log HijackThis à analyser svp. Trojan WIN32:Agent-RE[Tjr].
Dernière réponse : dans Sécurité
j'ai chopé un trojan Trojan WIN32:Agent-RE[Tjr]. Quelqu'gun peut-il analyser le log qui suit et la manitère de ma débarasser de ce virus.
Merci pour tout.
Logfile of HijackThis v1.99.1
Scan saved at 19:22:19, on 19/08/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\download\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/SmartOffers/Services/resultsma...
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.wanadoo.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.7.1.0\HbtOEAddOn.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [igpabrloz] c:\windows\system32\igpabrloz.exe igpabrloz
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: reminder.lnk = ?
O4 - Startup: dcu.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Philips FunCam Monitor.lnk = C:\Program Files\Philips Photo Manager\FunCam\Philips FunCam Monitor.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by110fd.bay110.hotmail.msn.com/resources/MsnPUpl...
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/18b52aec813590eec205/netzip...
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) - http://installs.hotbar.com/installs/hbtools/programs/hb...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {C80B7FF6-CE60-4079-935E-520C045C30A6} - http://www.mailskinner.com/binaries/msaxsetup.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{74858BBA-2718-4D9B-80E0-0C01A2F287BD}: NameServer = 192.168.1.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
Merci pour tout.
Logfile of HijackThis v1.99.1
Scan saved at 19:22:19, on 19/08/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\download\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/SmartOffers/Services/resultsma...
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.wanadoo.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.7.1.0\HbtOEAddOn.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [igpabrloz] c:\windows\system32\igpabrloz.exe igpabrloz
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: reminder.lnk = ?
O4 - Startup: dcu.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Philips FunCam Monitor.lnk = C:\Program Files\Philips Photo Manager\FunCam\Philips FunCam Monitor.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by110fd.bay110.hotmail.msn.com/resources/MsnPUpl...
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/18b52aec813590eec205/netzip...
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) - http://installs.hotbar.com/installs/hbtools/programs/hb...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {C80B7FF6-CE60-4079-935E-520C045C30A6} - http://www.mailskinner.com/binaries/msaxsetup.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{74858BBA-2718-4D9B-80E0-0C01A2F287BD}: NameServer = 192.168.1.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
Autres pages sur : log hijackthis analyser svp trojan win32 agent tjr
Lassé par la pub ? Créez un compte
Comme ca c mieux ?
Logfile of HijackThis v1.99.1
Scan saved at 17:43:28, on 20/08/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HbTools\Bin\4.7.1.0\HbtOEAddOn.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\windows\system32\igpabrloz.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Philips Photo Manager\FunCam\Philips FunCam Monitor.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SYSTEM32\cmd.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\SYSTEM32\mmc.exe
C:\download\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/SmartOffers/Services/resultsma...
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.wanadoo.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.7.1.0\HbtOEAddOn.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [igpabrloz] c:\windows\system32\igpabrloz.exe igpabrloz
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Philips FunCam Monitor.lnk = C:\Program Files\Philips Photo Manager\FunCam\Philips FunCam Monitor.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) - http://installs.hotbar.com/installs/hbtools/programs/hb...
O16 - DPF: {C80B7FF6-CE60-4079-935E-520C045C30A6} - http://www.mailskinner.com/binaries/msaxsetup.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{74858BBA-2718-4D9B-80E0-0C01A2F287BD}: NameServer = 192.168.1.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
Logfile of HijackThis v1.99.1
Scan saved at 17:43:28, on 20/08/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HbTools\Bin\4.7.1.0\HbtOEAddOn.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\windows\system32\igpabrloz.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Philips Photo Manager\FunCam\Philips FunCam Monitor.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SYSTEM32\cmd.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\SYSTEM32\mmc.exe
C:\download\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/SmartOffers/Services/resultsma...
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.wanadoo.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.7.1.0\HbtOEAddOn.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [igpabrloz] c:\windows\system32\igpabrloz.exe igpabrloz
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Philips FunCam Monitor.lnk = C:\Program Files\Philips Photo Manager\FunCam\Philips FunCam Monitor.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) - http://installs.hotbar.com/installs/hbtools/programs/hb...
O16 - DPF: {C80B7FF6-CE60-4079-935E-520C045C30A6} - http://www.mailskinner.com/binaries/msaxsetup.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{74858BBA-2718-4D9B-80E0-0C01A2F287BD}: NameServer = 192.168.1.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
Fais ceci pour commencer.
1/ Télécharge
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.
Ewido
http://www.ewido.net/en/download/
Tu l'installes.
Lance Ewido et clique sur le bouton Update (barre d'outils - au haut).
Sous Manual Update clique Start update. Patiente jusqu'à l'affichage "Update successful".
2/ Lance Ewido.
Clique sur le bouton Scanner (de la barre d'outils)
Puis sur l'onglets Settings, pour How to Act. Clique sur Recommanded Actions. Sélectionne Quarantine.
Reviens a l'onglet Scan. Clique Complete system Scan
A la fin du scan, choisis l'option " Apply All Actions " en bas.
Clique sur "Save Report", puis "Save Report As". Ceci génère un rapport en fichier texte. Assure-toi de le sauvegarder dans un endroit facile à retrouver.
3/ Lance le nettoyage avec CCleaner.
4/ Redémarre normalement et poste le rapport d'Ewido avec un log HijackThis
1/ Télécharge
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.
Ewido
http://www.ewido.net/en/download/
Tu l'installes.
Lance Ewido et clique sur le bouton Update (barre d'outils - au haut).
Sous Manual Update clique Start update. Patiente jusqu'à l'affichage "Update successful".
2/ Lance Ewido.
Clique sur le bouton Scanner (de la barre d'outils)
Puis sur l'onglets Settings, pour How to Act. Clique sur Recommanded Actions. Sélectionne Quarantine.
Reviens a l'onglet Scan. Clique Complete system Scan
A la fin du scan, choisis l'option " Apply All Actions " en bas.
Clique sur "Save Report", puis "Save Report As". Ceci génère un rapport en fichier texte. Assure-toi de le sauvegarder dans un endroit facile à retrouver.
3/ Lance le nettoyage avec CCleaner.
4/ Redémarre normalement et poste le rapport d'Ewido avec un log HijackThis
voila avast ne me signale plus de trojan mais j'ai également un message qui persiste quand je boot, il reviens plusieurs fois " Point d'entrée setupapi CM_disable_devnode introuvable dans bib dynamique CFGMGR32.dll"
les logs...
Logfile of HijackThis v1.99.1
Scan saved at 20:28:55, on 20/08/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Philips Photo Manager\FunCam\Philips FunCam Monitor.exe
C:\download\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Windows NT\Accessoires\wordpad.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/SmartOffers/Services/resultsma...
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.wanadoo.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll (file missing)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.7.1.0\HbtOEAddOn.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Philips FunCam Monitor.lnk = C:\Program Files\Philips Photo Manager\FunCam\Philips FunCam Monitor.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll (file missing)
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) - http://installs.hotbar.com/installs/hbtools/programs/hb...
O16 - DPF: {C80B7FF6-CE60-4079-935E-520C045C30A6} - http://www.mailskinner.com/binaries/msaxsetup.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{74858BBA-2718-4D9B-80E0-0C01A2F287BD}: NameServer = 192.168.1.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
et l'autre
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 20:10:01 20/08/2006
+ Scan result:
C:\Documents and Settings\PC\Application Data\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\Config.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\db\Aliases.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\db\Sites.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\persist.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\report -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml.db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\report\aggr_storage.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\report\send_ShopperReports.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\report\send_ShopperReports.xml.db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\report\send_storage.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\res2 -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\res2\WhiteList.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\shprrprt.log -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\shprrprt_1144420240.log -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\HbTools\bin\4.7.1.0\HbtAds.dll -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\HbTools\bin\4.7.1.0\HbtSrv.exe -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\HbTools\bin\4.7.1.0\HbtWallpaper.dll -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\HbTools\bin\4.7.1.0\__delete_on_reboot__H_b_t_O_E_A_d_d_O_n_._e_x_e_ -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\ShopperReports\Bin -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\ShopperReports\Bin\1.0.8.0 -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\ShopperReports\Bin\1.0.8.0\ShprRprt.dll -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\ShopperReports\Bin\2.0.0 -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\ShopperReports\Uninst.exe -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\ShopperReports\cs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\ShopperReports\cs\persist.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{DD55FD05-5D84-48F8-8A8E-6381AC42F25E}\RP114\A0009814.exe -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\WeatherOnTray.EXE -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostIE.Bho -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostIE.Bho.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtTools.HbMain -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtTools.HbMain.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.HbAx -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.HbAx.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.HbAx\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.HbAx\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.IEButton -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.IEButton.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.IEButton\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.IEButton\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HbTools -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HbTools\Install -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HbTools\MachineInfo -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HbTools\Mail -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HbTools\PI -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HbTools\PI\3.2 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HbTools\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HbTools\Upgrade -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HostOI -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HostOI\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HostOL -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HostOL\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\Hotbar -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\Hotbar\Install -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\Install -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\Install\CmpMap -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\Install\Icons -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\Install\Links -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\ShopperReports\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\ShopperReports\ShopperReports\PostInstaller -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Common -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Common\Time -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Common\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\EUI -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\HtmlPPP -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\ImagesHistory -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Install -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\PI -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\PI\3.2 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg800 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg801 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg802 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg803 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg807 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg808 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg810 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg811 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg812 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg818 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg819 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg824 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg825 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg826 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg827 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg828 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg829 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg830 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg842 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg843 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg844 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg845 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg847 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg848 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg849 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg856 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg857 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sgsbt -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\UserInfo -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Weather -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\dynamic -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\dynamicFail -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\init -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\links -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\mail -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\options -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HostOI -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HostOI\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HostOI\setting -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Time -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Time\HostIE -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Time\HostIE\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Time\HostOE -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Time\HostOE\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Time\HostOI -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Time\HostOI\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Time\HostOL -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Time\HostOL\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\hostol -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\hostol\Mail -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\hostol\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\hostol\soho -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\hotbar -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\hotbar\MultiUrl -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\ShopperReports\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\ShopperReports\ShopperReports\PostInstaller -> Adware.HotBar : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{DD55FD05-5D84-48F8-8A8E-6381AC42F25E}\RP114\A0009815.exe -> Adware.NaviPromo : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Local Settings\Temp\ICD2.tmp\UWAS6_0001_N57M1312NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.b : Ignored.
C:\WINDOWS\Downloaded Program Files\UWAS6_0001_N57M1312NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.b : Ignored.
C:\Documents and Settings\PC\Cookies\pc@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@2o7[3].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@redcats.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@redcats.122.2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@ads.addynamix[3].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@servedby.advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@bfast[2].txt -> TrackingCookie.Bfast : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@bluestreak[3].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@b.casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@casalemedia[3].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@casinotropez[1].txt -> TrackingCookie.Casinotropez : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@casinotropez[2].txt -> TrackingCookie.Casinotropez : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@www.casinotropez[1].txt -> TrackingCookie.Casinotropez : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@www.casinotropez[3].txt -> TrackingCookie.Casinotropez : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@banner.clubdicecasino[2].txt -> TrackingCookie.Clubdicecasino : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@adopt.euroclick[3].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@as-us.falkag[3].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@as1.falkag[3].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@sel.as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@sel.as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@sel.as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@fastclick[3].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@ehg-warnerbrothers.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@ehg-yvesrocher.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@hitbox[3].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@revenue[2].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@tradedoubler[3].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@valueclick[2].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@weborama[3].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\System Volume Information\_restore{DD55FD05-5D84-48F8-8A8E-6381AC42F25E}\RP113\A0009729.exe -> Trojan.Mailskinner.A : Cleaned with backup (quarantined).
::Report end
les logs...
Logfile of HijackThis v1.99.1
Scan saved at 20:28:55, on 20/08/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Philips Photo Manager\FunCam\Philips FunCam Monitor.exe
C:\download\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Windows NT\Accessoires\wordpad.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/SmartOffers/Services/resultsma...
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.wanadoo.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll (file missing)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.7.1.0\HbtOEAddOn.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Philips FunCam Monitor.lnk = C:\Program Files\Philips Photo Manager\FunCam\Philips FunCam Monitor.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll (file missing)
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) - http://installs.hotbar.com/installs/hbtools/programs/hb...
