Sujet Précédent Sujet Suivant

Trojan.downloader.win32.zlob.amj

Résolu/Fermé
Lig Messages postés 43 Date d'inscription samedi 7 octobre 2006 Statut Membre Dernière intervention 3 mai 2010 - 7 oct. 2006 à 09:58
 Utilisateur anonyme - 14 oct. 2006 à 17:21
Bonjour à tous,
Depuis quelques jours, mon antivirus (Fsecure securitoo wanadoo) m'indique à chaque ouverture de cession la présence de : trojan.downloader.win32.zlob.amj.
A chaque fois, le dossier concerné (C:\programfiles\strcodec\isaddon.dll.) est renommé/supprimé, mais statu quo.
Depuis, mon ordinateur est très lent, il plante souvent et je suis harcelé de spam, pubs... malgré des recherches et mises en quarantaine via mon antispyware.
Je suis relativement néophyte en informatique, merci d'avance de votre aide.
L

46 réponses

Réponse 1 / 46
Utilisateur anonyme
7 oct. 2006 à 10:38
Fsecure securitoo wanadoo
C'est du Online ça, dis-moi ?



vas voir ici, et faits un scan en ligne de préférence Panda, (avec Iexplorer) dans un premier temps.
leblogdeclaude.blogspot.com/2006/09/informatique-section-scan-en-ligne.html
As-tu un anti-virus sur ton PC?
Sinon voir ici:

www.inoculer.com/gratuits.php3
Il te faut aussi un fire-wall (minimum celui de xp activé)

1
Réponse 2 / 46
Lig Messages postés 43 Date d'inscription samedi 7 octobre 2006 Statut Membre Dernière intervention 3 mai 2010 13
7 oct. 2006 à 11:38
Merci d'avoir répondu si rapidement.
Securitoo est le package antivirus/firewall/antispyware qui m'a été recommandé par france telecom au moment de l'ouverture du compte wanadoo.
Je vais suivre la marche que tu m'as indiquée pour le diagnostic.
A +
0
Réponse 3 / 46
Utilisateur anonyme
7 oct. 2006 à 11:48
ok, j'attends de tes nouvelles.
0
Réponse 4 / 46
^^Marie^^ Messages postés 113929 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 274
7 oct. 2006 à 11:58
Salut lig,
Salut philo,

Je pense que tu devrais aller faire un tour sur ces deux liens, afin de protéger correctement ton pc :::


antivirus gratuit lequel choisir


securite utilisation d un firewall

Ensuite de faire les trois rapports demandés qui sont ici :

virus methode preliminaire de desinfection version fr


Bon courage

A++



0
Lig Messages postés 43 Date d'inscription samedi 7 octobre 2006 Statut Membre Dernière intervention 3 mai 2010 13
7 oct. 2006 à 15:22
Merci pour ton aide.

En ce qui concerne antivirus et firewall, je suis déjà équipé et j'ai notion qu'il ne faut pas les accumuler(?)

Je vais effectuer les tests que tu m'as préconisés.

D ici là, à +.

L
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 46
Utilisateur anonyme
7 oct. 2006 à 12:09
.
0
Réponse 6 / 46
Lig Messages postés 43 Date d'inscription samedi 7 octobre 2006 Statut Membre Dernière intervention 3 mai 2010 13
7 oct. 2006 à 14:19
Re-
Pas moyen de charger l'application activex avec Panda.
J ai fait un scan via kaspersky, le voici :
KASPERSKY ON-LINE SCANNER REPORT
Saturday, October 07, 2006 2:02:50 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 7/10/2006
Enregistrements dans la base antivirus Kaspersky : 216525


Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai

Cible de l'analyse Poste de travail
C:\
D:\

Statistiques de l'analyse
Total d'objets analysés 89304
Nombre de virus trouvés 1
Nombre d'objets infectés 39 / 0
Nombre d'objets suspects 0
Durée de l'analyse 01:23:21

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Application Data\ispnews\ispn.ini L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Application Data\ispnews\ispnc.items L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Application Data\ispnews\ispnr.items L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Cookies\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\ApplicationHistory\hpqgalry.exe.cf8dd223.ini.inuse L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Historique\History.IE5\MSHist012006100720061008\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Temp\hpodvd09.log L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Temp\~DFA774.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\Laurent Lighezolo\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\IComTracer.log L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\backweb\8520111\Users\Default\Data\chandir.dat L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\backweb\8520111\Users\Default\Data\chandir.idx L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\backweb\8520111\Users\Default\Data\chn.dat L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\backweb\8520111\Users\Default\Data\chn.idx L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\backweb\8520111\Users\Default\Data\D0000000.FCS L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\backweb\8520111\Users\Default\Data\inuse.txt L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\backweb\8520111\Users\Default\Data\L0000001.FCS L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\backweb\8520111\Users\Default\Data\main.log L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\backweb\8520111\Users\Default\Data\prs.dat L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\backweb\8520111\Users\Default\Data\prs.idx L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\backweb\8520111\Users\Default\Data\prs_die.dat L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\backweb\8520111\Users\Default\Data\prs_die.idx L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\backweb\8520111\Users\Default\Data\prs_dnd.dat L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\backweb\8520111\Users\Default\Data\prs_dnd.idx L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\backweb\8520111\Users\Default\Data\prs_ext.dat L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\backweb\8520111\Users\Default\Data\prs_ext.idx L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\backweb\8520111\Users\Default\Data\prs_rcv.dat L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\backweb\8520111\Users\Default\Data\prs_rcv.idx L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\backweb\8520111\Users\Default\Data\storydb.dat L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\backweb\8520111\Users\Default\Data\storydb.idx L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\Common\admin.pub L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\Common\policy.bpf L'objet est verrouillé ignoré

C:\Program Files\Securitoo\av_fw\Common\policy.ipf L'objet est verrouillé ignoré

C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043495.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043503.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043571.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043574.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043634.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP207\A0043693.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP207\A0043723.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP208\A0043843.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP208\A0043868.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP209\A0043905.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP209\A0043947.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP209\A0043994.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044022.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044052.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044065.0XE L'objet est verrouillé ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044066.0LL L'objet est verrouillé ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044067.0XE L'objet est verrouillé ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044085.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044110.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044133.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0045135.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0045265.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP211\A0045289.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP211\A0045330.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP211\A0045355.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP211\A0046355.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP212\A0046375.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP212\A0047384.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP212\A0047407.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP212\A0047437.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP217\A0048504.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP217\A0049446.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0049470.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050022.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050053.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050084.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050115.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050146.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050181.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050188.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050194.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050196.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\change.log L'objet est verrouillé ignoré

C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré

C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré

C:\WINDOWS\SoftwareDistribution\EventCache\{331A2909-096C-40F9-B4F6-71816D44D113}.bin L'objet est verrouillé ignoré

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré

C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré

C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré

C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré

C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré

C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré

C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

Analyse terminée.



Entretemps, mon antivirus a détecté et supprimé 3 trojan.
Merci de votre aide.
0
Réponse 7 / 46
Utilisateur anonyme
7 oct. 2006 à 15:48
Vérifies que tes points de restauration ne sont pas bloqués, c'est la spécialité de Kaspersky ça !
J'ai un dote à cause de ceci:
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043495.exe Infecté : not-virus:Hoax.Win32.Renos.fh ignoré
0
Réponse 8 / 46
^^Marie^^ Messages postés 113929 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 274
7 oct. 2006 à 15:55
Avant de faire quoi que ce soit, faudrait """VOIR""" le rapport ewido et hitjackthis depmandé dans e rapport préliminaire de désinfection......................on avancera correctement

ENSUITE on pourra parler de ton infection...

A++

Merci
0
Réponse 9 / 46
Utilisateur anonyme
7 oct. 2006 à 16:15
Je voudrais savoir si après le scan de Kaspersky tu as encore "Depuis, mon ordinateur est très lent, il plante souvent et je suis harcelé de spam, pubs... "
Ou alors il ya une amélioration ?
De toute façon, download ceci:
http://www.atribune.org/ccount/click.php?id=1
lance le
Coche ceci :

Windows Temp
Current User Temp
All Users Temp
Coockies
Temporary Internet Files
Prefetch
Java Cache

Clique sur Empty Selected et au message "Done Cleaning" sur Ok
Clique sur Exit
Ensuite télécharge ceci:
http://pchelpbordeaux.free.fr/frames/logiciels/HIJACKTHIS%20VF.exe
Installes-le proprement:
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Colle ici le log de Hijackthis, on y verra plus clair.
0
Réponse 10 / 46
^^Marie^^ Messages postés 113929 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 274
7 oct. 2006 à 16:27
Colle ici le log de Hijackthis, on y verra plus clair.

toutaféééé ;-)))

0
Réponse 11 / 46
Lig Messages postés 43 Date d'inscription samedi 7 octobre 2006 Statut Membre Dernière intervention 3 mai 2010 13
7 oct. 2006 à 19:15
Re-coucou tous les deux!
J'étais en train de pratiquer les 3 tests (ewido...)
C'est très long avec un ordi qui plante en plein milieu de procédures d'1H30...

Philo : après Kaspersky, il y a un léger mieux (psychologique?) au niveau du plantage, mais au niveau des popups, spams,etc, je ne vois pas vraiment de changement.

