Kalidas
-
Compteur de contenus
43 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par Kalidas
-
[résolu]rapport hijackthis
Kalidas a répondu à un(e) sujet de Kalidas dans Analyses et éradication malwares
Merci pour l'encouragement Voilà le log HJT : Logfile of HijackThis v1.99.1 Scan saved at 00:30:04, on 08/11/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ewido\security suite\ewidoctrl.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Creative\SBExtigy\RemoteCenter\Rc\Rcman.exe C:\Palm\HOTSYNC.EXE C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe C:\Program Files\HijackThis\HijackThis.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\SBExtigy\RemoteCenter\Rc\Rcman.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe -
[résolu]rapport hijackthis
Kalidas a répondu à un(e) sujet de Kalidas dans Analyses et éradication malwares
-
[résolu]rapport hijackthis
Kalidas a répondu à un(e) sujet de Kalidas dans Analyses et éradication malwares
Oui Charles, on touche au but ?c'est que j'ai dû faire plusieurs centaines de clicks pendant 45 mn et j'ai l'avant-bras droit aussi gros que ma cuisse (évidemment j'ai choisi l'option "aucune intervention" sur chaque notification, bien que tout m'ait paru suspect), j'en ai loupé trois je crois mais, sorry, j'avais basculé dans un no man's land visuel dont je reviens à peine... voilà le rapport Ewido, désolé hyper long, et le log HJT est à la suite : ewido security suite - Rapport de scan --------------------------------------------------------- + Créé le: 22:23:09, 07/11/2005 + Somme de contrôle: BB7AD8CD + Résultats du scan: HKLM\SOFTWARE\Classes\ADM25.ADM25 -> Spyware.Altnet : Ignoré HKLM\SOFTWARE\Classes\ADM25.ADM25\CurVer -> Spyware.Altnet : Ignoré HKLM\SOFTWARE\Classes\ADM25.ADM25.1 -> Spyware.Altnet : Ignoré HKLM\SOFTWARE\Classes\ADM25.ADM25.1\CLSID\\ -> Spyware.Altnet : Ignoré HKLM\SOFTWARE\Classes\ADM4.ADM4 -> Spyware.Altnet : Ignoré HKLM\SOFTWARE\Classes\ADM4.ADM4\CurVer -> Spyware.Altnet : Ignoré HKLM\SOFTWARE\Classes\ADM4.ADM4.1 -> Spyware.Altnet : Ignoré HKLM\SOFTWARE\Classes\ADM4.ADM4.1\CLSID\\ -> Spyware.Altnet : Ignoré HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Spyware.Altnet : Ignoré HKLM\SOFTWARE\Classes\AppID\adm.EXE\\AppID -> Spyware.Altnet : Ignoré HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Spyware.Altnet : Ignoré HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE\\AppID -> Spyware.Altnet : Ignoré HKLM\SOFTWARE\Classes\BTGrabDll.BTGrabDllObj -> Spyware.BetterInternet : Ignoré HKLM\SOFTWARE\Classes\BTGrabDll.BTGrabDllObj\CLSID -> Spyware.BetterInternet : Ignoré HKLM\SOFTWARE\Classes\BTGrabDll.BTGrabDllObj\CLSID\\ -> Spyware.Transponder : Ignoré HKLM\SOFTWARE\Classes\BTGrabDll.BTGrabDllObj\CurVer -> Spyware.BetterInternet : Ignoré HKLM\SOFTWARE\Classes\BTGrabDll.BTGrabDllObj.1 -> Spyware.BetterInternet : Ignoré HKLM\SOFTWARE\Classes\BTGrabDll.BTGrabDllObj.1\CLSID\\ -> Spyware.Transponder : Ignoré HKLM\SOFTWARE\Classes\CLSID\{39DA2444-065F-47CB-B27C-CCB1A39C06B7} -> Spyware.PurityScan : Ignoré HKLM\SOFTWARE\Classes\CLSID\{4D1C4E89-A32A-416b-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Classes\CLSID\{4D1C4E8B-A32A-416b-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Classes\CLSID\{5B4AB8E2-6DC5-477A-B637-BF3C1A2E5993} -> Spyware.iSearch : Ignoré HKLM\SOFTWARE\Classes\CLSID\{630D6140-04C5-4db0-B27A-020D766FF09B} -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Classes\CLSID\{676575DD-4D46-911D-8037-9B10D6EE8BB5} -> Spyware.CoolWebSearch : Ignoré HKLM\SOFTWARE\Classes\CLSID\{F78B32D6-D6D8-4137-A18F-91EBE1A4AEDB}\TreatAs\\ -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Classes\Interface\{4D1C4E8A-A32A-416B-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Classes\Interface\{4D1C4E8C-A32A-416B-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Classes\Interface\{59EBB576-CEB0-42FA-9917-DA6254A275AD} -> Spyware.VX2 : Ignoré HKLM\SOFTWARE\Classes\Interface\{59EBB576-CEB0-42FA-9917-DA6254A275AD}\TypeLib\\ -> Spyware.VX2 : Ignoré HKLM\SOFTWARE\Classes\MEDIATICKETSINSTALLER.MediaTicketsInstallerCtrl.1 -> Spyware.PurityScan : Ignoré HKLM\SOFTWARE\Classes\MEDIATICKETSINSTALLER.MediaTicketsInstallerCtrl.1\CLSID\\ -> Spyware.PurityScan : Ignoré HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin\CLSID -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin\CLSID\\ -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin\CurVer -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin.1 -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin.1\CLSID\\ -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin\CLSID -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin\CLSID\\ -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin\CurVer -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin.1 -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin.1\CLSID\\ -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Classes\TypeLib\{8E0D8965-B97B-468D-8306-A05929E439C1} -> Spyware.VX2 : Ignoré HKLM\SOFTWARE\IntexusDial -> Dialer.Generic : Ignoré HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\\{5B4AB8E2-6DC5-477A-B637-BF3C1A2E5993} -> Spyware.iSearch : Ignoré HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Need2FindBar Uninstall -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Need2Find -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Need2Find\bar -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Need2Find\bar\Partner -> Spyware.Need2Find : Ignoré HKLM\SOFTWARE\Video1\Dialers -> Dialer.Generic : Ignoré HKLM\SYSTEM\CurrentControlSet\Services\delprot -> Spyware.iSearch : Ignoré HKLM\SYSTEM\CurrentControlSet\Services\delprot\Security -> Spyware.iSearch : Ignoré HKLM\SYSTEM\CurrentControlSet\Services\delprot\Enum -> Spyware.iSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\BTGrab -> Spyware.BetterInternet : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{1C78AB3F-A857-482E-80C0-3A1E5238A565} -> Spyware.iSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-F09C-02B4-6EC2-AD0300000000} -> Spyware.Transponder : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{04079851-5845-4DEA-848C-3ECD647AA554} -> Spyware.MySearchBar : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D1C4E81-A32A-416B-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0DC0CFE-D11A-489B-84C0-63748AFAABF3} -> Spyware.ZyncosMark : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-0000-0000-0000-000000000001} -> Spyware.AutoSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-0000-0000-0000-000000000221} -> Spyware.ClearSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-0000-0000-0000-000000000240} -> Spyware.ClearSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-0000-0000-8835-3EFF76BF2657} -> Spyware.LZIO : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-0000-0000-BFA1-D7EE6696B865} -> Spyware.LZIO : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-0000-41a3-98CF-00000000168B} -> Spyware.LZIO : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-0000-47c5-A90F-2CDE8F7638DB} -> Spyware.LZIO : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-0000-5DFC-5652-1705043F6518} -> Spyware.TX4 : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-0000-7EBF-57C6-0BAE047EA682} -> Spyware.TX4 : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-0001-0345-2280-0287F27A63EE} -> Spyware.TX4 : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-0001-1DBE-075A-39EC04BD88AF} -> Spyware.TX4 : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-0001-F7A6-1F38-0204019E355E} -> Spyware.TX4 : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-0002-53D4-0622-35EA0235778E} -> Spyware.TX4 : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-0008-D357-0798-004401965D4A} -> Spyware.TX4 : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-0009-1C42-7D61-6CFF050894A7} -> Spyware.TX4 : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-0015-BD9C-263A-493001BA0C6C} -> Spyware.TX4 : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-002B-EFE6-6B08-560C01922D3B} -> Spyware.TX4 : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-0033-C1AC-0E62-0C1F0537605D} -> Spyware.TX4 : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-008C-1E65-6AA6-3A270279F027} -> Spyware.TX4 : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-00FA-71ED-4ABA-348801BAA0A9} -> Spyware.TX4 : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-0C95-B1F8-547A-405204D6961A} -> Spyware.TX4 : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-10D6-4e5f-8F7F-29B32C1C0FC4} -> Spyware.LZIO : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-167B-41bc-95FF-86A07B14712C} -> Spyware.LZIO : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-2565-4c5b-A455-A74C8A2247AB} -> Spyware.LZIO : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-5eb9-11d5-9d45-009027c14662} -> Spyware.VX2 : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-64C4-4a64-9767-895AB4921E41} -> Spyware.LZIO : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-6CB0-410C-8C3D-8FA8D2011D0A} -> Spyware.iMesh : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000000-D9E3-4BC6-A0BD-3D0CA4BE5271} -> Spyware.AdBreak : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000010-6F7D-442C-93E3-4A4827C2E4C8} -> Spyware.InternetOptimizer : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{000000DA-0786-4633-87C6-1AA7A4429EF1} -> Spyware.FavoriteMan : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{000000F1-34E3-4633-87C6-1AA7A44296DA} -> Spyware.FavoriteMan : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000185-B716-11D3-92F3-00D0B709A7D8} -> Spyware.SmartBrowser : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000185-C745-43D2-44F1-01A1C789C738} -> Spyware.SmartBrowser : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000250-0320-4DD4-BE4F-7566D2314352} -> Spyware.Transponder : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0000026A-8230-4DD4-BE4F-6889D1E74167} -> Spyware.Transponder : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000273-8230-4DD4-BE4F-6889D1E74167} -> Spyware.Transponder : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{000004CC-E4FF-4F2C-BC30-DBEF0B983BC9} -> Spyware.IPInsight : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000580-C637-11D5-831C-00105AD6ACF0} -> Spyware.VX2 : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{000006B1-19B5-414A-849F-2A3C64AE6939} -> Spyware.VX2 : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000EF1-0786-4633-87C6-1AA7A44296DA} -> Spyware.FavoriteMan : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00000EF1-34E3-4633-87C6-1AA7A44296DA} -> Spyware.FavoriteMan : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{000020DD-C72E-4113-AF77-DD56626C6C42} -> Spyware.TwainTech : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0000607D-D204-42C7-8E46-216055BF9918} -> Spyware.TwainTech : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00010a21-b924-4cd6-893c-eea1071ae8b3} -> Spyware.AdsStore : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{000277A3-7D84-406a-9799-D12A81594693} -> Spyware.SearchFast : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00041A26-7033-432C-94C7-6371DE343822} -> Spyware.SearchEnhancement : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{000E6ED5-E3FC-4c93-99E9-D38D2A9F9B09} -> Spyware.LZIO : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{000E7270-CC7A-0786-8E7A-DA09B51938A6} -> Spyware.NetPal : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00110011-4B0B-44D5-9718-90C88817369B} -> Spyware.CoolWebSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0019C3E2-DD48-4A6D-AB2D-8D32436313D9} -> Spyware.BookedSpace : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0019C3E2-DD48-4A6D-ABCD-8D32436313D9} -> Spyware.BookedSpace : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0019C3E2-DD48-4A6D-ABCD-8D32436323D9} -> Spyware.BookedSpace : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{001DAE60-95C0-11d3-924E-009027950886} -> Spyware.WebSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{001F2470-5DF5-11d3-B991-00A0C9BB0874} -> Spyware.AtHoc : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00320615-B6C2-40A6-8F99-F1C52D674FAD} -> Spyware.Transponder : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0036F389-FEF8-43AC-9220-16430E0012ED} -> Spyware.NauPointBar : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00673769-777F-4814-BE0F-74CBA1D823B8} -> Spyware.ASN1exploit : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00A0A40C-F432-4C59-BA11-B25D142C7AB7} -> Spyware.ClientMan : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00A6FAF1-072E-44cf-8957-5838F569A31D} -> Spyware.MyWebSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00D6A7E7-4A97-456f-848A-3B75BF7554D7} -> Spyware.KeenValue : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{00F16DC8-1B2A-42F4-B18B-E21DA9D2D7FD} -> Spyware.FastFind : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0140DF95-9128-4053-AE72-F43F0CFCA062} -> Spyware.PolyFilter : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{014DA6C1-189F-421a-88CD-07CFE51CFF10} -> Spyware.eXact : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{014DA6C9-189F-421a-88CD-07CFE51CFF10} -> Spyware.MySearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{01C5BF6C-E699-4CD7-BEA1-786FA05C83AB} -> Spyware.PeopleOnPage : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{01CD4DDA-166D-4831-A373-ACCC27E1BB9D} -> Spyware.KeenValue : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{01F44A8A-8C97-4325-A378-76E68DC4AB2E} -> Spyware.IEPlugin : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{021BB032-80A8-4FB6-B3D5-CF27B1553B95} -> Spyware.Slagent : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{024DE5EB-3649-445E-8D57-C09A9A33D479} -> Spyware.Adlogix : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{029BB53A-C312-4b09-9B4F-ED57AF027B28} -> Spyware.LizardBar : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0345B059-8731-42BC-B7B7-5121014B02C6} -> Spyware.Muulcom : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0352960F-47BE-11D5-AB93-00D0B760B4EB} -> Spyware.TOPicks : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{04079851-5845-4dea-848C-3ECD647AA554} -> Spyware.MySearchBar : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0421701D-CF13-4E70-ADF0-45A953E7CB8B} -> Spyware.SmartPops : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0428FFC7-1931-45b7-95CB-3CBB919777E1} -> Spyware.KeenValue : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{046D6EA4-15E3-4b27-8010-45BD78A9219E} -> Spyware.CommonName : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{04719991-296F-4958-AA0F-FA25FFA5008B} -> Spyware.ExciteSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0494D0D1-F8E0-41ad-92A3-14154ECE70AC} -> Spyware.MyWay : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0494D0D9-F8E0-41ad-92A3-14154ECE70AC} -> Spyware.MyWay : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{05BBB56A-2A69-4A5C-BFDA-43295DD67434} -> Spyware.ShopForGood : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{06594350-D723-11D8-9669-0800200C9A66} -> Spyware.StickyPops : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{06DFEDAA-6196-11D5-BFC8-00508B4A487D} -> Spyware.7Search : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{074E3AA7-7718-4404-B3F8-FF8FB5414E0E} -> Spyware.BrowserAcclerator : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{07B18EA1-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{08227B4B-54FE-4C4D-809F-BCA46292FC5B} -> Spyware.Superlogy : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{08351226-6472-43BD-8A40-D9221FF1C4CE} -> Spyware.SideStep : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{08351227-6472-43BD-8A40-D9221FF1C4CE} -> Spyware.SideStep : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{086AE192-23A6-48D6-96EC-715F53797E85} -> Spyware.CoolWebSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{086CEFD5-A88D-4981-8915-D51F04360ED1} -> Spyware.TrafficHog : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{087173EF-9829-4F49-8340-A524177D3F60} -> Spyware.SearchandClick : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{08C63920-DC18-11D2-9E1E-00A0247061AB} -> Spyware.Linkz.com : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{08DBDE36-DF28-11D5-8CA5-0050DA44A764} -> Spyware.Friends.fr : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{08E1C8E1-E565-44fc-A766-C9539BB3ABB7} -> Spyware.iWon : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0982868C-47F0-4EFB-A664-C7B0B1015808} -> Spyware.ClientMan : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{09F0F280-FB9A-481B-B69A-CB00DC44D027} -> Spyware.AdvancedSearchbar : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0A1A2A3A-4A5A-6A7A-8A9A-AABACADAEAFA} -> Spyware.IAGold : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0A5CF411-F0BF-4AF8-A2A4-8233F3109BED} -> Spyware.HuntBar : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0A68C5A2-64AE-4415-88A2-6542304A4745} -> Spyware.HuntBar : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0AAF602E-72A1-45FE-BAB1-06971E07EAA2} -> Spyware.i-Lookup : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0AEE4D0C-4B38-4196-AE32-70ACE5656647} -> Spyware.TheSearchMall : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0B519E07-7824-4adc-8890-93D5EABBF285} -> Spyware.CoolWebSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0B90AA1B-F649-44C3-9FD3-736C332CBBCF} -> Spyware.Adlogix : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0BA1C6EB-D062-4E37-9DB5-B07743276324} -> Spyware.ClientMan : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0C9CBFE1-91CD-40C2-BB64-1EC84C4C46AF} -> Spyware.i-Lookup : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0D7DC475-59EB-4781-985F-A6F5D4E2BC73} -> Spyware.LZIO : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0DDBB570-0396-44C9-986A-8F6F61A51C2F} -> Spyware.FeaturedResults : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0E1230F8-EA50-42A9-983C-D22ABC2E0099} -> Spyware.SearchIT : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0E1230F8-EA50-42A9-983C-D22ABC2EEB4C} -> Spyware.AroundWeb : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{0FC817C2-3B45-11D4-8340-0050DA825906} -> Spyware.Deltabar : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1028F737-81E7-452B-A860-E50CAD90A08C} -> Spyware.SpyAssassin : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{10955232-B671-11D7-8066-0040F6F477E4} -> Spyware.Whazit : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{118CE65F-5D86-4AEA-A9BD-94F92B89119F} -> Spyware.CnsMin : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{11904CE8-632A-4856-A7CC-00B33FE71BD8} -> Spyware.Sexxxpassport : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{11990E9F-2A4D-11D6-9507-02608CDD2842} -> Spyware.SearchSquire : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{11F6B95F-0774-4B8D-8C9E-6B552CBCAD14} -> Spyware.i-Lookup : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{12D02C08-218F-4A11-BDE1-6611ADB7B81F} -> Spyware.CoolWebSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{12DF6E3E-6272-4AE8-880B-2158D60791C0} -> Spyware.Winpage : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{12F02779-6D88-4958-8AD3-83C12D86ADC7} -> Spyware.ActiveSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{136A9D1D-1F4B-43D4-8359-6F2382449255} -> Spyware.SuperBar : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{13707362-08A2-11D3-A26D-0060976E9E6A} -> Spyware.Bizrate : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{139D88E5-C372-469D-B4C5-1FE00852AB9B} -> Spyware.FavoriteMan : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{13F90341-AD79-4A9F-9B57-0234675670D6} -> Spyware.Pornrelated : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{14B3D246-6274-40B5-8D50-6C2ADE2AB29B} -> Spyware.ShopNav : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{150FA160-130D-451F-B863-B655061432BA} -> Spyware.CoolWebSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{166348F1-2C41-4C9F-86BB-EB2B8ADE030C} -> Spyware.ClientMan : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1678F7E1-C422-11D0-AD7D-00400515CAAA} -> Spyware.CometCursor : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{179E4B4A-76C3-4F65-BCED-C9FA1A28D2EF} -> Spyware.NetNucleus : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{17DA0C9E-4A27-4ac5-BB75-5D24B8CDB972} -> Spyware.CoolWebSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{18B79968-1A76-4953-9EBB-B651407F8998} -> Spyware.i-Lookup : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{19A447BA-9C2E-4864-93F5-A0645229771E} -> Spyware.i-Lookup : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{19E41A2D-BD9D-48bb-9576-27B2CF0877C0} -> Spyware.ZippyLookup : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1A98BCA2-0BD1-47DE-9710-C7665F7F1FCB} -> Spyware.SearchEx : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1B0E7716-898E-48cc-9690-4E338E8DE1D3} -> Spyware.CnsMin : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1B13BF1B-A528-4CC4-B5BF-553CAA6487AC} -> Spyware.i-Lookup : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1B7D753B-1981-4bd2-91F3-6D055EE113A0} -> Spyware.PurityScan : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1BC1FC4B-B0D2-4D8D-9307-2E40E2A8C257} -> Spyware.HyperBar : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1BDD55B8-3985-4E59-B906-5E0AD56D6710} -> Spyware.Browserplugin : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1C4DA27D-4D52-4465-A089-98E01BB725CA} -> Spyware.IEPageHelper : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1C78AB3F-A857-482e-80C0-3A1E5238A565} -> Spyware.iSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1D022C27-3771-4D1D-B1B7-1953E271C6CA} -> Spyware.SpiderSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1D71DB63-D72A-4479-98F8-5BCB84FAE0F6} -> Spyware.Zettasearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1D870C86-AA3C-4451-81E4-71D480A1A652} -> Spyware.SubSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1D9B10E0-E90C-11D7-A399-B7BAC8911A3F} -> Spyware.ArrowToolbar : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1E1B2879-30C7-11D4-8DDF-525400E483E3} -> Spyware.NJStarAsian : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1E1B2879-88FF-11D2-8D96-000000000003} -> Backdoor.Lixy.B : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1E1B2879-88FF-11D2-8D96-000000000004} -> Backdoor.Lixy.B : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1E1B2879-88FF-11D2-8D96-123457123457} -> Spyware.Clitor : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1E1B2879-88FF-11D2-8D96-D7ACAC31337F} -> Spyware.Bukaw : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1E1B2879-88FF-11D2-8D96-D7ACAC95951A} -> Backdoor.Lixy : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1E1B2879-88FF-11D2-8D96-D7ACAC95951F} -> Spyware.CommonName : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1E1B2879-88FF-11D2-8D96-D7ACAC97972F} -> Spyware.Pornrelated : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1E1B2879-88FF-11D3-8D96-D7ACAC95951A} -> Spyware.Antispykeylog : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1E1B2879-88FF-11D3-8D96-D7ACAC95951F} -> Spyware.PerfectKeylogger : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1F48AA48-C53A-4E21-85E7-AC7CC6B5FFA2} -> Spyware.ToolbarCC : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1F48AA48-C53A-4E21-85E7-AC7CC6B5FFA7} -> Spyware.ToolbarCC : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1F48AA48-C53A-4E21-85E7-AC7CC6B5FFA8} -> Spyware.ToolbarCC : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1F48AA48-C53A-4E21-85E7-AC7CC6B5FFAF} -> Spyware.ToolbarCC : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1F48AA48-C53A-4E21-85E7-AC7CC6B5FFB1} -> Spyware.CoolWebSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{1F48AA48-C53A-4E21-85E7-AC7CC6B5FFB2} -> Spyware.CoolWebSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2038A287-4221-4F76-A7C0-ADDD77AFABB3} -> Spyware.i-Lookup : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{204F937E-519E-4597-96FA-8F1F59F3CB6D} -> Spyware.HotBar : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{21301D69-B8F1-46AA-B0B5-09EE2285914C} -> Spyware.CustomToolbar : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{223405EC-01F9-48a2-BDBB-D519913E2765} -> Spyware.LZIO : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{224530A0-C9CB-4AEE-9C0F-54AC1B533211} -> Spyware.eXact : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{22941A26-7033-432C-94C7-6371DE343822} -> Spyware.SearchEnhancement : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{22998D24-B789-4CA2-A7FC-CD7CE7DEB14C} -> Spyware.Seek99 : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{23BC1CCF-4BE7-497F-B154-6ADA68425FBB} -> Spyware.Expext : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{23DDAE8C-6A79-4d62-80AA-E95D89CB9811} -> Spyware.SearchExplorer : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{25F7FA20-3FC3-11D7-B487-00D05990014C} -> Spyware.ClientMan : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2662BDD7-05D6-408F-B241-FF98FACE6054} -> Spyware.Xupiter : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{267D5BD3-0DC2-4724-A196-7F4794FBB9EB} -> Spyware.Whazit : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{269B6797-664E-48AA-B283-B012BDF6E525} -> Spyware.eUniverse : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{270B845C-712C-4773-BEE0-AE2D2001CD0F} -> Spyware.EZCybersearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2737A6C0-7E24-11D7-B299-00E0297E0844} -> Spyware.WurldMedia : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{27557cf1-a237-496d-8c8f-08f3844c6a8b} -> Spyware.WhistleSoftware : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{275636E4-A535-4668-9FF1-86DC0C62D446} -> Spyware.CoolWebSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{27A5FF76-9919-492C-98E3-EDA3502FC829} -> Spyware.MyPageFinder : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{28A19C3E-91E4-4bca-A623-BAF3C43C4F49} -> Spyware.LZIO : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{28CAEFF3-0F18-4036-B504-51D73BD81C3A} -> Spyware.EliteBar : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{297caf50-e4f7-11d1-a380-00600896eccc} -> Spyware.Segue : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{29A38549-AF6F-11D4-89D6-BC1DFD912B00} -> Spyware.Hijacker.Generic : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{29F7B7FA-ADC8-48ea-9E1C-EA87A05AE642} -> Spyware.Commander : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2A57772A-D963-4533-A999-A4D66B7EF424} -> Spyware.FastFind : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2A7B720A-7A28-4e99-80A0-2DF985EC93D0} -> Spyware.Make-deal : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2AF8CED6-5BD8-4310-A90C-9664EFB16B10} -> Spyware.LookThruCool : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2B3452C5-1B9A-440F-A203-F6ED0F64C895} -> Spyware.BookedSpace : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2BC43670-C0BD-4794-BB11-F60F3E001DC5} -> Spyware.DynamicDesktopMedia : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2CF0B992-5EEB-4143-99C0-5297EF71F443} -> Spyware.BrowserAid : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2CF0B992-5EEB-4143-99C0-5297EF71F444} -> Spyware.BrowserAid : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2CF0B992-5EEB-4143-99C0-5297EF71F44A} -> Spyware.BrowserAid : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2CF0B992-5EEB-4143-99C0-5297EF71F44B} -> Spyware.BrowserAid : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2CF0B992-5EEB-4143-99C2-5297EF71F44A} -> Spyware.BrowserAid : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2CF0B992-5EEB-4143-99C2-5297EF71F44B} -> Spyware.BrowserAid : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2D38A51A-23C9-48a1-A33C-48675AA2B494} -> Spyware.CoolWebSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2D556983-83D7-4630-9AA5-27C74CA27B79} -> Spyware.i-Lookup : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2D7CB618-CC1C-4126-A7E3-F5B12D3BCF71} -> Spyware.AdBlaster : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2D877C0B-3F44-42CD-A283-57AAA9186CB9} -> Spyware.GoGoData : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2E12B523-3D4C-4FAC-9B04-0376A8F5E879} -> Spyware.InetSpeak : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2E77E33F-671E-4334-ABAA-0C2E2BE654F1} -> Spyware.Pornrelated : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2E9CAFF6-30C7-4208-8807-E79D4EC6F806} -> Spyware.SubmitHook : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2F24B54D-3A27-11D8-8169-00C02623048A} -> Spyware.ezSearching : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{2FF5573C-0EB5-43db-A1B2-C4326813468E} -> Spyware.Hijacker.Generic : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{30192F8D-0958-44E6-B54D-331FD39AC959} -> Spyware.CoolWebSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{30A56549-9D5B-4D34-AFA7-440A7F0538A9} -> Spyware.OpenSite : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{312FA154-E1B7-4336-9833-EE6B38D58B56} -> Spyware.ProBotActivity : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{31995C64-CB4D-483E-82C2-CCFFE2F66CAB} -> Spyware.SubSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{319A68DB-06D0-46DA-9F93-A810D5A70836} -> Spyware.ZipClix : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{337D0C1D-4053-4FAB-AF2B-45C2F7B0FAA6} -> Spyware.FinditQuick : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{337D0C1D-4053-4FAB-AF2B-45C2F7B0FAA7} -> Spyware.BrowserAid : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{3392BD0A-A851-4AA4-86E0-4651006F9EA8} -> Spyware.Atomica : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{339BB23F-A864-48C0-A59F-29EA915965EC} -> Spyware.HuntBar : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{34A44FCF-50E3-63A5-A8DA-7835752B9571} -> Spyware.SeeqToolbar : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{34D516EA-40E3-4E3B-8BA8-505112738ED5} -> Spyware.ezSearching : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{35CC7369-C6EB-4A64-AB05-44CF0B5087A0} -> Spyware.i-Lookup : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{3611204F-4B3C-11D4-B416-E159A5067F41} -> Spyware.Rusurecom : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6} -> Spyware.E2Give : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{3717DF55-0396-463d-98B7-647C7DC6898A} -> Spyware.HitHopper : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{3750BFA3-1392-4AF3-AF86-9D2D4776E5A4} -> Spyware.Burnaby : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{3789CBF0-C4CA-4e98-B93B-22ACF0587FBA} -> Spyware.Qidion : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{423BD222-52BE-471A-BE01-75FCCEB3D48F} -> Spyware.i-Lookup : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{432D8C41-8586-11D8-997D-00C026232EB9} -> Spyware.InternetOptimizer : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{43FA5935-E36E-4937-8127-A90191B2EC68} -> Spyware.LoveTester : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} -> Spyware.E-booksystems : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{447160CD-ECF5-4EA2-8A8A-1F70CA363F85} -> Spyware.ClientMan : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{44A23DAB-8D31-43AE-9F68-5AC24CF7CE8C} -> Spyware.Msinfosys : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{44BE0690-5429-47f0-85BB-3FFD8020233E} -> Spyware.UCmore : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{467FAEB2-5F5B-4c81-BAE0-2A4752CA7F4E} -> Spyware.CoolWebSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{499DB658-1909-420B-931A-4A8CAEFD232F} -> Trojan.Aspam : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{49E0E0F0-5C30-11D4-945D-000000000000} -> Spyware.Hijacker.Generic : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{49F2248D-1734-4B0F-A7B8-542E526EE07C} -> Spyware.YellowPages : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Spyware.NewDotNet : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{4B021269-DD24-48B2-96B4-DA121E9C0502} -> Spyware.ezSearching : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{4B2F5308-2CB0-40E2-8030-59936ED5D22C} -> Spyware.HyperBar : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{4B8E6575-1013-45e9-BF77-9852ECEF07A9} -> Spyware.TheLocalSearch : Ignoré HKU\S-1-5-21-1659004503-1364589140-725345543-1003\Software\Microsoft\Windows\Curre -
[résolu]rapport hijackthis
Kalidas a répondu à un(e) sujet de Kalidas dans Analyses et éradication malwares
ok c'est fait voilà le log hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 19:02:05, on 07/11/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Creative\SBExtigy\RemoteCenter\Rc\Rcman.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe C:\Palm\HOTSYNC.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\vuhkr.dll/sp.html#87649 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\vuhkr.dll/sp.html#87649 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\vuhkr.dll/sp.html#87649 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\vuhkr.dll/sp.html#87649 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\vuhkr.dll/sp.html#87649 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\vuhkr.dll/sp.html#87649 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\vuhkr.dll/sp.html#87649 O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Class - {4D4601F5-8E7E-0E4E-5736-315F1F6D86C7} - C:\WINDOWS\system32\winbo32.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\SBExtigy\RemoteCenter\Rc\Rcman.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe -
[résolu]rapport hijackthis
Kalidas a répondu à un(e) sujet de Kalidas dans Analyses et éradication malwares
bonjour charles, j'ai un doute : avec easycleaner, à l'étape inutiles, dois-je passer partout : repertoire temporaire, fichiers internet tempo, historique, cookies, recent de MS office ou me contenter de "types normaux" seulement ? (désolé pour tant d'ignorance) merci -
[résolu]rapport hijackthis
Kalidas a répondu à un(e) sujet de Kalidas dans Analyses et éradication malwares
Je suis cuit, mais voilà le rapport : Horseserver Removal Tool v1.05 by Atri - - 1. Registry Fix Started - Registry fix complete - 2. Deleted Services - - 3. Finding files Located on system - w32tm.exe - 4. Deleting files that were found. - - 5. Checking for and Removing Winupdate et celui d'hijackthis (j'ai pu cocher toutes les lignes sauf R0 - HKCU\Software\Microsoft\Internet Explorer\Main, Start Page =, que je n'ai pas trouvée) : Logfile of HijackThis v1.99.1 Scan saved at 23:55:37, on 06/11/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\apiuj.exe C:\WINDOWS\system32\userinit.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe C:\WINDOWS\d3le.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Creative\SBExtigy\RemoteCenter\Rc\Rcman.exe C:\Palm\HOTSYNC.EXE C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe C:\Program Files\HijackThis\HijackThis.exe C:\Program Files\Creative\SBExtigy\RemoteCenter\Center\RCenter.exe C:\Program Files\Creative\ShareDLL\MediaDet.Exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: Class - {DF47F1BD-C208-8C66-A47A-BD4CBA5DD322} - C:\WINDOWS\system32\ipsi.dll O2 - BHO: (no name) - {E5EFC06B-40E7-2C65-D3CA-543E73BF45A1} - (no file) O3 - Toolbar: (no name) - {1C78AB3F-A857-482e-80C0-3A1E5238A565} - (no file) O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [d3le.exe] C:\WINDOWS\d3le.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\SBExtigy\RemoteCenter\Rc\Rcman.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &iSearch The Web - res://C:\WINDOWS\System32\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://tdserver.bitstream.com/tdserver.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EP...l_v1-0-3-17.cab O23 - Service: Workstation NetLogon Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\apiuj.exe" /s (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe - -
[résolu]rapport hijackthis
Kalidas a répondu à un(e) sujet de Kalidas dans Analyses et éradication malwares
Non ça ne marche toujours pas et je n'avais pas déjà effectué la procédure. A la désinstallation de mysearch ou search assistant (0,07 Mo) et de Need2FindBar (0,31 Mo) un pavé m'annonce "erreur de chargement...le module spécifié est introuvable" dois-je démarrer tout de même hijackthis ?? -
[résolu]rapport hijackthis
Kalidas a répondu à un(e) sujet de Kalidas dans Analyses et éradication malwares
Merci stonangel, mais c'est toujours " le service spécifié n'existe pas en tant que service installé" -
[résolu]rapport hijackthis