O16 - DPF: {C80B7FF6-CE60-4079-935E-520C045C30A6} - http://www.mailskinner.com/binaries/msaxsetup.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{74858BBA-2718-4D9B-80E0-0C01A2F287BD}: NameServer = 192.168.1.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
et l'autre
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 20:10:01 20/08/2006
+ Scan result:
C:\Documents and Settings\PC\Application Data\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\Config.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\db\Aliases.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\db\Sites.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\persist.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\report -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml.db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\report\aggr_storage.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\report\send_ShopperReports.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\report\send_ShopperReports.xml.db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\report\send_storage.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\res2 -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\cs\res2\WhiteList.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\shprrprt.log -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Application Data\ShopperReports\shprrprt_1144420240.log -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\HbTools\bin\4.7.1.0\HbtAds.dll -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\HbTools\bin\4.7.1.0\HbtSrv.exe -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\HbTools\bin\4.7.1.0\HbtWallpaper.dll -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\HbTools\bin\4.7.1.0\__delete_on_reboot__H_b_t_O_E_A_d_d_O_n_._e_x_e_ -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\ShopperReports\Bin -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\ShopperReports\Bin\1.0.8.0 -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\ShopperReports\Bin\1.0.8.0\ShprRprt.dll -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\ShopperReports\Bin\2.0.0 -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\ShopperReports\Uninst.exe -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\ShopperReports\cs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\ShopperReports\cs\persist.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{DD55FD05-5D84-48F8-8A8E-6381AC42F25E}\RP114\A0009814.exe -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\WeatherOnTray.EXE -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostIE.Bho -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostIE.Bho.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtTools.HbMain -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtTools.HbMain.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.HbAx -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.HbAx.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.HbAx\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.HbAx\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.IEButton -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.IEButton.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.IEButton\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.IEButton\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HbTools -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HbTools\Install -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HbTools\MachineInfo -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HbTools\Mail -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HbTools\PI -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HbTools\PI\3.2 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HbTools\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HbTools\Upgrade -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HostOI -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HostOI\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HostOL -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HostOL\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\Hotbar -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\Hotbar\Install -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\Install -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\Install\CmpMap -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\Install\Icons -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\Install\Links -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\ShopperReports\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\ShopperReports\ShopperReports\PostInstaller -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Common -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Common\Time -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Common\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\EUI -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\HtmlPPP -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\ImagesHistory -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Install -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\PI -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\PI\3.2 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg800 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg801 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg802 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg803 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg807 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg808 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg810 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg811 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg812 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg818 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg819 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg824 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg825 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg826 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg827 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg828 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg829 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg830 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg842 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg843 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg844 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg845 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg847 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg848 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg849 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg856 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sg857 -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Sample\Hist\sgsbt -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\UserInfo -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\Weather -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\dynamic -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\dynamicFail -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\init -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\links -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\mail -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\options -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HbTools\updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HostOI -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HostOI\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\HostOI\setting -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Time -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Time\HostIE -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Time\HostIE\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Time\HostOE -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Time\HostOE\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Time\HostOI -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Time\HostOI\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Time\HostOL -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\Time\HostOL\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\hostol -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\hostol\Mail -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\hostol\Updates -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\hostol\soho -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\hotbar -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\HbTools\hotbar\MultiUrl -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\ShopperReports\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1645522239-436374069-725345543-1003\Software\ShopperReports\ShopperReports\PostInstaller -> Adware.HotBar : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{DD55FD05-5D84-48F8-8A8E-6381AC42F25E}\RP114\A0009815.exe -> Adware.NaviPromo : Cleaned with backup (quarantined).
C:\Documents and Settings\PC\Local Settings\Temp\ICD2.tmp\UWAS6_0001_N57M1312NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.b : Ignored.
C:\WINDOWS\Downloaded Program Files\UWAS6_0001_N57M1312NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.b : Ignored.
C:\Documents and Settings\PC\Cookies\pc@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@2o7[3].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@redcats.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@redcats.122.2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@ads.addynamix[3].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@servedby.advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@bfast[2].txt -> TrackingCookie.Bfast : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@bluestreak[3].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@b.casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@casalemedia[3].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@casinotropez[1].txt -> TrackingCookie.Casinotropez : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@casinotropez[2].txt -> TrackingCookie.Casinotropez : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@www.casinotropez[1].txt -> TrackingCookie.Casinotropez : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@www.casinotropez[3].txt -> TrackingCookie.Casinotropez : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@banner.clubdicecasino[2].txt -> TrackingCookie.Clubdicecasino : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@adopt.euroclick[3].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@as-us.falkag[3].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@as1.falkag[3].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@sel.as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@sel.as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@sel.as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@fastclick[3].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@ehg-warnerbrothers.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@ehg-yvesrocher.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@hitbox[3].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@revenue[2].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@tradedoubler[3].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@valueclick[2].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@weborama[3].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\PC\Cookies\pc@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\System Volume Information\_restore{DD55FD05-5D84-48F8-8A8E-6381AC42F25E}\RP113\A0009729.exe -> Trojan.Mailskinner.A : Cleaned with backup (quarantined).
::Report end
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumVirus trojan win32 tratbho supprimer svp
- ForumLog a analyser svp virus win32
- ForumSvp une analyse log hijackthis suite trojan
- ForumTrojan downloader win32 renos.jw help svp
- ForumSupprimer trojan win32 agent hge
- ForumInfection par trojan win32 agent awg
- ForumTrojan win32 agent fbx
- ForumTrojan win32 agent ik
- ForumTrojan win32
- ForumInfection trojan win32 agent-isi
- Voir plus