J'ai 2 rapports ewido (car l'ordi a planté la 1ere fois juste après la sauvegarde du rapport, en cours de suppression). Voici les deux :

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 16:34:05 07/10/2006

+ Scan result:



HKLM\SOFTWARE\Classes\CLSID\{479fd0cf-5be9-4c63-8cda-b6d371c67bd5} -> Adware.Generic : No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{479fd0cf-5be9-4c63-8cda-b6d371c67bd5} -> Adware.Generic : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Security Add-On -> Adware.Generic : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{479FD0CF-5BE9-4C63-8CDA-B6D371C67BD5} -> Adware.Generic : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\cs -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\cs\Config.xml -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\cs\db -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\cs\db\Aliases.dbs -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\cs\db\Sites.dbs -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\cs\persist.dbs -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\cs\report -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml.db -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\cs\report\aggr_storage.xml -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\cs\report\send_ShopperReports.xml -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\cs\report\send_ShopperReports.xml.db -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\cs\report\send_storage.xml -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\cs\res1 -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\cs\res1\WhiteList.dbs -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158678595.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158678656.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158678717.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158678778.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158678839.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158678900.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158678961.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158679022.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158679083.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158679144.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158679205.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158679266.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158679327.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158679388.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158679449.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158679510.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158679571.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158679632.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158679693.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158679754.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158679815.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158679876.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158679937.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158679998.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158680059.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158680120.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158680181.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158680242.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158680303.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158680364.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158680425.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158680486.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158680547.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158680608.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158680669.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158680730.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158680791.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158680852.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158680913.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158680974.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158681035.log -> Adware.HotBar : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\shprrprt_1158681061.log -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.7.2.1\Cml.exe -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.7.2.1\HbtAds.dll -> Adware.Hotbar : No action taken.
C:\Program Files\HbTools\Bin\4.7.2.1\HbtCoreSrv.dll -> Adware.Hotbar : No action taken.
C:\Program Files\HbTools\Bin\4.7.2.1\HbtGuard.exe -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.7.2.1\HbtHostIE.dll -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.7.2.1\HbtHostOE.dll -> Adware.Hotbar : No action taken.
C:\Program Files\HbTools\Bin\4.7.2.1\HbtHostOL.dll -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.7.2.1\HbtInstIE.dll -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.7.2.1\HbtOEAddOn.exe -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.7.2.1\HbtSrv.exe -> Adware.Hotbar : No action taken.
C:\Program Files\HbTools\Bin\4.7.2.1\HbtToolbar.dll -> Adware.Hotbar : No action taken.
C:\Program Files\HbTools\Bin\4.7.2.1\HbtWallpaper.dll -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.7.2.1\HbtWeatherOnTray.exe -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.7.5.0\HbtGuard.exe -> Adware.Hotbar : No action taken.
C:\Program Files\HbTools\Bin\4.7.5.0\HbtHostIE.dll -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.7.5.0\HbtHostOE.dll -> Adware.Hotbar : No action taken.
C:\Program Files\HbTools\Bin\4.7.5.0\HbtInstIE.dll -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.7.5.0\HbtOEAddOn.exe -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.7.5.0\HbtWallpaper.dll -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.7.5.0\HbtWeatherOnTray.exe -> Adware.Hotbar : No action taken.
C:\Program Files\HbTools\Bin\4.8.0.0\Cml.exe -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.8.0.0\HbtAds.dll -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.8.0.0\HbtGuard.exe -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostOE.dll -> Adware.Hotbar : No action taken.
C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostOL.dll -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.8.0.0\HbtInstIE.dll -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.8.0.0\__delete_on_reboot__H_b_t_O_E_A_d_d_O_n_._e_x_e_ -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.8.0.0\__delete_on_reboot__H_b_t_S_r_v_._e_x_e_ -> Adware.HotBar : No action taken.
C:\Program Files\HbTools\Bin\4.8.0.0\__delete_on_reboot__H_b_t_W_e_a_t_h_e_r_O_n_T_r_a_y_._e_x_e_ -> Adware.Hotbar : No action taken.
C:\Program Files\HbTools\HBTV\__delete_on_reboot__H_B_T_V_._e_x_e_ -> Adware.Hotbar : No action taken.
C:\Program Files\HbTools\HBTV\__delete_on_reboot__h_b_t_v_h_e_l_p_e_r_._d_l_l_ -> Adware.Hotbar : No action taken.
C:\Program Files\ShopperReports -> Adware.HotBar : No action taken.
C:\Program Files\ShopperReports\Bin -> Adware.HotBar : No action taken.
C:\Program Files\ShopperReports\Bin\1.1.0.0 -> Adware.HotBar : No action taken.
C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll -> Adware.HotBar : No action taken.
C:\Program Files\ShopperReports\Bin\2.0.0 -> Adware.HotBar : No action taken.
C:\Program Files\ShopperReports\Bin\2.0.0\__delete_on_reboot__S_h_p_r_R_p_r_t_._d_l_l_ -> Adware.HotBar : No action taken.
C:\Program Files\ShopperReports\Uninst.exe -> Adware.HotBar : No action taken.
C:\Program Files\ShopperReports\cs -> Adware.HotBar : No action taken.
C:\Program Files\ShopperReports\cs\persist.dbs -> Adware.HotBar : No action taken.
C:\Program Files\ShopperReports\uninstall.exe -> Adware.HotBar : No action taken.