Kalidas a répondu à un(e) sujet de Kalidas dans Analyses et éradication malwares
C'est encore la même réponse -
[résolu]rapport hijackthis
Kalidas a répondu à un(e) sujet de Kalidas dans Analyses et éradication malwares
-
[résolu]rapport hijackthis
Kalidas a répondu à un(e) sujet de Kalidas dans Analyses et éradication malwares
Salut Charles J'ai tout téléchargé, c'est ok je me suis mis en mode sans échec et choisi la session courante pas celle de l'administrateur mais à l'étape sc stop Network Security Service ET sc delete Network Security Service, j'obtiens ça : Microsoft Windows XP [version 5.1.2600] © Copyright 1985-2001 Microsoft Corp. C:\Documents and Settings\caroetbenni>sc stop Network Security Service [sC] OpenService FAILED 1060: Le service spÚcifiÚ n'existe pas en tant que service installÚ. C:\Documents and Settings\caroetbenni>sc delete Network Security Service [sC] OpenService FAILED 1060: Le service spÚcifiÚ n'existe pas en tant que service installÚ. ça n'a pas l'air d'être un avertissement du succès de l'opération, non ? merci -
[résolu]rapport hijackthis
Kalidas a répondu à un(e) sujet de Kalidas dans Analyses et éradication malwares
Merci Charles, on fera tout ça dès qu'on peut et on te raconte. MERCI, bon weekend, la femme de kalidas -
[résolu]rapport hijackthis
Kalidas a répondu à un(e) sujet de Kalidas dans Analyses et éradication malwares
Oui Charles ça a l'air d'avoir marché en apparence en tout cas je n'ai plus le pavé spyware infection et plus rien non plus dans la barre des tâches, plus de menu déroulant non plus cela veut-il dire que le problème est réglé ? en tout cas merci beaucoup pour ton efficacité, chapeau bas !! kalidas et merde ! : en t' envoyant ma dernière réponse clamant victoire la banner déroulante est réapparue donc c'est pas complètement résolu kalidas -
[résolu]rapport hijackthis
Kalidas a répondu à un(e) sujet de Kalidas dans Analyses et éradication malwares
OK voilà le 1er rapport : SmitFraudFix v1.92 Rapport fait à 22:07:47,48 le 04/11/2005 Executé à partir de C:\Documents and Settings\caroetbenni\Mes documents\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\WINDOWS\desktop.html supprimé et celui d'hijackthis (réalisé après redémarrage, pas en mode échec, c'est le bon j'espère...): Logfile of HijackThis v1.99.1 Scan saved at 22:13:11, on 04/11/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\addre.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe C:\DOCUME~1\CAROET~1\LOCALS~1\Temp\1DC.tmp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe C:\Program Files\Creative\SBExtigy\RemoteCenter\Rc\Rcman.exe C:\Program Files\iPod\bin\iPodService.exe C:\Palm\HOTSYNC.EXE C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Creative\SBExtigy\RemoteCenter\Center\RCenter.exe C:\Program Files\HijackThis\HijackThis.exe C:\Program Files\Creative\ShareDLL\MediaDet.Exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.the-exit.com/search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\xmkvh.dll/sp.html#87649 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\xmkvh.dll/sp.html#87649 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: BTGrabObj Class - {00000000-F09C-02B4-6EC2-AD0300000000} - C:\WINDOWS\BTGrab.dll (file missing) O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: MySearch Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program Files\MySearch\SrchAstt\1.bin\MYSRCHAS.DLL (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Class - {388ED10E-927A-43DB-E6A9-DA72CE4347B9} - C:\WINDOWS\system32\netsu.dll O2 - BHO: Class - {3E33A085-99CA-2CF6-1BCB-436B044EF1EA} - C:\WINDOWS\msxm.dll (file missing) O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {D0C2F06B-6DD4-1951-FEFA-6413438F6891} - C:\WINDOWS\system32\fdgk.dll (file missing) O2 - BHO: (no name) - {E5EFC06B-40E7-2C65-D3CA-543E73BF45A1} - C:\WINDOWS\system32\fdgk.dll (file missing) O3 - Toolbar: (no name) - {1C78AB3F-A857-482e-80C0-3A1E5238A565} - (no file) O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [1DC.tmp] C:\DOCUME~1\CAROET~1\LOCALS~1\Temp\1DC.tmp.exe O4 - HKLM\..\Run: [1DC.tmp.exe] C:\DOCUME~1\CAROET~1\LOCALS~1\Temp\1DC.tmp.exe O4 - HKLM\..\Run: [d3cx32.exe] C:\WINDOWS\system32\d3cx32.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\SBExtigy\RemoteCenter\Rc\Rcman.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &iSearch The Web - res://C:\WINDOWS\System32\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Search - http://kx.bar.need2find.com/KX/menusearch.html?p=KX O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://tdserver.bitstream.com/tdserver.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EP...l_v1-0-3-17.cab O23 - Service: Network Security Service (NSS) ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\system32\addre.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\Documents and Settings\caroetbenni\Application Data\Install.dat supprimé C:\Program Files\SpySheriff\ supprimé »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport -
[résolu]rapport hijackthis
Kalidas a répondu à un(e) sujet de Kalidas dans Analyses et éradication malwares
Merci charles voila le rapport smitfraudix : SmitFraudFix v1.92 Rapport fait à 21:58:44,04 le 04/11/2005 Executé à partir de C:\Documents and Settings\caroetbenni\Mes documents\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\ »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS C:\WINDOWS\desktop.html PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Documents and Settings\caroetbenni\Application Data C:\Documents and Settings\caroetbenni\Application Data\Install.dat PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Documents and Settings\caroetbenni\Bureau »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Program Files C:\Program Files\SpySheriff\PRESENT! »»»»»»»»»»»»»»»»»»»»»»»» Recherche présence de clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport -
Oui Pollux j'ai suivi la procédure demandée : j'ai toujours un bandeau défilant en haut warning your computer is infected press for help (si je le ferme je me retrouve sur le site de pub pour spyfighter, spysheriff, razespyware) Dans la barre des tâches : j'ai toujours le pavé noir avec inscription en rouge spyware infection en revanche après application de la procédure, je n'ai plus l'icone rouge avec croix, ni l'écusson rouge avec croix blanche dans la barre des tâches voici donc le rapport (merci pour l'aide) : Logfile of HijackThis v1.99.1 Scan saved at 19:58:19, on 04/11/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\xmkvh.dll/sp.html#87649 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\xmkvh.dll/sp.html#87649 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.the-exit.com/search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\xmkvh.dll/sp.html#87649 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\xmkvh.dll/sp.html#87649 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\xmkvh.dll/sp.html#87649 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\xmkvh.dll/sp.html#87649 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\xmkvh.dll/sp.html#87649 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: BTGrabObj Class - {00000000-F09C-02B4-6EC2-AD0300000000} - C:\WINDOWS\BTGrab.dll (file missing) O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: MySearch Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program Files\MySearch\SrchAstt\1.bin\MYSRCHAS.DLL (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Class - {388ED10E-927A-43DB-E6A9-DA72CE4347B9} - C:\WINDOWS\system32\netsu.dll O2 - BHO: Class - {3E33A085-99CA-2CF6-1BCB-436B044EF1EA} - C:\WINDOWS\msxm.dll (file missing) O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {D0C2F06B-6DD4-1951-FEFA-6413438F6891} - C:\WINDOWS\system32\fdgk.dll (file missing) O2 - BHO: (no name) - {E5EFC06B-40E7-2C65-D3CA-543E73BF45A1} - C:\WINDOWS\system32\fdgk.dll (file missing) O3 - Toolbar: (no name) - {1C78AB3F-A857-482e-80C0-3A1E5238A565} - (no file) O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [1DC.tmp] C:\DOCUME~1\CAROET~1\LOCALS~1\Temp\1DC.tmp.exe O4 - HKLM\..\Run: [1DC.tmp.exe] C:\DOCUME~1\CAROET~1\LOCALS~1\Temp\1DC.tmp.exe O4 - HKLM\..\Run: [d3cx32.exe] C:\WINDOWS\system32\d3cx32.exe O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\SBExtigy\RemoteCenter\Rc\Rcman.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &iSearch The Web - res://C:\WINDOWS\System32\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Search - http://kx.bar.need2find.com/KX/menusearch.html?p=KX O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://tdserver.bitstream.com/tdserver.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EP...l_v1-0-3-17.cab O23 - Service: Network Security Service (NSS) ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\system32\addre.exe O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
-
merci pollux merci pour la rapidité de la réactivité un peu tard maintenant pour moi je referai la procédure indiquée demain
-
Bonjour à tous, une aide est désepérément espérée, (je suis totalement novice), merci pour votre aide voici le rapport obtenu: Logfile of HijackThis v1.99.1 Scan saved at 19:47:28, on 03/11/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\addre.exe C:\Program Files\AVPersonal\AVGUARD.EXE C:\Program Files\AVPersonal\AVWUPSRV.EXE C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe C:\WINDOWS\system32\d3cx32.exe C:\DOCUME~1\CAROET~1\LOCALS~1\Temp\1DC.tmp.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\AVPersonal\AVGNT.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Creative\SBExtigy\RemoteCenter\Rc\Rcman.exe C:\winstall.exe C:\Palm\HOTSYNC.EXE C:\Program Files\Creative\SBExtigy\RemoteCenter\Center\RCenter.exe C:\Program Files\Creative\ShareDLL\MediaDet.Exe C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE C:\Program Files\Messenger\msmsgs.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\xmkvh.dll/sp.html#87649 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\xmkvh.dll/sp.html#87649 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.the-exit.com/search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\xmkvh.dll/sp.html#87649 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\xmkvh.dll/sp.html#87649 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\xmkvh.dll/sp.html#87649 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\xmkvh.dll/sp.html#87649 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\xmkvh.dll/sp.html#87649 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: BTGrabObj Class - {00000000-F09C-02B4-6EC2-AD0300000000} - C:\WINDOWS\BTGrab.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: MySearch Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program Files\MySearch\SrchAstt\1.bin\MYSRCHAS.DLL (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Class - {388ED10E-927A-43DB-E6A9-DA72CE4347B9} - C:\WINDOWS\system32\netsu.dll O2 - BHO: Class - {3E33A085-99CA-2CF6-1BCB-436B044EF1EA} - C:\WINDOWS\msxm.dll (file missing) O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {D0C2F06B-6DD4-1951-FEFA-6413438F6891} - C:\WINDOWS\system32\fdgk.dll (file missing) O2 - BHO: (no name) - {E5EFC06B-40E7-2C65-D3CA-543E73BF45A1} - C:\WINDOWS\system32\fdgk.dll (file missing) O3 - Toolbar: (no name) - {1C78AB3F-A857-482e-80C0-3A1E5238A565} - (no file) O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [d3cx32.exe] C:\WINDOWS\system32\d3cx32.exe O4 - HKLM\..\Run: [1DC.tmp] C:\DOCUME~1\CAROET~1\LOCALS~1\Temp\1DC.tmp.exe O4 - HKLM\..\Run: [1DC.tmp.exe] C:\DOCUME~1\CAROET~1\LOCALS~1\Temp\1DC.tmp.exe O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\SBExtigy\RemoteCenter\Rc\Rcman.exe O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &iSearch The Web - res://C:\WINDOWS\System32\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Search - http://kx.bar.need2find.com/KX/menusearch.html?p=KX O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://tdserver.bitstream.com/tdserver.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EP...l_v1-0-3-17.cab O23 - Service: Network Security Service (NSS) ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\system32\addre.exe O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe