| ||||||||
Petit astucien | bonjour à toutes et à tous !
je suis intervenu sur la machine d'un ami et ai édité le rapport Hijack ci joint;
quelqu'un de competent pourrait il me donner un avis là dessus ?
(je precise que je n'ai pas encore pu executer la procedure de prenettoyage...ce que je ferai dès que j'aurai de nouveau acces a la machine)
merci d'avance
Logfile of HijackThis v1.99.1
Scan saved at 18:28:36, on 05/02/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\gearsec.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\System32\txxmml.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jucheck.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Program Files\Altnet\Points Manager\Points Manager.exe
C:\Program Files\EbatesMoeMoneyMaker4\EbatesMoeMoneyMaker.exe
C:\program files\180search assistant\180sa.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Altnet\DOWNLO~1\asm.exe
C:\Program Files\EbatesMoeMoneyMaker4\e10350.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q304&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q304&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.noos.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.noos.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par Noos
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll (file missing)
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SABHO - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - c:\program files\180search assistant\180sahook.dll
O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\Program Files\ShopperReports\Bin\1.0.0.1\SmrtShpr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - c:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [AltnetPointsManager] C:\Program Files\Altnet\Points Manager\Points Manager.exe -s
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\Hotbar\bin\4.5.3.0\WeatherOnTray.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [satmat] C:\WINDOWS\satmat.exe
O4 - HKLM\..\Run: [JVM0.12] C:\WINDOWS\System32\peznzcwp.exe
O4 - HKLM\..\Run: [JVM0.14] C:\WINDOWS\System32\difjs.exe
O4 - HKLM\..\Run: [EbatesMoeMoneyMaker] "C:\Program Files\EbatesMoeMoneyMaker4\EbatesMoeMoneyMaker.exe"
O4 - HKLM\..\Run: [180sa] c:\program files\180search assistant\180sa.exe
O4 - HKLM\..\Run: [vmpyz] C:\WINDOWS\vmpyz.exe
O4 - HKLM\..\Run: [rzlpeyl] C:\WINDOWS\System32\txxmml.exe r
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Ebates. - file://C:\Program Files\EbatesMoeMoneyMaker4\ebatessmmm\ebatestmmm\ebmmC0.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll (file missing)
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.0.0.1\SmrtShpr.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-4a96-8D08-02B42891C169} - C:\Program Files\ShopperReports\Bin\1.0.0.1\SmrtShpr.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Ebates - {F2B441CC-E026-47fb-BDC3-A07750FA3D2C} - file://C:\Program Files\EbatesMoeMoneyMaker4\ebatessmmm\ebatestmmm\ebmmC0.htm (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.noos.fr
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_adult.cab
O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://locator1.cdn.imagesrvr.com/sites/winfixer.com/www/pages/scanner_fr/WinFixer2005ScannerInstallFRA.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
| |||||||
Publicité | ||||||||
Grande Maîtresse astucienne ![]() | Bonsoir,
effectivement, il y a infection. Il te faut faire les manips de pré nettoyage, ce qui facilitera les choses.
Pense à mettre le rapport d'ewido, et ensuite un nouveau rapport HijackThis | |||||||
Astucien ![]() | [hello]Bonsoir philae ;
Elle est ou la/les ligne(s) d'infection(s), je trouve pas [desapprouve][question] | |||||||
Grande Maîtresse astucienne ![]() | [hello] valko,
je ne vais pas faire l'analyse maintenant, mais déjà il y a 180 solutions,MyBar, virer les lignes no file,P2PNetworking, et j'en passe encore. | |||||||
Astucien ![]() | [merci] madame la prof [happy][happy][happy] | |||||||
Petit astucien | philae a écrit :
bonsoir philae,
je n'aurai acces a la machine que demain soir ; je procederai au prenettoyage et reveindrai poster tous les resultats ici!
merci d'avanceBonsoir, effectivement, il y a infection. Il te faut faire les manips de pré nettoyage, ce qui facilitera les choses. Pense à mettre le rapport d'ewido, et ensuite un nouveau rapport HijackThis | |||||||
Grande Maîtresse astucienne ![]() |
ok hugtango, bonne nuit à demain | |||||||
Petit astucien | bonsoir a toutes et à tous !
me revoila !(pardon j'ai mis un peu de temps a retourner sur la machine à passer sous SP2)
apres avoir effectué le prénettoyage, je ne post ici qu'un bout du rapport ewido (qui me semble bizarre et lourd -172ko: est ce normal?) puis le rapport hijackthis.
merci de vos conseils !
#2573;#3328;#3328;
+ Créé le: 22:24:36, 06/02/2006
#2573;#8192;#11008;#8192;#21248;#28416;#27904;#27904;#25856;#8192;#25600;#25856;#8192;#25344;#28416;#28160;#29696;#29184;#62464;#27648;#25856;#14848;#2304;#16640;#16640;#12288;#17664;#13568;#12288;#17408;#3328;#3328;
#2573;#8192;#11008;#8192;#20992;#59648;#29440;#29952;#27648;#29696;#24832;#29696;#29440;#8192;#25600;#29952;#8192;#29440;#25344;#24832;#28160;#14848;#3328;#3328;
#2573;#2304;#18432;#19200;#19456;#19712;#23552;#21248;#20224;#17920;#21504;#22272;#16640;#20992;#17664;#23552;#17152;#27648;#24832;#29440;#29440;#25856;#29440;#23552;#17152;#19456;#21248;#18688;#17408;#23552;#31488;#12544;#17408;#13824;#14080;#12544;#12544;#17152;#14336;#11520;#14080;#12544;#13568;#13312;#11520;#13312;#12288;#16896;#16896;#11520;#14336;#13056;#14336;#12288;#11520;#13056;#17408;#17664;#16640;#13312;#13568;#16896;#13824;#14592;#17152;#16896;#17920;#32000;#8192;#11520;#15872;#8192;#17408;#28416;#30464;#28160;#27648;#28416;#24832;#25600;#25856;#29184;#11776;#22272;#25856;#25088;#20480;#12800;#20480;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
HKLM\SOFTWARE\Classes\CLSID\{3646C2BD-3554-49CA-8125-44DEEFB881DE} -> Spyware.Altnet : Nettoyer sans sauvegarder
#2573;#2304;#18432;#19200;#19456;#19712;#23552;#21248;#20224;#17920;#21504;#22272;#16640;#20992;#17664;#23552;#17152;#27648;#24832;#29440;#29440;#25856;#29440;#23552;#17152;#19456;#21248;#18688;#17408;#23552;#31488;#17152;#14592;#12544;#17664;#14336;#14592;#12800;#13824;#11520;#17408;#13312;#16896;#17664;#11520;#13312;#13824;#14336;#13568;#11520;#14592;#14592;#17920;#13312;#11520;#12288;#17408;#14592;#14592;#13824;#16896;#14592;#13824;#16896;#16640;#17152;#12288;#32000;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#20480;#12800;#20480;#19968;#25856;#29696;#30464;#28416;#29184;#27392;#26880;#28160;#26368;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
HKLM\SOFTWARE\Classes\Interface\{16097036-894C-4C00-A61F-93CA0D49A70E} -> Spyware.TOPicks : Nettoyer sans sauvegarder
#2573;#2304;#18432;#19200;#19456;#19712;#23552;#21248;#20224;#17920;#21504;#22272;#16640;#20992;#17664;#23552;#17152;#27648;#24832;#29440;#29440;#25856;#29440;#23552;#18688;#28160;#29696;#25856;#29184;#26112;#24832;#25344;#25856;#23552;#31488;#12800;#17664;#17408;#13568;#16640;#17920;#14592;#14336;#11520;#14592;#12800;#13568;#14336;#11520;#13312;#13568;#16896;#16640;#11520;#16896;#14080;#14592;#16896;#11520;#12288;#13824;#13824;#12800;#13568;#17152;#14592;#12800;#17920;#13824;#13824;#12800;#32000;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#21504;#20224;#20480;#26880;#25344;#27392;#29440;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
HKLM\SOFTWARE\Classes\Interface\{700DC0DD-F409-42E0-9DE5-21EE1A2BA9FD} -> Spyware.TOPicks : Nettoyer sans sauvegarder
#2573;#2304;#18432;#19200;#19456;#19712;#23552;#21248;#20224;#17920;#21504;#22272;#16640;#20992;#17664;#23552;#17152;#27648;#24832;#29440;#29440;#25856;#29440;#23552;#18688;#28160;#29696;#25856;#29184;#26112;#24832;#25344;#25856;#23552;#31488;#17152;#14592;#12544;#17664;#14336;#14592;#12800;#13824;#11520;#17408;#13312;#16896;#17664;#11520;#13312;#13824;#14336;#13568;#11520;#14592;#14592;#17920;#13312;#11520;#12288;#17408;#14592;#14592;#13824;#16896;#14592;#13824;#16896;#16640;#17152;#12288;#32000;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#20480;#12800;#20480;#19968;#25856;#29696;#30464;#28416;#29184;#27392;#26880;#28160;#26368;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
HKLM\SOFTWARE\Classes\Interface\{D273D427-57C6-4B12-860F-BBB8195F6E2A} -> Spyware.TOPicks : Nettoyer sans sauvegarder
#2573;#2304;#18432;#19200;#19456;#19712;#23552;#21248;#20224;#17920;#21504;#22272;#16640;#20992;#17664;#23552;#17152;#27648;#24832;#29440;#29440;#25856;#29440;#23552;#18688;#28160;#29696;#25856;#29184;#26112;#24832;#25344;#25856;#23552;#31488;#17408;#16640;#13824;#12288;#13056;#13312;#12544;#12544;#11520;#12288;#13568;#14592;#13056;#11520;#12544;#12544;#17408;#13568;#11520;#16640;#13312;#13824;#16896;#11520;#12544;#12288;#12544;#12288;#12544;#17408;#17408;#17408;#12544;#12544;#12544;#12544;#32000;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