C:\WINDOWS\system32\xnngaisk.exe -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\AppID\WeatherOnTray.EXE -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostIE.Bho -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostIE.Bho.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtTools.HbMain -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtTools.HbMain.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbAx -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbAx.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbAx\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbAx\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButton -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButton.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButton\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.IEButton\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager.1 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CLSID -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CurVer -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\Install -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\MachineInfo -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\Mail -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\PI -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\PI\3.2 -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\Updates -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HbTools\Upgrade -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HostOI -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HostOI\Mail -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HostOI\Updates -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HostOL -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HostOL\Mail -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\HostOL\Updates -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\Hotbar -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\Hotbar\Install -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\Install -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\Install\CmpMap -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\Install\Icons -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\HbTools\Install\Links -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HbToolsOutlookTools -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HbToolsWebTools -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\ShopperReports -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\ShopperReports\ShopperReports -> Adware.HotBar : No action taken.
HKLM\SOFTWARE\ShopperReports\ShopperReports\PostInstaller -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Common -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Common\Time -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Common\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\EUI -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\HtmlPPP -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\ImagesHistory -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Install -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\MachineInfo -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\MultiUrl -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\PI -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\PI\3.2 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\keren -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg852 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg853 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg860 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg861 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg887 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg888 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg889 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg904 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg905 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg910 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg911 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg912 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg913 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg914 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg915 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg928 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg929 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg938 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg939 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg940 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg941 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg942 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg943 -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\UserInfo -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Weather -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\dynamic -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\dynamicFail -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\init -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\links -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\mail -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\options -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HostOI -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HostOI\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HostOI\links -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Time -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Time\HostIE -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Time\HostIE\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Time\HostOE -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Time\HostOE\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Time\HostOI -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Time\HostOI\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Time\HostOL -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Time\HostOL\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\hostol -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\hostol\Mail -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\hostol\Updates -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\hostol\links -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\hostol\soho -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\ShopperReports -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\ShopperReports\ShopperReports -> Adware.HotBar : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\ShopperReports\ShopperReports\PostInstaller -> Adware.HotBar : No action taken.
[1080] C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostOE.dll -> Adware.Hotbar : No action taken.
[2148] C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll -> Adware.HotBar : No action taken.
[2852] C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostOE.dll -> Adware.Hotbar : No action taken.
[2876] C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostOE.dll -> Adware.Hotbar : No action taken.
[2980] C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostOE.dll -> Adware.Hotbar : No action taken.
[3124] C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostOE.dll -> Adware.Hotbar : No action taken.
[3192] C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostOE.dll -> Adware.Hotbar : No action taken.
[3440] C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostOE.dll -> Adware.Hotbar : No action taken.
[3720] C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostOE.dll -> Adware.Hotbar : No action taken.
[3796] C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostOE.dll -> Adware.Hotbar : No action taken.
[3848] C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostOE.dll -> Adware.Hotbar : No action taken.
[4048] C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostOE.dll -> Adware.Hotbar : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Explorer Security Plugin 2006 -> Adware.IntCodec : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Public Messenger ver 2.03 -> Adware.IntCodec : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\Internet Security -> Adware.IntCodec : No action taken.
[3508] C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll -> Adware.Shopper : No action taken.
C:\Program Files\Fichiers communs\Sandlot Shared\slghex.dll -> Adware.SpywareStorm : No action taken.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2178F3FB-2560-458F-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Application Data\winantispyware2006freeinstall_fr[1].exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Local Settings\Temporary Internet Files\Content.IE5\VMXO5JJJ\WinAntiSpyware2006FreeInstall_fr[1].exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@112.2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@msnuk.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@banner.newyorkcasino[2].txt -> TrackingCookie.Newyorkcasino : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@ads.planetactive[2].txt -> TrackingCookie.Planetactive : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@h.starware[2].txt -> TrackingCookie.Starware : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@try.starware[1].txt -> TrackingCookie.Starware : No action taken.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@yadro[1].txt -> TrackingCookie.Yadro : No action taken.
C:\WINDOWS\system32\Rubberfaces.scr -> Trojan.NSAnti.A : No action taken.


