pc let au demarrage virus a supprimerRésolu/Fermé

Question

Bonjour à tous,
Préciser votre système d'exploitation et ben déjà, je sèche ca promet...ben windows quelque chose...Mon soucis, (ca je sais) mon pc est très lent à la détente et mon anti-virus a détecté pour l'instant 2 virus (Spamblockeutility et BearShare). What ??!!.. Si quelque à quelques années à passer avec moi pour m'en sortir, ce serait très généreux. Merci d'avance..

Utilisateur anonyme · Answer

Salut,

Télécharge HijackThis:
Téléchargement de HijackThis

Installe le dans son propre dossier:
-clic droit sur le bureau, choisis "nouveau dossier" puis installe le dedans.
Lance le, clic sur "do a system scan and save logfile"
Puis copie et colle le rapport ici stp

Utilisateur anonyme · Answer

oula beau chantier :D

Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll
O2 - BHO: TVEngine Helper /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B94E3D67A5B7A432A3AC3 - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - c:\program files\hbtools\hbtv\hbtvhelper.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL
O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll
O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.8.0.0\HbtOEAddOn.exe
O4 - HKLM\..\Run: [vujdqdbl] C:\WINDOWS\system32\baosbvti.exe
O4 - HKLM\O4 - HKLM\..\Run: [WinAntiVirusPro2006] "C:\Program Files\WinAntiVirus Pro 2006\WinAV.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [CompanionWizard] "C:\Program Files\Common Files\Companion Wizard\compwiz.exe" /silent
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\HbTools\Bin\4.8.0.0\HbtWeatherOnTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ChansonsMP3] C:\Documents and Settings\henaff julien\Application Data\ChansonsMP3.exe t
O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\procia.exe /run..
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - http://kx.bar.need2find.com/KX/menusearch.html?p=KX

Clic sur demarrer, executer, tape: services.msc ,cherche dans la liste cette ligne, fais un clic droit dessus et régle la sur "désactivé"

Firewall service

Clic sur demarrer, poste de travail, C:, program files, cherche et supprime ces dossiers:

Need2Find
ShopperReports
HbTools

Clic sur demarrer, rechercher, cherche et supprime ces fichiers si présent:

P2P Networking.exe
procia.exe
baosbvti.exe

**Si un fichier persiste lors de la suppression fais ceci:
-Redemarres ton pc, dès l'allumage de celui-ci tapote la touche f8, à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement

Scan ton Pc avec ces deux logiciels

SpyBot-Search & Destroy: (gratuit)(mets le à jour "MAJ")
Spybot Search & Destroy

Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système et colle le rapport ici avec un nouveau rapport hijackthis
Ewido: (reste gratuit après la période d'essai)
Télécharger Ewido Security Suite

roxane · Answer

j'ai eu du mal à me connecter cet après-midi donc je m'y suis remise ce soir mais c'était long. En tout cas, je te remercie pour tes conseils..
Voila la suite sous ewido puis hijackthis :
C:\WinAntiVirus Pro 2006\Quarantine\instafinkqkwiljsk\instafink.dll -> Adware.404Search : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\altnetuvljslse\Setup.exe -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\altnetuvljslse\adm.exe -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\altnetuvljslse\adm25.dll -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\altnetuvljslse\adm4.dll -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\altnetuvljslse\admdloader.dll -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\altnetuvljslse\admfdi.dll -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\altnetuvljslse\admprog.dll -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\altnetuvljslse\dmfiles.cab/AltnetUninstall.exe -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\altnetuvljslse\pmexe.cab/Points Manager.exe -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\asmfiles.cabczbgzctc/asm.exe -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\asmfiles.cabczbgzctc/asmps.dll -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\altnetuvljslse\pmfiles.cab/sysdetect.dll -> Adware.BrilliantDigital : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.6.2.0\HbtCoreSrv.dll -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.6.2.0\HbtGuard.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.6.2.0\HbtHostIE.dll -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.6.2.0\HbtHostOE.dll -> Adware.Hotbar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.6.2.0\HbtOEAddOn.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.6.2.0\HbtToolbar.dll -> Adware.Hotbar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.6.2.0\HbtWallpaper.dll -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.7.0.0\Cml.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.7.0.0\HbtGuard.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.7.0.0\HbtHostOE.dll -> Adware.Hotbar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.7.0.0\HbtInstIE.dll -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.7.0.0\HbtOEAddOn.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.7.0.0\HbtSrv.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.7.0.0\HbtWeatherOnTray.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.8.0.0\Cml.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.8.0.0\HbtAds.dll -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.8.0.0\HbtGuard.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.8.0.0\HbtHostIE.dll -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.8.0.0\HbtHostOE.dll -> Adware.Hotbar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.8.0.0\HbtHostOL.dll -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.8.0.0\HbtInstIE.dll -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.8.0.0\HbtOEAddOn.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.8.0.0\HbtSrv.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.8.0.0\HbtWeatherOnTray.exe -> Adware.Hotbar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\HBTV\HBTV.exe -> Adware.Hotbar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\HBTV\HBTVHelper.dll -> Adware.Hotbar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc9.exe -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\AppID\WeatherOnTray.EXE -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostIE.Bho -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostIE.Bho.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtTools.HbMain -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtTools.HbMain.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbAx -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbAx.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbAx\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbAx\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbCommBand -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbCommBand.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbCommBand\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbCommBand\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButton -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButton.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButton\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButton\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\Install -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\MachineInfo -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\Mail -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\PI -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\PI\3.2 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\Updates -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\Upgrade -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HostOI -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HostOI\Mail -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HostOI\Updates -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HostOL -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HostOL\Updates -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\Hotbar -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\Hotbar\Install -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\Install -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\Install\CmpMap -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HbToolsOutlookTools -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HbToolsWebTools -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReports by Hotbar -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\ShopperReports -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\ShopperReports\ShopperReports -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\ShopperReports\ShopperReports\PostInstaller -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Common -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Common\Time -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Common\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\EUI -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\HtmlPPP -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\ImagesHistory -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Install -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Local -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\MachineInfo -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\MultiUrl -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\PI -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\PI\3.2 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg852 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg853 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg860 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg861 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg887 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg888 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg889 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg904 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg905 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg910 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg911 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg912 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg913 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg914 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg915 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg926 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg927 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\UserInfo -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Weather -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\dynamic -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\dynamicFail -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\init -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\links -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\mail -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\options -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HostOI -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HostOI\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HostOI\links -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Time -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Time\HostIE -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Time\HostIE\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Time\HostOE -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Time\HostOE\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Time\HostOI -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Time\HostOI\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Time\HostOL -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Time\HostOL\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\hostol -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\hostol\Mail -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\hostol\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\hostol\soho -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\ShopperReports -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\ShopperReports\ShopperReports -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\ShopperReports\ShopperReports\PostInstaller -> Adware.HotBar : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\WebP2PInstaller.dllolagshco -> Adware.PeerNet : No action taken.
C:\Documents and Settings\henaff julien\Bureau\roxane\backups\backup-20060914-182910-444.dll -> Adware.Shopper : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{2178F3FB-2560-458f-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2178F3FB-2560-458F-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2178F3FB-2560-458F-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : No action taken.
C:\Program Files\amateursfr\amateursfr.exe -> Dialer.Allotick : No action taken.
C:\Documents and Settings\henaff julien\Application Data\ChansonsMP3.exe -> Dialer.DialWeb : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access -> Dialer.Generic : No action taken.
C:\WINDOWS\ExeDialer.exe -> Dialer.InstantAccess.f : No action taken.
C:\WINDOWS\system32\EGDACCESS_1063.dll -> Dialer.InstantAccess.f : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\Multihoxbpgjw\Exe\20050821180823\instant access.exe -> Dialer.InstantAccess.f : No action taken.
C:\Documents and Settings\henaff julien\Bureau\Instant-Access.exe -> Dialer.InstantAccess.m : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc7.exe -> Dialer.InstantAccess.m : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\Multihoxbpgjw\20060710150731\instant access.exe -> Dialer.InstantAccess.m : No action taken.
C:\WINDOWS\system32\MSA64CHK.0LL -> Downloader.Perfiler.g : No action taken.

