsmaster/ResultsMasterHomeLeftPane.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://WSSERVE:8080
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll
O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.7.2.1\HbtHostIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.7.2.1\HbtHostIE.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\NavNT\vptray.exe
O4 - HKLM\..\Run: [ Windows] C:\WINDOWS\WinSecurity\services.exe
O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.7.2.1\HbtOEAddOn.exe
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\HbTools\Bin\4.7.2.1\HbtWeatherOnTray.exe
O4 - HKLM\..\Run: [idumsjdt] C:\WINDOWS\System32\vhsaqizf.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [_Windows] C:\WINDOWS\WinSecurity\services.exe
O4 - Global Startup: Firewall Client Connectivity Monitor.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll
O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {69FD62B1-0216-4C31-8D55-840ED86B7C8F} (HbInstObj) - http://installs.hotbar.com/installs/Hotbar/programs/Hotbar.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D19781C5-2051-44F8-8445-DDC82933C191} (VacPro.internazionale_ver11) - http://advnt01.com/dialer/internazionale_ver11.CAB
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = eurosourcefrance.local
O17 - HKLM\Software\..\Telephony: DomainName = eurosourcefrance.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = eurosourcefrance.local
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

j'ai posté le rapport sur hijakthis automatique et je tiens à spécifier que l'utilisateur du pc à installer de lui-même la hotbar des icones messenger ainsi que la barre pour avoir le temps.

merci
A voir également:

12 réponses

Réponse 1 / 12
Utilisateur anonyme
 
Salut,
Relance HijackThis, choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked"

O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll
O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.7.2.1\HbtHostIE.dll
O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.7.2.1\HbtHostIE.dll
O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.7.2.1\HbtOEAddOn.exe
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\HbTools\Bin\4.7.2.1\HbtWeatherOnTray.exe
O4 - HKLM\..\Run: [idumsjdt] C:\WINDOWS\System32\vhsaqizf.exe
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll
O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {69FD62B1-0216-4C31-8D55-840ED86B7C8F} (HbInstObj) - http://installs.hotbar.com/installs/Hotbar/programs/Hotbar.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D19781C5-2051-44F8-8445-DDC82933C191} (VacPro.internazionale_ver11) - http://advnt01.com/dialer/internazionale_ver11.CAB

Clique sur demarrer, rechercher, cherche et supprime si present:

HbtOEAddOn.exe
HbtWeatherOnTray.exe
vhsaqizf.exe

Clique sur demarrer, poste e travail, C:, program files, cherche et supprime ces dossiers:

ShopperReports
HbTools

la barre hotbar contient des spywares à toi de voir ..

Puis remet un rapport HijackThis en precisant les anti-spywares que tu as.
0
Réponse 2 / 12
aranjuez31 Messages postés 8069 Statut Contributeur 354
 
bjr
c est curieux ça
les mêmes qui reviennent à qque chose prés
0
Réponse 3 / 12
Riwalenn Messages postés 370 Statut Membre 101
 
ci-dessous le rapport ewido puis hijackthis après avoir passé en mode sans-echec supprimé le contenu des dossiers temps/tempary internet/prefetch... et fait tout ce que tu m'a dit.
j'ai passé ewido, ad-adware, ccleaner et hijackthis...

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 13:52:44, 27/01/2006
+ Report-Checksum: 74AB9879

+ Scan result:

HKLM\SOFTWARE\Classes\AppID\WeatherOnTray.EXE -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\{0507FDDE-F3B7-49F5-9E8F-C557E991F39B} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0774F696-D801-4C18-81A7-A3A32B8BEF19} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1E0004EC-5DF0-48C7-A8F0-FBB0488A3D94} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{454B4812-E572-4703-A1BB-63490809EAC0} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{580A1F3F-89B4-433B-BBDB-B97AEB13F3FC} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A798E2B4-B6A0-4B96-8C53-8EC7A3B0895A} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FA16BCE1-5E36-472A-8466-E0CDD5CE00E6} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostIE.Bho -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostIE.Bho.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtTools.HbMain -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtTools.HbMain.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{17719B53-FAD1-11D4-A466-00508B5BA2DF} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{17719B54-FAD1-11D4-A466-00508B5BA2DF} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{3103E312-E1BB-49AB-80EB-0A92FCA78746} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{34F4D917-31E4-464C-B8B3-84C1CE76B395} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{3F04CBF7-CD62-4403-B090-B432DEDCB159} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{7138714C-9819-4AB1-9A86-E7C413C9A99E} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{7E33BC81-0818-11D5-B50D-00D0B77F0A6D} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{8578D35E-C6C0-4808-9A80-0F6C29A2C423} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{927420A3-7259-4A74-B402-9329177EC3FC} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{9DD19D39-2CDC-465B-BB21-1D433590BA3D} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{BC190DA5-0187-4D99-B3AC-6C45EA1B9324} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{DA603411-0593-11D5-A46B-00508B5BA2DF} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{F64B26C1-07DE-11D5-B50D-00D0B77F0A6D} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.HbAx -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.HbAx\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.HbAx\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.HbAx.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.HbCommBand -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.HbCommBand\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.HbCommBand\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.HbCommBand.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.IEButton -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.IEButton\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.IEButton\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.IEButton.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{45397063-D7D0-47C2-9508-26487608A298} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{60F63095-41EC-11D5-B558-00D0B77F0A6D} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{71E9CF40-AF72-4B55-BD3F-1FEA2A0EAEA6} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{71EFE583-62FE-4419-9918-CA3B683F7B36} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{793AF621-5CD0-4B92-B765-6712F6AAF48E} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{842D315A-7E1E-448B-96E8-9E76D1820BE2} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{9967A873-40F3-4C7E-9239-6C8760F19F61} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{B5901229-25CC-43C9-B604-3BB6AC2B48A5} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{B9F51D42-CCA0-4408-BB02-D433D1865A3A} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{C83DAED4-0611-4F7A-978E-7FEAFCB2F91B} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{F8EE014F-B34C-4544-8E45-95A7971D323B} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\Install -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\MachineInfo -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\Mail -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\PI -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\PI\3.2 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\Updates -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\Upgrade -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HostOI -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HostOI\Mail -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HostOI\Updates -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HostOL -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HostOL\Mail -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HostOL\Updates -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Hotbar -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Hotbar\Install -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Install -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Install\CmpMap -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Install\Icons -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Install\Links -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Hotbar -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Hotbar\Hotbar -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Hotbar\Hotbar\Install -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Hotbar\Hotbar\PI -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Hotbar\Hotbar\PI\3.2 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14}\\ClsidExtension -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE15}\\ClsidExtension -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\ShopperReports -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\ShopperReports\ShopperReports -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\ShopperReports\ShopperReports\PostInstaller -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Common -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Common\Time -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Common\Updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\HostOI -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\HostOI\Updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\HostOL -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\HostOL\soho -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\HostOL\Updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\EUI -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\HtmlPPP -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\ImagesHistory -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Install -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\links -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\options -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\PI -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\PI\3.2 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample\Hist -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample\Hist\sg800 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample\Hist\sg801 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample\Hist\sg802 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample\Hist\sg803 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample\Hist\sg807 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample\Hist\sg808 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample\Hist\sg810 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample\Hist\sg811 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample\Hist\sg812 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample\Hist\sg818 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample\Hist\sg819 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample\Hist\sg827 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample\Hist\sg828 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample\Hist\sg829 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample\Hist\sg830 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample\Hist\sg842 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample\Hist\sg843 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample\Hist\sg844 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\Sample\Hist\sg845 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Hotbar\UserInfo -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Time -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Time\HostIE -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Time\HostIE\Updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Time\HostOI -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Time\HostOI\Updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Time\HostOL -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\Hotbar\Time\HostOL\Updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\ShopperReports -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\ShopperReports\ShopperReports -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-1644491937-839522115-1343024091-500\Software\ShopperReports\ShopperReports\PostInstaller -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\IESkins -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0 -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\HostOI -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\HostOI\dynamic -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\HostOI\static -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\HostOL -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\HostOL\dynamic -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\HostOL\static -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\dynamic -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1 -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\ads.cdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\business_promo.htm -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\buttondir.txt -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\components.cdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\country.exe -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\default.cdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_511745-514279.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_categorize.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_comparison.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_explorer-Mails.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_explorer-people.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_favorites.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Games.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Hide.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_hotbarcom.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Hotmail.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_hsskin.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Mails.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_new.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_premium.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_ringtone.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_SearchBoxTrapper.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_searchfor.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_searchgo.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_weather.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_yellowpages.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_1000.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_2000.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_3000.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bar.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar1.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar10.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar11.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar12.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar13.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar14.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar2.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar3.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar4.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar5.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar6.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar7.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar8.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar9.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_logos.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_other.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_x.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_weather.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\email-def-511724-548964.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\email-def-511724-9595.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\email-t1-bg.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbar-premium-hotbar-premium.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbar-premium.cdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbar_promo.htm -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\icons2.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords.idx -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords1.dat -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\layout.cdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\linkpathlegal.txt -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\progress.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\s_icons_buttons.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\t2_bg.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\theweb.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\top7.cdf -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\Top7_theweb.mnu -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\1\tsd_bg.res -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\ads.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\business_promo.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\buttondir.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\country.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\default.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_1000.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_2000.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_3000.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bar.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar1.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar10.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar11.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar12.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar13.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar14.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar2.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar3.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar4.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar5.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar6.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar7.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar8.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar9.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_logos.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_other.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_x.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_weather.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\email-t1-bg.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hotbar-premium.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hotbar_promo.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\icons2.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords1.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\layout.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\linkpathlegal.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\progress.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.txt -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\s_icons_buttons.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\t2_bg.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\top7.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\tsd_bg.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\ShopperReports -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\ShopperReports\cs -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\ShopperReports\cs\Config.xml -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\ShopperReports\cs\db -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\ShopperReports\cs\db\Aliases.dbs -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\ShopperReports\cs\db\Sites.dbs -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\ShopperReports\cs\dwld -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\ShopperReports\cs\persist.dbs -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\ShopperReports\cs\report -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml.db -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\ShopperReports\cs\report\send_ShopperReports.xml -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\ShopperReports\cs\report\send_ShopperReports.xml.db -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\ShopperReports\cs\res1 -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\ShopperReports\cs\res1\WhiteList.dbs -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\administrator.EUROSOURCEFRANC\Application Data\ShopperReports\shprrprt.log -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\katia\Application Data\ShopperReports -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\katia\Application Data\ShopperReports\cs -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\katia\Application Data\ShopperReports\cs\Config.xml -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\katia\Application Data\ShopperReports\cs\db -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\katia\Application Data\ShopperReports\cs\db\Aliases.dbs -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\katia\Application Data\ShopperReports\cs\db\Sites.dbs -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\katia\Application Data\ShopperReports\cs\dwld -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\katia\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\katia\Application Data\ShopperReports\cs\persist.dbs -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\katia\Application Data\ShopperReports\cs\report -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\katia\Application Data\ShopperReports\cs\report\ag.xml -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\katia\Application Data\ShopperReports\cs\report\ag.xml.db -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\katia\Application Data\ShopperReports\cs\report\send.xml -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\katia\Application Data\ShopperReports\cs\report\send.xml.db -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\katia\Application Data\ShopperReports\cs\res1 -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\katia\Application Data\ShopperReports\cs\res1\WhiteList.dbs -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\katia\Application Data\ShopperReports\shprrprt.log -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\thierryo\Application Data\ShopperReports -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\thierryo\Application Data\ShopperReports\cs -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\thierryo\Application Data\ShopperReports\cs\Config.xml -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\thierryo\Application Data\ShopperReports\cs\db -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\thierryo\Application Data\ShopperReports\cs\db\Aliases.dbs -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\thierryo\Application Data\ShopperReports\cs\db\Sites.dbs -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\thierryo\Application Data\ShopperReports\cs\dwld -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\thierryo\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\thierryo\Application Data\ShopperReports\cs\persist.dbs -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\thierryo\Application Data\ShopperReports\cs\report -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\thierryo\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\thierryo\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml.db -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\thierryo\Application Data\ShopperReports\cs\report\send_ShopperReports.xml -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\thierryo\Application Data\ShopperReports\cs\report\send_ShopperReports.xml.db -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\thierryo\Application Data\ShopperReports\cs\res2 -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\thierryo\Application Data\ShopperReports\cs\res2\WhiteList.dbs -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\thierryo\Application Data\ShopperReports\shprrprt.log -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\thierryo\Application Data\ShopperReports\shprrprt_1138263633.log -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\anitaididov@advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\anitaididov@atdmt[1].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\anitaididov@bluestreak[2].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\anitaididov@casalemedia[2].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\anitaididov@doubleclick[2].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\anitaididov@estat[1].txt -> Spyware.Cookie.Estat : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\anitaididov@fastclick[1].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\anitaididov@servedby.advertising[2].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\anitaididov@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\anitaididov@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@112.2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@247realmedia[1].txt -> Spyware.Cookie.247realmedia : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@ad.adocean[1].txt -> Spyware.Cookie.Adocean : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@adopt.euroclick[1].txt -> Spyware.Cookie.Euroclick : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@adtech[2].txt -> Spyware.Cookie.Adtech : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@advertising[2].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@adviva[2].txt -> Spyware.Cookie.Adviva : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@aolfr.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@as-eu.falkag[2].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@as-us.falkag[1].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@as1.falkag[2].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@bfast[2].txt -> Spyware.Cookie.Bfast : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@blackbox.weborama[1].txt -> Spyware.Cookie.Weborama : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@bluestreak[2].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@casalemedia[2].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@cnetasiapacific.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@counter2.hitslink[2].txt -> Spyware.Cookie.Hitslink : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@ehg-bbva.hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@ehg-francetel.hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@ehg-lexmark.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@ehg-nokiafin.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@ehg-noven.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@ehg-systemax.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@estat[1].txt -> Spyware.Cookie.Estat : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@fastclick[1].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@fl01.ct2.comclick[1].txt -> Spyware.Cookie.Comclick : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@hotlog[1].txt -> Spyware.Cookie.Hotlog : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@media.fastclick[2].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@perf.overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@phg.hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@pr.valueclick[1].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@pro-market[1].txt -> Spyware.Cookie.Pro-market : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@promo.casinotropez[1].txt -> Spyware.Cookie.Casinotropez : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@qksrv[1].txt -> Spyware.Cookie.Qksrv : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@redcats.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@revenue[1].txt -> Spyware.Cookie.Revenue : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@sel.as-eu.falkag[1].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@serving-sys[1].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@sfr.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@spylog[2].txt -> Spyware.Cookie.Spylog : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@statcounter[1].txt -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@statse.webtrendslive[2].txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@trafficmp[1].txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@trafic[1].txt -> Spyware.Cookie.Trafic : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@tribalfusion[2].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@valueclick[1].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@valueclick[2].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@vegasred[1].txt -> Spyware.Cookie.Vegasred : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@weborama[2].txt -> Spyware.Cookie.Weborama : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@wreport.weborama[1].txt -> Spyware.Cookie.Weborama : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@www.smartadserver[2].txt -> Spyware.Cookie.Smartadserver : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\katia@xxxtoolbar[1].txt -> Spyware.Cookie.Xxxtoolbar : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\thierryo@ads.addynamix[1].txt -> Spyware.Cookie.Addynamix : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\thierryo@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\thierryo@bluestreak[1].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\thierryo@casalemedia[2].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\thierryo@doubleclick[2].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\thierryo@estat[1].txt -> Spyware.Cookie.Estat : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\thierryo@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\thierryo@weborama[2].txt -> Spyware.Cookie.Weborama : Cleaned with backup
C:\Documents and Settings\thierryo\Cookies\thierryo@www.smartadserver[1].txt -> Spyware.Cookie.Smartadserver : Cleaned with backup
C:\Documents and Settings\user\Cookies\user@ad.adition[2].txt -> Spyware.Cookie.Adition : Cleaned with backup
C:\Documents and Settings\user\Cookies\user@advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\user\Cookies\user@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\user\Cookies\user@bluestreak[2].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\user\Cookies\user@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\user\Cookies\user@edge.ru4[1].txt -> Spyware.Cookie.Ru4 : Cleaned with backup
C:\Documents and Settings\user\Cookies\user@estat[1].txt -> Spyware.Cookie.Estat : Cleaned with backup
C:\Documents and Settings\user\Cookies\user@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\user\Cookies\user@qksrv[1].txt -> Spyware.Cookie.Qksrv : Cleaned with backup
C:\Documents and Settings\user\Cookies\user@realmedia[2].txt -> Spyware.Cookie.Realmedia : Cleaned with backup
C:\Documents and Settings\user\Cookies\user@servedby.advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\user\Cookies\user@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\user\Cookies\user@valueclick[1].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Documents and Settings\user\Cookies\user@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Cleaned with backup
C:\Program Files\backups\backup-20060127-113724-159.dll -> Spyware.HotBar : Cleaned with backup
C:\Program Files\backups\backup-20060127-113724-847.dll -> Adware.HotBar : Cleaned with backup
C:\Program Files\backups\backup-20060127-113725-106.dll -> Spyware.AdPowerZone : Cleaned with backup
C:\Program Files\HbTools\Bin\4.7.2.1\HbtHostIE.dll -> Adware.HotBar : Cleaned with backup
C:\Program Files\HbTools\Bin\4.7.2.1\HbtHostOE.dll -> Spyware.HotBar : Cleaned with backup
C:\Program Files\HbTools\Bin\4.7.2.1\HbtHostOL.dll -> Spyware.HotBar : Cleaned with backup
C:\Program Files\HbTools\Bin\4.7.2.1\HbtWeatherOnTray.exe -> Adware.HotBar : Cleaned with backup
C:\Program Files\hotbar -> Spyware.HotBar : Cleaned with backup
C:\Program Files\hotbar\bin -> Spyware.HotBar : Cleaned with backup
C:\Program Files\hotbar\bin\4.6.1.0 -> Spyware.HotBar : Cleaned with backup
C:\Program Files\RealVNC\VNC4\vncconfig.exe -> Not-A-Virus.RemoteAdmin.Win32.WinVNC.4 : Cleaned with backup
C:\Program Files\ShopperReports -> Spyware.HotBar : Cleaned with backup
C:\Program Files\ShopperReports\Bin -> Spyware.HotBar : Cleaned with backup
C:\Program Files\ShopperReports\Bin\1.0.4.0 -> Spyware.HotBar : Cleaned with backup
C:\Program Files\ShopperReports\Bin\1.0.4.0\ShprRprt.dll -> Spyware.HotBar : Cleaned with backup
C:\Program Files\ShopperReports\Bin\1.0.8.0 -> Spyware.HotBar : Cleaned with backup
C:\Program Files\ShopperReports\Bin\1.0.8.0\ShprRprt.dll -> Spyware.HotBar : Cleaned with backup
C:\Program Files\ShopperReports\Bin\1.1.0.0 -> Spyware.HotBar : Cleaned with backup
C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll -> Spyware.HotBar : Cleaned with backup
C:\WINDOWS\system32\vhsaqizf.exe -> Spyware.HotBar : Cleaned with backup