::Report end








et le deuxieme :




---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 18:24:43 07/10/2006

+ Scan result:



HKLM\SOFTWARE\Classes\CLSID\{479fd0cf-5be9-4c63-8cda-b6d371c67bd5} -> Adware.Generic : Cleaned.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{479fd0cf-5be9-4c63-8cda-b6d371c67bd5} -> Adware.Generic : Cleaned.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Security Add-On -> Adware.Generic : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{479FD0CF-5BE9-4C63-8CDA-B6D371C67BD5} -> Adware.Generic : Cleaned.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports -> Adware.HotBar : Cleaned.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\cs -> Adware.HotBar : Cleaned.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : Cleaned.
C:\Documents and Settings\Laurent Lighezolo\Application Data\ShopperReports\cs\persist.dbs -> Adware.HotBar : Cleaned.
C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll -> Adware.HotBar : Cleaned.
C:\Program Files\HbTools\HBTV\__delete_on_reboot__h_b_t_v_h_e_l_p_e_r_._d_l_l_ -> Adware.Hotbar : Cleaned.
C:\Program Files\ShopperReports -> Adware.HotBar : Cleaned.
C:\Program Files\ShopperReports\Bin -> Adware.HotBar : Cleaned.
C:\Program Files\ShopperReports\Bin\2.0.0 -> Adware.HotBar : Cleaned.
C:\Program Files\ShopperReports\Bin\2.0.0\__delete_on_reboot__s_h_p_r_r_p_r_t_._d_l_l_ -> Adware.HotBar : Cleaned.
C:\Program Files\ShopperReports\Uninst.exe -> Adware.HotBar : Cleaned.
C:\Program Files\ShopperReports\cs -> Adware.HotBar : Cleaned.
C:\Program Files\ShopperReports\cs\persist.dbs -> Adware.HotBar : Cleaned.
C:\Program Files\ShopperReports\uninstall.exe -> Adware.HotBar : Cleaned.
C:\WINDOWS\system32\xnngaisk.exe -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\AppID\WeatherOnTray.EXE -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp.1 -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CLSID -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CurVer -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand.1 -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CLSID -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CurVer -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar.1 -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CLSID -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CurVer -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices.1 -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CLSID -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CurVer -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx.1 -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CLSID -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CurVer -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtHostIE.Bho -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtHostIE.Bho.1 -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CLSID -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CurVer -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim.1 -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CLSID -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CurVer -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend.1 -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CLSID -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CurVer -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices.1 -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CLSID -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CurVer -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI.1 -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CLSID -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CurVer -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl.1 -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CLSID -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CurVer -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtTools.HbMain -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtTools.HbMain.1 -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CLSID -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CurVer -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter.1 -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CLSID -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CurVer -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\ShprRprts.HbAx -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\ShprRprts.HbAx.1 -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\ShprRprts.HbAx\CLSID -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\ShprRprts.HbAx\CurVer -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand.1 -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand\CLSID -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand\CurVer -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\ShprRprts.IEButton -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\ShprRprts.IEButton.1 -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA.1 -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA\CLSID -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA\CurVer -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\ShprRprts.IEButton\CLSID -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\ShprRprts.IEButton\CurVer -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl.1 -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CLSID -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CurVer -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager.1 -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CLSID -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CurVer -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools\HbTools -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools\HbTools\Install -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools\HbTools\MachineInfo -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools\HbTools\Mail -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools\HbTools\PI -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools\HbTools\PI\3.2 -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools\HbTools\Updates -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools\HbTools\Upgrade -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools\HostOI -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools\HostOI\Mail -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools\HostOI\Updates -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools\HostOL -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools\HostOL\Mail -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools\HostOL\Updates -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools\Hotbar -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools\Hotbar\Install -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools\Install -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools\Install\CmpMap -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools\Install\Icons -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\HbTools\Install\Links -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HbToolsOutlookTools -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HbToolsWebTools -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\ShopperReports -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\ShopperReports\ShopperReports -> Adware.HotBar : Cleaned.
HKLM\SOFTWARE\ShopperReports\ShopperReports\PostInstaller -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Common -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Common\Time -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Common\Updates -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\EUI -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\HtmlPPP -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\ImagesHistory -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Install -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\MachineInfo -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\MultiUrl -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\PI -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\PI\3.2 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\keren -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg852 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg853 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg860 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg861 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg887 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg888 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg889 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg904 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg905 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg910 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg911 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg912 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg913 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg914 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg915 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg928 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg929 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg938 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg939 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg940 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg941 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg942 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Sample\Hist\sg943 -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\UserInfo -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\Weather -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\dynamic -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\dynamicFail -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\init -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\links -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\mail -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\options -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HbTools\updates -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HostOI -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HostOI\Updates -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\HostOI\links -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Time -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Time\HostIE -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Time\HostIE\Updates -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Time\HostOE -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Time\HostOE\Updates -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Time\HostOI -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Time\HostOI\Updates -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Time\HostOL -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\Time\HostOL\Updates -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\hostol -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\hostol\Mail -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\hostol\Updates -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\hostol\links -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\HbTools\hostol\soho -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\ShopperReports -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\ShopperReports\ShopperReports -> Adware.HotBar : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\ShopperReports\ShopperReports\PostInstaller -> Adware.HotBar : Cleaned.
[2148] C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll -> Adware.HotBar : Error during cleaning.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Explorer Security Plugin 2006 -> Adware.IntCodec : Cleaned.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Public Messenger ver 2.03 -> Adware.IntCodec : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\Internet Security -> Adware.IntCodec : Cleaned.
[3508] C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll -> Adware.Shopper : Error during cleaning.
C:\Program Files\Fichiers communs\Sandlot Shared\slghex.dll -> Adware.SpywareStorm : Cleaned.
HKU\S-1-5-21-1498895124-1061601555-3503358941-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2178F3FB-2560-458F-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : Cleaned.
C:\Documents and Settings\Laurent Lighezolo\Application Data\winantispyware2006freeinstall_fr[1].exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Cleaned.
C:\Documents and Settings\Laurent Lighezolo\Local Settings\Temporary Internet Files\Content.IE5\VMXO5JJJ\WinAntiSpyware2006FreeInstall_fr[1].exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Cleaned.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@msnuk.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@banner.newyorkcasino[2].txt -> TrackingCookie.Newyorkcasino : Cleaned.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@ads.planetactive[2].txt -> TrackingCookie.Planetactive : Cleaned.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@h.starware[2].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@try.starware[1].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\Laurent Lighezolo\Cookies\laurent lighezolo@yadro[1].txt -> TrackingCookie.Yadro : Cleaned.


::Report end






Voilà... je continurais demain, là je vais devoir m'alimenter et partir gagner mon pain quotidien.
A ciao et encore merci de votre attention.
L
0
Réponse 12 / 46
Utilisateur anonyme
7 oct. 2006 à 19:32
Pour demain,
Vas sur mon lien et download CCleaner
Le tuto est aussi sur ce lien
http://leblogdeclaude.blogspot.com/2006/09/informatique-section-scan-en-ligne.html
0
Réponse 13 / 46
Séb08 Messages postés 16502 Date d'inscription dimanche 13 novembre 2005 Statut Contributeur Dernière intervention 17 février 2023 1 430
7 oct. 2006 à 20:05
slt,

télécharge HijackThis (version francaise) ici:
hijackthis

Dézippe le dans un dossier prévu à cet effet.

Par exemple C:\hijackthis < Enregistre le bien dans c : !

Démo (merci à Balltrap) :
instalation hijackthis
http://pageperso.aol.fr/balltrap34/Hijenr.gif

Lance le puis:
clique sur "faire un scan et sauvegarder le log" (cf démo)
faire un copier coller du log entier sur le forum

Démo : (merci à balltrap34 pour cette réalisation)

http://pageperso.aol.fr/balltrap34/demohijack.htm

a+
0
Réponse 14 / 46
Lig Messages postés 43 Date d'inscription samedi 7 octobre 2006 Statut Membre Dernière intervention 3 mai 2010 13
8 oct. 2006 à 07:51
Bonjour à tous.
Voici le rapport Bitdefender :
BitDefender Online Scanner



Scan report generated at: Sat, Oct 07, 2006 - 20:50:42





Scan path: C:\;D:\;







Statistics

Time
01:30:07

Files
385274

Folders
6277

Boot Sectors
2

Archives
9099

Packed Files
22117




Results

Identified Viruses
6

Infected Files
43

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
43




Engines Info

Virus Definitions
474403

Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

Scan plugins
13

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043495.exe
Infected with: Trojan.Downloader.Zlob.YF

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043495.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043495.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043503.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043503.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043503.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043571.exe
Infected with: Trojan.Downloader.Zlob.YF

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043571.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043571.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043574.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043574.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043574.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043634.exe
Infected with: Trojan.Zlob.CN

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043634.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP206\A0043634.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP207\A0043693.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP207\A0043693.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP207\A0043693.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP207\A0043723.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP207\A0043723.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP207\A0043723.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP208\A0043843.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP208\A0043843.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP208\A0043843.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP208\A0043868.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP208\A0043868.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP208\A0043868.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP209\A0043905.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP209\A0043905.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP209\A0043905.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP209\A0043947.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP209\A0043947.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP209\A0043947.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP209\A0043994.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP209\A0043994.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP209\A0043994.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044022.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044022.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044022.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044052.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044052.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044052.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044085.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044085.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044085.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044110.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044110.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044110.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044133.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044133.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0044133.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0045135.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0045135.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0045135.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0045265.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0045265.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP210\A0045265.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP211\A0045289.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP211\A0045289.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP211\A0045289.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP211\A0045330.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP211\A0045330.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP211\A0045330.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP211\A0045355.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP211\A0045355.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP211\A0045355.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP211\A0046355.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP211\A0046355.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP211\A0046355.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP212\A0046375.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP212\A0046375.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP212\A0046375.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP212\A0047384.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP212\A0047384.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP212\A0047384.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP212\A0047407.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP212\A0047407.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP212\A0047407.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP212\A0047437.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP212\A0047437.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP212\A0047437.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP217\A0048504.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP217\A0048504.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP217\A0048504.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP217\A0049446.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP217\A0049446.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP217\A0049446.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0049470.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0049470.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0049470.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050022.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050022.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050022.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050053.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050053.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050053.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050084.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050084.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050084.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050115.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050115.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050115.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050146.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050146.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050146.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050181.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050181.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050181.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050187.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050187.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050187.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050193.exe
Infected with: Trojan.Downloader.Zlob.WZ

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050193.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050193.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050196.exe
Infected with: Trojan.Zlob.CN

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050196.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050196.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050199.exe
Infected with: Trojan.Zlob.CR

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050199.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0050199.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0051239.exe
Infected with: Trojan.Dropper.VB

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0051239.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0051239.exe
Deleted

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0051274.exe
Infected with: Trojan.Downloader.Winfixer.O

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0051274.exe
Disinfection failed

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP218\A0051274.exe
Deleted

C:\WINDOWS\system32\okztovrl.exe=>(NSIS o)=>lzma_nsis0005=>(NSIS o)=>zlib_nsis0002
Infected with: Trojan.Dropper.VB

C:\WINDOWS\system32\okztovrl.exe=>(NSIS o)=>lzma_nsis0005=>(NSIS o)=>zlib_nsis0002
Disinfection failed

C:\WINDOWS\system32\okztovrl.exe=>(NSIS o)=>lzma_nsis0005=>(NSIS o)=>zlib_nsis0002
Deleted

C:\WINDOWS\system32\okztovrl.exe=>(NSIS o)=>lzma_nsis0005=>(NSIS o)
Update failed
0
Réponse 15 / 46
Lig Messages postés 43 Date d'inscription samedi 7 octobre 2006 Statut Membre Dernière intervention 3 mai 2010 13
8 oct. 2006 à 08:05
Et voici le rapport Hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 07:57:52, on 08/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\SECURI~1\av_fw\backweb\8520111\Program\SERVIC~1.EXE
C:\Program Files\Securitoo\av_fw\backweb\8520111\Program\fspex.exe
C:\Documents and Settings\Laurent Lighezolo\Mes documents\Rapports ordi\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\av_fw\backweb\8520111\program\fsbwsys.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe
C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\PROGRA~1\Livecom\APPLIC~1\Exe\Livecom.exe
C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Securitoo\av_fw\FSGUI\fsguiexe.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\PROGRA~1\Livecom\APPLIC~1\eConfv4\livecomp.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\LAUREN~1\LOCALS~1\Temp\Répertoire temporaire 3 pour hijackthis[1].zip\HijackThis.exe
C:\WINDOWS\system32\HPZinw12.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ie.redirect.hp.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = resultsmaster.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll (file missing)
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: TVEngine Helper /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B94E3D67E5C7446213FC3 - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - c:\program files\hbtools\hbtv\hbtvhelper.dll
O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] "%ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe"
O4 - HKLM\..\Run: [ChangeResolution] C:\hp\bin\ChangeResolution.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.8.0.0\HbtOEAddOn.exe
O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Securitoo\av_fw\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [FSASWREG] "C:\Program Files\Securitoo\av_fw\Anti-Spyware\fsaswreg.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\HbTools\Bin\4.8.0.0\HbtWeatherOnTray.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [xejhctiy] C:\WINDOWS\system32\xnngaisk.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT

cnx|PARAM


O4 - HKCU\..\Run: [Livecom] "C:\PROGRA~1\Livecom\APPLIC~1\CommunicationAgent\CommunicationAgent.exe" -ICom_StartNoSplashScreen
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll (file missing)
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll (file missing)
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=ie.redirect.hp.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Securitoo Antivirus Firewall (BackWeb Plug-in - 8520111) - Unknown owner - C:\PROGRA~1\SECURI~1\av_fw\backweb\8520111\Program\SERVIC~1.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Documents and Settings\Laurent Lighezolo\Mes documents\Rapports ordi\ewido anti-spyware 4.0\guard.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\8520111\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
0
Réponse 16 / 46
Utilisateur anonyme
8 oct. 2006 à 14:07
méchant à effacer (cocher +fix) dans Hijackthis