Logfile of HijackThis v1.99.1
Scan saved at 00:46:20, on 15/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
C:\Program Files\Securitoo\av_fw\fswsclds.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Securitoo\av_fw\backweb\1044199\Program\BackWeb-1044199.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\WINDOWS\System32\hphmon05.exe
C:\PROGRA~1\Lexmark\PHOTOC~1\LXBLKsk.exe
C:\Program Files\Lexmark\Lexmark Photo Center\MemoryCardManager.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\PHILIPS\HDDDMM\DMM\bin\AutoLaunchHDD70.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
C:\PROGRA~1\FICHIE~1\PHILIP~1\USBCON~1.EXE
C:\WINDOWS\vsnpstd.exe
C:\WINDOWS\system32\XCSyncML.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/qfr8l.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: CIEIntegrator Object - {2178F3FB-2560-458F-BDEE-631E2FE0DFE4} - C:\Program Files\WinAntiVirus Pro 2006\winpgi.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: IEFW Object - {B5141620-C2B2-4D95-9F0F-134D99C87AB0} - C:\Program Files\WinAntiVirus Pro 2006\iefwbho.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [LXBLKsk] C:\PROGRA~1\Lexmark\PHOTOC~1\LXBLKsk.exe
O4 - HKLM\..\Run: [MemoryCardManager] C:\Program Files\Lexmark\Lexmark Photo Center\MemoryCardManager.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [/AutoLaunchHDD70] C:\Program Files\PHILIPS\HDDDMM\DMM\bin\AutoLaunchHDD70.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [XCSyncML] C:\WINDOWS\system32\XCSyncML.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll (file missing)
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll (file missing)
O9 - Extra button: ChansonsMP3 - {EF6D6AE3-2625-40D6-A5AB-920DFD2DAF8C} - C:\Documents and Settings\henaff julien\Application Data\ChansonsMP3.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/qfr8l.hpwis.com/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {E49A9FCB-FAA9-4C1F-A1C1-54920DA2CCA4} - http://es6-scripts.dlv4.com/binaries/egauth4/egauth4_1052_FR_XP.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Securitoo AntiVirus Firewall (BackWeb Client - 1044199) - Unknown owner - C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Authentication Agent (FSAA) - Unknown owner - C:\Program Files\Securitoo\av_fw\Common\FSAA.EXE (file missing)
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
O23 - Service: F-Secure Distributed Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\fswsclds.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

roxane · Answer

Au fait javais oublié de préciser, je n'ais pas réussi à supprimer P2P Networking enfin c'est plutot que je ne l'ais pas trouver. Voici le deuxième rapport ewido après un delete :