::Report End

rapport hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 14:49:21, on 27/01/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/SmartOffers/Services/resultsmaster/ResultsMasterHomeLeftPane.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://WSSERVE:8080
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\NavNT\vptray.exe
O4 - HKLM\..\Run: [ Windows] C:\WINDOWS\WinSecurity\services.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Firewall Client Connectivity Monitor.LNK = C:\Program Files\Micr
0
Utilisateur anonyme
 
Salut,

ton rapport n'est pas en entier ;-)
0
Réponse 4 / 12
Riwalenn Messages postés 370 Statut Membre 101
 
oups pardon

Logfile of HijackThis v1.99.1
Scan saved at 14:49:21, on 27/01/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/SmartOffers/Services/resultsmaster/ResultsMasterHomeLeftPane.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://WSSERVE:8080
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\NavNT\vptray.exe
O4 - HKLM\..\Run: [ Windows] C:\WINDOWS\WinSecurity\services.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Firewall Client Connectivity Monitor.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = eurosourcefrance.local
O17 - HKLM\Software\..\Telephony: DomainName = eurosourcefrance.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = eurosourcefrance.local
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

0
Utilisateur anonyme
 
Tu n'as pas d'anti-virus ni de pare-feu?!!
0
Utilisateur anonyme
 
Certes tu as raison je n'avais point vu la fatigue m'envahit!