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = resultsmaster.com

O2 - BHO: TVEngine Helper /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B94E3D67E5C7446213FC3 - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - c:\program files\hbtools\hbtv\hbtvhelper.dll

O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll

à supprimer inutile aussi

O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll (file missing)

O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll (file missing)

O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll (file missing)

O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll (file missing)

O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll (file missing)

J'ai un doute pour ceci:
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll

reposte un scan+log après ça .
0
Réponse 17 / 46
Lig Messages postés 43 Date d'inscription samedi 7 octobre 2006 Statut Membre Dernière intervention 3 mai 2010 13
8 oct. 2006 à 15:34
Hello, voici le nouveau scanlog hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 15:26:12, on 08/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\SECURI~1\av_fw\backweb\8520111\Program\SERVIC~1.EXE
C:\Documents and Settings\Laurent Lighezolo\Mes documents\Rapports ordi\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Securitoo\av_fw\backweb\8520111\Program\fspex.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\av_fw\backweb\8520111\program\fsbwsys.exe
C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe
C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Securitoo\av_fw\FSGUI\fsguiexe.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\PROGRA~1\Livecom\APPLIC~1\Exe\Livecom.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Livecom\APPLIC~1\eConfv4\livecomp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Documents and Settings\Laurent Lighezolo\Mes documents\Rapports ordi\ewido anti-spyware 4.0\ewido.exe
C:\Documents and Settings\Laurent Lighezolo\Local Settings\Temporary Internet Files\Content.IE5\CP2RS5IV\xlviewer[1].exe
C:\DOCUME~1\LAUREN~1\LOCALS~1\Temp\IXP000.TMP\SETUP.EXE
C:\Documents and Settings\Laurent Lighezolo\Bureau\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = ie.redirect.hp.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = ie.redirect.hp.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ie.redirect.hp.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] "%ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe"
O4 - HKLM\..\Run: [ChangeResolution] C:\hp\bin\ChangeResolution.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.8.0.0\HbtOEAddOn.exe
O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Securitoo\av_fw\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [FSASWREG] "C:\Program Files\Securitoo\av_fw\Anti-Spyware\fsaswreg.exe"
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\HbTools\Bin\4.8.0.0\HbtWeatherOnTray.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [xejhctiy] C:\WINDOWS\system32\xnngaisk.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [wextract_cleanup0] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\LAUREN~1\LOCALS~1\Temp\IXP000.TMP\"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT

cnx|PARAM


O4 - HKCU\..\Run: [Livecom] "C:\PROGRA~1\Livecom\APPLIC~1\CommunicationAgent\CommunicationAgent.exe" -ICom_StartNoSplashScreen
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll (file missing)
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll (file missing)
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=ie.redirect.hp.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Securitoo Antivirus Firewall (BackWeb Plug-in - 8520111) - Unknown owner - C:\PROGRA~1\SECURI~1\av_fw\backweb\8520111\Program\SERVIC~1.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Documents and Settings\Laurent Lighezolo\Mes documents\Rapports ordi\ewido anti-spyware 4.0\guard.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\8520111\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
0
Réponse 18 / 46
^^Marie^^ Messages postés 113929 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 274
8 oct. 2006 à 15:48
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"




O4 - HKLM\..\Run: [ChangeResolution] C:\hp\bin\ChangeResolution.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\HbTools\Bin\4.8.0.0\HbtWeatherOnTray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe


O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - acs.pandasoftware.com/activescan/as5free/asinst.cab



O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe


Fais ce qui suit aussi
stp
merci
télécharges smitfraudfix :

En image :
http://siri.urz.free.fr/Fix/SmitfraudFix.php

tu le décompresses tu doubles cliques sur smitfraudfix.cmd et tu choisi l option 1
cela vas générer un rapport.
Si tu vois des lignes avec PRESENT! Continue la manip qui suit.

Redémarres le PC en mode sans échec : tu tapotes sur la touche F8 de ton clavier (ou F5 ) et tu choisis le mode sans échec)

- Ouvre le dossier "SmitfraudFix" et double clic sur "Smitfraudfix.cmd", choisit l’option 2 et tu réponds oui à tout.

Copie/colle le rapport sur le forum stp.

A+




A++
0
Réponse 19 / 46
Lig Messages postés 43 Date d'inscription samedi 7 octobre 2006 Statut Membre Dernière intervention 3 mai 2010 13
8 oct. 2006 à 16:02
ok, c'est fait.
0
Réponse 20 / 46
^^Marie^^ Messages postés 113929 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 274
8 oct. 2006 à 16:05
Refais le rapport EWIDO
stp
Merci

rapport smitfraudfix ???
0