C:\WinAntiVirus Pro 2006\Quarantine\instafinkqkwiljsk\instafink.dll -> Adware.404Search : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\altnetuvljslse\Setup.exe -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\altnetuvljslse\adm.exe -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\altnetuvljslse\adm25.dll -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\altnetuvljslse\adm4.dll -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\altnetuvljslse\admdloader.dll -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\altnetuvljslse\admfdi.dll -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\altnetuvljslse\admprog.dll -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\altnetuvljslse\dmfiles.cab/AltnetUninstall.exe -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\altnetuvljslse\pmexe.cab/Points Manager.exe -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\asmfiles.cabczbgzctc/asm.exe -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\asmfiles.cabczbgzctc/asmps.dll -> Adware.Altnet : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\altnetuvljslse\pmfiles.cab/sysdetect.dll -> Adware.BrilliantDigital : No action taken.
C:\Documents and Settings\Invité\Application Data\ShopperReports -> Adware.HotBar : No action taken.
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs -> Adware.HotBar : No action taken.
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\Config.xml -> Adware.HotBar : No action taken.
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : No action taken.
C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\persist.dbs -> Adware.HotBar : No action taken.
C:\Documents and Settings\Invité\Application Data\ShopperReports\shprrprt.log -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.6.2.0\HbtCoreSrv.dll -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.6.2.0\HbtGuard.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.6.2.0\HbtHostIE.dll -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.6.2.0\HbtHostOE.dll -> Adware.Hotbar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.6.2.0\HbtOEAddOn.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.6.2.0\HbtToolbar.dll -> Adware.Hotbar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.6.2.0\HbtWallpaper.dll -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.7.0.0\Cml.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.7.0.0\HbtGuard.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.7.0.0\HbtHostOE.dll -> Adware.Hotbar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.7.0.0\HbtInstIE.dll -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.7.0.0\HbtOEAddOn.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.7.0.0\HbtSrv.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.7.0.0\HbtWeatherOnTray.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.8.0.0\Cml.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.8.0.0\HbtAds.dll -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.8.0.0\HbtGuard.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.8.0.0\HbtHostIE.dll -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.8.0.0\HbtHostOE.dll -> Adware.Hotbar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.8.0.0\HbtHostOL.dll -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.8.0.0\HbtInstIE.dll -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.8.0.0\HbtOEAddOn.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.8.0.0\HbtSrv.exe -> Adware.HotBar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\Bin\4.8.0.0\HbtWeatherOnTray.exe -> Adware.Hotbar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\HBTV\HBTV.exe -> Adware.Hotbar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc10\HBTV\HBTVHelper.dll -> Adware.Hotbar : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc9.exe -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\AppID\WeatherOnTray.EXE -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostIE.Bho -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostIE.Bho.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtTools.HbMain -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtTools.HbMain.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbAx -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbAx.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbAx\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbAx\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbCommBand -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbCommBand.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbCommBand\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbCommBand\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButton -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButton.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButton\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButton\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\Install -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\MachineInfo -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\Mail -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\PI -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\PI\3.2 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\Updates -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\Upgrade -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HostOI -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HostOI\Mail -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HostOI\Updates -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HostOL -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HostOL\Updates -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\Hotbar -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\Hotbar\Install -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\Install -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\Install\CmpMap -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HbToolsOutlookTools -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HbToolsWebTools -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReports by Hotbar -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\ShopperReports -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\ShopperReports\ShopperReports -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\ShopperReports\ShopperReports\PostInstaller -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Common -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Common\Time -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Common\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\EUI -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\HtmlPPP -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\ImagesHistory -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Install -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Local -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\MachineInfo -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\MultiUrl -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\PI -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\PI\3.2 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg852 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg853 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg860 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg861 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg887 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg888 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg889 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg904 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg905 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg910 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg911 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg912 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg913 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg914 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg915 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg926 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Sample\Hist\sg927 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\UserInfo -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\Weather -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\dynamic -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\dynamicFail -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\init -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\links -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\mail -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\options -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HbTools\updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HostOI -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HostOI\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\HostOI\links -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Time -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Time\HostIE -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Time\HostIE\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Time\HostOE -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Time\HostOE\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Time\HostOI -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Time\HostOI\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Time\HostOL -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\Time\HostOL\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\hostol -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\hostol\Mail -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\hostol\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\HbTools\hostol\soho -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\ShopperReports -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\ShopperReports\ShopperReports -> Adware.HotBar : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\ShopperReports\ShopperReports\PostInstaller -> Adware.HotBar : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\WebP2PInstaller.dllolagshco -> Adware.PeerNet : No action taken.
C:\Documents and Settings\henaff julien\Bureau\roxane\backups\backup-20060914-182910-444.dll -> Adware.Shopper : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{2178F3FB-2560-458f-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2178F3FB-2560-458F-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : No action taken.
HKU\S-1-5-21-314177260-2303630276-2054470332-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2178F3FB-2560-458F-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : No action taken.
C:\Program Files\amateursfr\amateursfr.exe -> Dialer.Allotick : No action taken.
C:\Documents and Settings\henaff julien\Application Data\ChansonsMP3.exe -> Dialer.DialWeb : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access -> Dialer.Generic : No action taken.
C:\WINDOWS\ExeDialer.exe -> Dialer.InstantAccess.f : No action taken.
C:\WINDOWS\system32\EGDACCESS_1063.dll -> Dialer.InstantAccess.f : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\Multihoxbpgjw\Exe\20050821180823\instant access.exe -> Dialer.InstantAccess.f : No action taken.
C:\Documents and Settings\henaff julien\Bureau\Instant-Access.exe -> Dialer.InstantAccess.m : No action taken.
C:\RECYCLER\S-1-5-21-314177260-2303630276-2054470332-1007\Dc7.exe -> Dialer.InstantAccess.m : No action taken.
C:\WinAntiVirus Pro 2006\Quarantine\Multihoxbpgjw\20060710150731\instant access.exe -> Dialer.InstantAccess.m : No action taken.
C:\WINDOWS\system32\MSA64CHK.0LL -> Downloader.Perfiler.g : No action taken.