Relance HijackThis, choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked"

O4 - HKLM\..\Run: [ Windows] C:\WINDOWS\WinSecurity\services.exe
O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\System32\shdocvw.dll

Clique sur demarrer, rechercher, cherche et supprime ces fichiers:

shdocvw.dll
services.exe


tu as quoi comme logiciels anti-spywares?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 12
Riwalenn Messages postés 370 Statut Membre 101
 
si j'ai symantec et un firewall d'ISA server. Par contre je n'ai pas l'intention d'acheter ni de télécharger un autre anti-virus :P je dois faire avec ce que j'ai sous la main.
0
Réponse 6 / 12
Riwalenn Messages postés 370 Statut Membre 101
 
J'en ai pas, j'ai juste utilisé ewido, ad-aware et ccleaner mais juste pour un traitement d'appoint après je les désinstalle
0
aranjuez31 Messages postés 8069 Statut Contributeur 354
 
bsr

"" errare humanum est ""
0
Réponse 7 / 12
Riwalenn Messages postés 370 Statut Membre 101
 
ci-dessous nouveau rapport :
Logfile of HijackThis v1.99.1
Scan saved at 6:00:46 PM, on 1/27/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\NavNT\vptray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
C:\Program Files\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/SmartOffers/Services/resultsmaster/ResultsMasterHomeLeftPane.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://WSSERVE:8080
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\NavNT\vptray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [_Windows] C:\WINDOWS\WinSecurity\services.exe
O4 - Global Startup: Firewall Client Connectivity Monitor.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = eurosourcefrance.local
O17 - HKLM\Software\..\Telephony: DomainName = eurosourcefrance.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = eurosourcefrance.local
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

0
Réponse 8 / 12
Riwalenn Messages postés 370 Statut Membre 101
 
aranjuez31 ? tu veux dire par là que je devrais en avoir un en plus de norton ?
sinon à priori, je n'ai plus de virus ce sur pc, j'ai passé symantec vendredi et rien... mais je connais ta réponse ;P ne t'inquiètes pas je passerais un anti-virus on-line dessus pour être sûre...
0
Réponse 9 / 12
aranjuez31 Messages postés 8069 Statut Contributeur 354
 
bjr riw
ne pas confondre antivirus Norton
avec detecteur de spy,trojan,malware et autres
rappel de la différence sur ce lien
http://sebsauvage.net/safehex.html
0
Réponse 10 / 12
Riwalenn Messages postés 370 Statut Membre 101
 
Bon ben j'ai jeté mon dévolu sur ad-aware que je connais déjà pour son utilisation à la maison ;)
merci pour tes conseils...
0
Réponse 11 / 12
aranjuez31 Messages postés 8069 Statut Contributeur 354
 
hello
personnellement j utilise tout ce qui suit
car ils ne jouent pas ds la m^me cour
ce qui peut para^tre bcp , mais , comme j'écrivais, tous n ont pas les m^mes fonctions

Ad-Aware (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/11643.html
Le patch en Français pour Ad-Aware (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html

Spybot (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/26157.html

a-squared
http://www.emsisoft.net/fr/software/download/

ewido (dowload)
http://www.ewido.net/fr/download/

spycatcher express free
http://www.tenebril.com/downloads/

regcleaner ( nettoyeur de registre)
http://www.01net.com/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/4894.html

- et cleanup40 (nettoyeur de cookies+temps+tempos+prefetch+historique+etc..)
http://pageperso.aol.fr/balltrap34/democleanup.htm
¤Télécharger CleanUp40 (qui élimine les fichiers temporaires) sur ce lien : http://pageperso.aol.fr/Balltrap34/CleanUp40.exe
0
Réponse 12 / 12
Riwalenn Messages postés 370 Statut Membre 101
 
ok merci pour la liste
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Problém affichage du tableau croisé dynamique
BK -
Raymond PENTIER -

2 réponses
Theme de rapport de stage option comptabilité
sana saydou -
Raymond PENTIER -

2 réponses