HKLM\SOFTWARE\Classes\Interface\{FD42F6D3-7AB1-470C-979B-7996EDC99099} -> Spyware.TOPicks : Nettoyer sans sauvegarder
#2573;#2304;#18432;#19200;#19456;#19712;#23552;#21248;#20224;#17920;#21504;#22272;#16640;#20992;#17664;#23552;#17152;#27648;#24832;#29440;#29440;#25856;#29440;#23552;#21504;#30976;#28672;#25856;#19456;#26880;#25088;#23552;#31488;#17920;#14080;#12800;#12288;#16896;#13312;#12288;#17920;#11520;#13056;#16640;#13056;#14336;#11520;#13312;#16896;#12800;#12800;#11520;#16896;#13056;#12288;#17408;#11520;#17408;#17152;#17920;#12288;#14592;#13568;#17408;#13312;#12800;#13312;#14592;#14336;#32000;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#20480;#12800;#20480;#19968;#25856;#29696;#30464;#28416;#29184;#27392;#26880;#28160;#26368;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer -> Spyware.P2PNetworking : Nettoyer sans sauvegarder
#2573;#2304;#18432;#19200;#19456;#19712;#23552;#21248;#20224;#17920;#21504;#22272;#16640;#20992;#17664;#23552;#17152;#27648;#24832;#29440;#29440;#25856;#29440;#23552;#22272;#25856;#25088;#20480;#12800;#20480;#18688;#28160;#29440;#29696;#24832;#27648;#27648;#25856;#29184;#11776;#18688;#28160;#29440;#29696;#24832;#27648;#27648;#25856;#29184;#23552;#17152;#19456;#21248;#18688;#17408;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#20480;#12800;#20480;#19968;#25856;#29696;#30464;#28416;#29184;#27392;#26880;#28160;#26368;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer\CurVer -> Spyware.P2PNetworking : Nettoyer sans sauvegarder
#2573;#2304;#18432;#19200;#19456;#19712;#23552;#21248;#20224;#17920;#21504;#22272;#16640;#20992;#17664;#23552;#17152;#27648;#24832;#29440;#29440;#25856;#29440;#23552;#22272;#25856;#25088;#20480;#12800;#20480;#18688;#28160;#29440;#29696;#24832;#27648;#27648;#25856;#29184;#11776;#18688;#28160;#29440;#29696;#24832;#27648;#27648;#25856;#29184;#11776;#12544;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#20480;#12800;#20480;#19968;#25856;#29696;#30464;#28416;#29184;#27392;#26880;#28160;#26368;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D6711C8-7154-40BB-8380-3DEA45B69CBF} -> Downloader.WebP2P : Nettoyer sans sauvegarder
#2573;#2304;#18432;#19200;#19456;#19712;#23552;#21248;#20224;#17920;#21504;#22272;#16640;#20992;#17664;#23552;#19712;#26880;#25344;#29184;#28416;#29440;#28416;#26112;#29696;#23552;#18688;#28160;#29696;#25856;#29184;#28160;#25856;#29696;#8192;#17664;#30720;#28672;#27648;#28416;#29184;#25856;#29184;#23552;#19712;#24832;#26880;#28160;#23552;#26880;#28160;#29440;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#22272;#25856;#25088;#20992;#25856;#25088;#24832;#29696;#25856;#29440;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hotbara -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#18432;#19200;#19456;#19712;#23552;#21248;#20224;#17920;#21504;#22272;#16640;#20992;#17664;#23552;#19712;#26880;#25344;#29184;#28416;#29440;#28416;#26112;#29696;#23552;#22272;#26880;#28160;#25600;#28416;#30464;#29440;#23552;#17152;#29952;#29184;#29184;#25856;#28160;#29696;#22016;#25856;#29184;#29440;#26880;#28416;#28160;#23552;#21760;#28160;#26880;#28160;#29440;#29696;#24832;#27648;#27648;#23552;#18432;#28416;#29696;#25088;#24832;#29184;#25088;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
[1532] C:\WINDOWS\system32\DrPMon.dll -> Adware.BetterInternet : Nettoyer sans sauvegarder
#2573;#2304;#23296;#14592;#13056;#13824;#23808;#8192;#17152;#14848;#23552;#22272;#18688;#19968;#17408;#20224;#22272;#21248;#23552;#21248;#30976;#29440;#29696;#25856;#27904;#13056;#12800;#23552;#28416;#27136;#30720;#29184;#30208;#30208;#26624;#11776;#25856;#30720;#25856;#8192;#11520;#15872;#8192;#21504;#29184;#28416;#27136;#24832;#28160;#11776;#16640;#26368;#25856;#28160;#29696;#11776;#25344;#28672;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