Utilisateur anonyme · Answer

Salut,

oui, c'est bon! regarde bien si tout a été supprimé si quelque chose à resisté à ta suppression signale le nous.

Fais ce nettoyage: (à faire réguliérement)

¤Telecharges et installes ceci:
CCleaner:
Télécharger Ccleaner

dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes

¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"

Puis remets un rapport hijackthis une fois que c'est fait ;-)

A++

Utilisateur anonyme · Answer

Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [/AutoLaunchHDD70] C:\Program Files\PHILIPS\HDDDMM\DMM\bin\AutoLaunchHDD70.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [XCSyncML] C:\WINDOWS\system32\XCSyncML.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: ChansonsMP3 - {EF6D6AE3-2625-40D6-A5AB-920DFD2DAF8C} - C:\Documents and Settings\henaff julien\Application Data\ChansonsMP3.exe (file missing)

Refais un san complet avec Ewido et colle le rapport ici stp car quelque chose à resisté mais quoi ? ..pas de rapport peut pas juger

uis fias ça:

Lances LSPFix et agrandis la fenêtre
Dconnectes toi totalement d'internet et eteins ton modem de connexion
Coches la case "I know what I'm doing".
Dans la colonne de gauche selectionnes toutes les entrées avec la ddl suivante:

mailscan.dll

clic sur la flèche vers la droite pour les ajouter de la colonne "keep" dans la colonne "remove"

une fois que c'est fait clic sur "finish"

http://www.cexx.org/lspfix.zip

dès que tu as fait tout ça remets un rapport hijackthis stp

Utilisateur anonyme · Answer

Salut,

ah bah super :-/

a t-il créer un dossier "backup" ? sinon, clic sur demarrer, tous les programmes, accessoires, outils systeme, restauration du systeme, puis restaure le à une heure pas trop eloigné

roxane · Answer

salut

Me voila de retour sur mon pc, cette fois.
Donc j'en suis arrivé la ou je me suis planté...
Une question pour éteindre le modem, il faut juste le déconnecter??
Je t'envoie le dernier rapport hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 20:35:44, on 18/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
C:\Program Files\Securitoo\av_fw\fswsclds.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Securitoo\av_fw\backweb\1044199\Program\BackWeb-1044199.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\WINDOWS\System32\hphmon05.exe
C:\PROGRA~1\Lexmark\PHOTOC~1\LXBLKsk.exe
C:\Program Files\Lexmark\Lexmark Photo Center\MemoryCardManager.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\PHILIPS\HDDDMM\DMM\bin\AutoLaunchHDD70.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
C:\PROGRA~1\FICHIE~1\PHILIP~1\USBCON~1.EXE
C:\WINDOWS\vsnpstd.exe
C:\WINDOWS\system32\XCSyncML.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Documents and Settings\henaff julien\Bureau\roxane\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/qfr8l.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: IEFW Object - {B5141620-C2B2-4D95-9F0F-134D99C87AB0} - C:\Program Files\WinAntiVirus Pro 2006\iefwbho.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [LXBLKsk] C:\PROGRA~1\Lexmark\PHOTOC~1\LXBLKsk.exe
O4 - HKLM\..\Run: [MemoryCardManager] C:\Program Files\Lexmark\Lexmark Photo Center\MemoryCardManager.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [/AutoLaunchHDD70] C:\Program Files\PHILIPS\HDDDMM\DMM\bin\AutoLaunchHDD70.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [XCSyncML] C:\WINDOWS\system32\XCSyncML.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: ChansonsMP3 - {EF6D6AE3-2625-40D6-A5AB-920DFD2DAF8C} - C:\Documents and Settings\henaff julien\Application Data\ChansonsMP3.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/qfr8l.hpwis.com/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {E49A9FCB-FAA9-4C1F-A1C1-54920DA2CCA4} - http://es6-scripts.dlv4.com/binaries/egauth4/egauth4_1052_FR_XP.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Securitoo AntiVirus Firewall (BackWeb Client - 1044199) - Unknown owner - C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Authentication Agent (FSAA) - Unknown owner - C:\Program Files\Securitoo\av_fw\Common\FSAA.EXE (file missing)
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
O23 - Service: F-Secure Distributed Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\fswsclds.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

Utilisateur anonyme · Answer

Salut,

très bien ;-)

ton rapport hijackthis est propre pour finir fait ça:

Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp

https://www.bitdefender.com/toolbox/

quand tu aura fini le scan avec Bitdefender(scan en ligne) tu nous dira ou tu en est avec tes problémes ;-)

Utilisateur anonyme · Answer

encore deux petites choses à faire:

Alors ceci; C:\System Volume Information\_restore(voir rapport Bitdefender) indique que ta restauration du systeme etait infecté ou est infecté, pour être sûr, nous allons créer un point propre.

Clic sur "demarrer", cliques droit sur "poste de travail", "propriétés", onglet "restauration du systeme"

¤ coches la case "desactiver la Restauration du systéme sur tous les lecteurs", puis clic ur "appliquer"
¤ decoches la case et clic sur "appliquer" puis "ok".

Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:

Clic sur "demarrer", "tous les programmes", "accessoires", "outils système", "restauration du système", choisis "créer un point de restauration" nommes le " ccm" par exemple, cliques sur "créer" puis "ok".
Voilà, maintenant le point de restauration est créer si un jour tu décides tu pourra revenir en arriere à la date que tu l'as créer donc à ce jour; en fesant la marche arriére tu pourra remettre ton ordinateur à la date ou l'on à créer ce point de restauration mais tu perdra les modifications que tu aura faites entre deux.

Puis,

Télécharge SmitfraudFix (enregistre le sur le "bureau")
http://siri.urz.free.fr/Fix/SmitfraudFix.zip

décompresse SmitfraudFix
Lance le fichier SmitfraudFix ou SmitfraudFix.cmd et choisis l’option 1 copie le rapport ici stp

yxor · Answer

Salut,

Voici le rapport sous smitfraudfix, mais je crois que je me suis planté...

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\henaff \Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\HENAFF~1\Favoris

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

roxane · Answer

Salut,

Je suis toujours la. Juste que je n'ais pas eu trop le temps de me connecter ces temps-ci. Alors pour mon soucis, je trouve que c'est mieux mais je suis pas sûre que ce soit encore ca...Faut que je travaille dessus encore pour voir mais dans l'ensemble c'est mieux..
Merci pour ton aide. J'aimerais aussi savoir comment faire pour que ca ne m'arrive plus ou moins en tout cas. J'irais suremet faire un tour sur le form comment securiser son pc. Alors surement à très vite..

Pc let au demarrage virus a supprimer

12 réponses

Newsletters