[2448] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe -> Spyware.P2PNetworking : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#25344;#29440;#23552;#17152;#28416;#28160;#26112;#26880;#26368;#11776;#30720;#27904;#27648;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\db -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#25344;#29440;#23552;#25600;#25088;#23552;#16640;#27648;#26880;#24832;#29440;#25856;#29440;#11776;#25600;#25088;#29440;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\db\Sites.dbs -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#25344;#29440;#23552;#25600;#30464;#27648;#25600;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#25344;#29440;#23552;#28672;#25856;#29184;#29440;#26880;#29440;#29696;#11776;#25600;#25088;#29440;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\report -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#25344;#29440;#23552;#29184;#25856;#28672;#28416;#29184;#29696;#23552;#24832;#26368;#11776;#30720;#27904;#27648;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\report\ag.xml.db -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#25344;#29440;#23552;#29184;#25856;#28672;#28416;#29184;#29696;#23552;#18432;#25856;#24832;#25600;#25856;#29184;#11776;#30720;#27904;#27648;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\report\send.xml -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#25344;#29440;#23552;#29184;#25856;#28672;#28416;#29184;#29696;#23552;#29440;#25856;#28160;#25600;#11776;#30720;#27904;#27648;#11776;#25600;#25088;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\res1 -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#25344;#29440;#23552;#29184;#25856;#29440;#12544;#23552;#22272;#26624;#26880;#29696;#25856;#19456;#26880;#29440;#29696;#11776;#25600;#25088;#29440;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\shprrprt.log -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#29440;#26624;#28672;#29184;#29184;#28672;#29184;#29696;#24320;#12544;#12544;#12288;#13568;#12800;#14336;#13568;#14080;#14592;#13312;#11776;#27648;#28416;#26368;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\shprrprt_1105286994.log -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#29440;#26624;#28672;#29184;#29184;#28672;#29184;#29696;#24320;#12544;#12544;#12288;#13568;#12800;#14336;#14336;#12544;#14592;#13312;#11776;#27648;#28416;#26368;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\shprrprt_1105288441.log -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#29440;#26624;#28672;#29184;#29184;#28672;#29184;#29696;#24320;#12544;#12544;#12288;#13568;#12800;#14336;#14592;#13568;#14336;#13056;#11776;#27648;#28416;#26368;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\shprrprt_1105290251.log -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#29440;#26624;#28672;#29184;#29184;#28672;#29184;#29696;#24320;#12544;#12544;#12288;#13568;#12800;#14592;#12288;#13312;#14080;#14592;#11776;#27648;#28416;#26368;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\shprrprt_1105384606.log -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#29440;#26624;#28672;#29184;#29184;#28672;#29184;#29696;#24320;#12544;#12544;#12288;#13568;#13056;#14336;#13568;#13568;#14080;#12800;#11776;#27648;#28416;#26368;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\shprrprt_1105386707.log -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#29440;#26624;#28672;#29184;#29184;#28672;#29184;#29696;#24320;#12544;#12544;#12288;#13568;#13056;#14336;#14080;#14592;#12288;#14080;#11776;#27648;#28416;#26368;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\shprrprt_1105388570.log -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#29440;#26624;#28672;#29184;#29184;#28672;#29184;#29696;#24320;#12544;#12544;#12288;#13568;#13056;#14592;#12288;#14592;#13568;#12288;#11776;#27648;#28416;#26368;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\shprrprt_1105393057.log -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#29440;#26624;#28672;#29184;#29184;#28672;#29184;#29696;#24320;#12544;#12544;#12288;#13568;#13056;#14592;#13312;#14080;#14336;#12288;#11776;#27648;#28416;#26368;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\shprrprt_1105394997.log -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#29440;#26624;#28672;#29184;#29184;#28672;#29184;#29696;#24320;#12544;#12544;#12288;#13568;#13056;#14592;#13568;#14592;#13824;#13824;#11776;#27648;#28416;#26368;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\shprrprt_1105396276.log -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#29440;#26624;#28672;#29184;#29184;#28672;#29184;#29696;#24320;#12544;#12544;#12288;#13568;#13056;#14592;#13824;#13056;#14592;#14592;#11776;#27648;#28416;#26368;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\shprrprt_1105396538.log -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#29440;#26624;#28672;#29184;#29184;#28672;#29184;#29696;#24320;#12544;#12544;#12288;#13568;#13056;#14592;#13824;#13824;#12544;#13568;#11776;#27648;#28416;#26368;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\shprrprt_1105396859.log -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#29440;#26624;#28672;#29184;#29184;#28672;#29184;#29696;#24320;#12544;#12544;#12288;#13568;#13056;#14592;#13824;#14592;#12800;#12288;#11776;#27648;#28416;#26368;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\shprrprt_1105396982.log -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;#26368;#29440;#23552;#18688;#28160;#30208;#26880;#29696;#59648;#23552;#16640;#28672;#28672;#27648;#26880;#25344;#24832;#29696;#26880;#28416;#28160;#8192;#17408;#24832;#29696;#24832;#23552;#21248;#26624;#28416;#28672;#28672;#25856;#29184;#20992;#25856;#28672;#28416;#29184;#29696;#29440;#23552;#29440;#26624;#28672;#29184;#29184;#28672;#29184;#29696;#24320;#12544;#12544;#12288;#13568;#13056;#14592;#14080;#13056;#13312;#14592;#11776;#27648;#28416;#26368;#8192;#11520;#15872;#8192;#21248;#28672;#30976;#30464;#24832;#29184;#25856;#11776;#18432;#28416;#29696;#16896;#24832;#29184;#8192;#14848;#8192;#19968;#25856;#29696;#29696;#28416;#30976;#25856;#29184;#8192;#29440;#24832;#28160;#29440;#8192;#29440;#24832;#29952;#30208;#25856;#26368;#24832;#29184;#25600;#25856;#29184;#3328;#3328;
C:\Documents and Settings\Invité\Application Data\ShopperReports\shprrprt_1105397661.log -> Spyware.HotBar : Nettoyer sans sauvegarder
#2573;#2304;#17152;#14848;#23552;#17408;#28416;#25344;#29952;#27904;#25856;#28160;#29696;#29440;#8192;#24832;#28160;#25600;#8192;#21248;#25856;#29696;#29696;#26880;#28160;
RAPPORT HIJACK
Logfile of HijackThis v1.99.1
Scan saved at 22:27:30, on 06/02/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\gearsec.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\EbatesMoeMoneyMaker4\EbatesMoeMoneyMaker.exe
C:\Program Files\EbatesMoeMoneyMaker4\e10350.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\athxod.exe
C:\Program Files\Norton AntiVirus\OPScan.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q304&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q304&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.noos.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.noos.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par Noos
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - c:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck /autofix /autoclose
O4 - HKLM\..\Run: [EbatesMoeMoneyMaker] "C:\Program Files\EbatesMoeMoneyMaker4\EbatesMoeMoneyMaker.exe"
O4 - HKLM\..\Run: [tcogmvr] C:\WINDOWS\System32\athxod.exe r
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Ebates. - file://C:\Program Files\EbatesMoeMoneyMaker4\ebatessmmm\ebatestmmm\ebmmC0.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Ebates - {F2B441CC-E026-47fb-BDC3-A07750FA3D2C} - file://C:\Program Files\EbatesMoeMoneyMaker4\ebatessmmm\ebatestmmm\ebmmC0.htm (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.noos.fr
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139164662921
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
| |||||||
Grande Maîtresse astucienne ![]() | bonsoir,
effectivement bizarre ton scan ewido !
tu es infecté par NAIL
* Télécharge le fichier http://www.spywareedge.net/nf/nailfix.exe
et installe le sans le lancer
* Redémarre XP en ligne de commande mode sans Echec
* exécute le fichier nailfix.cmd se trouvant dans le repertoire d'installation
* lance le scan avec Ewido
poste les différents rapports ewido et nouveau rapport HijackThis
| |||||||
Publicité | ||||||||
Petit astucien | merci philae!
je realise ces operations et reposterai aussitot apres!
bonne soirée | |||||||
|
Les bons plans du moment PC Astuces | Tous les Bons Plans | |||||||||||||||
|