rapport hijackthis

[le juventine]

bonjour voila je poste un rapport apres la procedure avec antivir.merci de me dire ce qu il en est. a+

 

bonjour voila je poste un rapport apres la procedure avec antivir.merci de me dire ce qu il en est. a+

Logfile of HijackThis v1.99.1

Scan saved at 13:11:15, on 12/05/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

F:\WINDOWS\System32\smss.exe

F:\WINDOWS\SYSTEM32\winlogon.exe

F:\WINDOWS\system32\services.exe

F:\WINDOWS\system32\lsass.exe

F:\WINDOWS\system32\svchost.exe

F:\WINDOWS\System32\svchost.exe

F:\WINDOWS\system32\spoolsv.exe

F:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe

F:\WINDOWS\system32\svchost.exe

F:\WINDOWS\system32\ZoneLabs\vsmon.exe

F:\WINDOWS\system32\LVCOMSX.EXE

F:\Program Files\Logitech\Video\LogiTray.exe

F:\Documents and Settings\sabine franco\Mes documents\Mes fichiers reçus\Winamp\winampa.exe

F:\Program Files\HP\hpcoretech\hpcmpmgr.exe

F:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

F:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe

F:\Program Files\MessengerPlus! 3\MsgPlus.exe

F:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

F:\Program Files\HbTools\Bin\4.7.3.0\HbtWeatherOnTray.exe

F:\Program Files\HbTools\Bin\4.7.3.0\HbtOEAddOn.exe

F:\Program Files\Macrogaming\SweetIM\SweetIM.exe

F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

F:\Program Files\Internet Explorer\iexplore.exe

F:\Program Files\Skype\Phone\Skype.exe

F:\Program Files\Messenger\msmsgs.exe

f:\progra~1\intern~1\iexplore.exe

F:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE

F:\Program Files\Logitech\Video\FxSvr2.exe

F:\WINDOWS\system32\wuauclt.exe

F:\WINDOWS\explorer.exe

F:\Program Files\hijackthis\hijackthis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)

O2 - BHO: (no name) - {1607F18B-BE89-457C-84AB-145A41BC7DAC} - (no file)

O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - F:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll

O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - F:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll

O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - F:\Program Files\HbTools\Bin\4.7.3.0\HbtHostIE.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Reactivator - {AC2E8306-D24E-4082-8669-7781499F4E03} - F:\PROGRA~1\EVERYT~1.1\everycom.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Every Toolbar - {A20A76AD-7A29-4756-87FE-70C334CB40C0} - F:\PROGRA~1\EVERYT~1.1\everycom.dll

O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - F:\Program Files\HbTools\Bin\4.7.3.0\HbtHostIE.dll

O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - F:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll

O4 - HKLM\..\Run: [LVCOMSX] F:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] F:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] F:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [WinampAgent] F:\Documents and Settings\sabine franco\Mes documents\Mes fichiers reçus\Winamp\winampa.exe

O4 - HKLM\..\Run: [HP Component Manager] "F:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [HP Software Update] F:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] F:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe

O4 - HKLM\..\Run: [MessengerPlus3] "F:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [vga blah settings mpeg] F:\Documents and Settings\All Users\Application Data\mags wave vga blah\Amenabout.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [upgConfVer] "F:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\UpgConf.exe" /v:9.01.00

O4 - HKLM\..\Run: [KAVPersonal50] "F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize

O4 - HKLM\..\Run: [sunJavaUpdateSched] F:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [WeatherOnTray] F:\Program Files\HbTools\Bin\4.7.3.0\HbtWeatherOnTray.exe

O4 - HKLM\..\Run: [HbTools] F:\Program Files\HbTools\Bin\4.7.3.0\HbtOEAddOn.exe

O4 - HKLM\..\Run: [psyfqaje] F:\WINDOWS\system32\byrdaohn.exe

O4 - HKLM\..\Run: [sweetIM] F:\Program Files\Macrogaming\SweetIM\SweetIM.exe

O4 - HKLM\..\Run: [Zone Labs Client] F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKLM\..\RunOnce: [srePostpone] rundll32.exe f:\windows\system32\zonelabs\srescan.dll,DoSpecialAction

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [bashlies] F:\DOCUME~1\SABINE~1\APPLIC~1\CLOSEF~1\math find save.exe

O4 - HKCU\..\Run: [MessengerPlus3] "F:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [skype] "F:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [sweetIM] F:\Program Files\Macrogaming\SweetIM\SweetIM.exe

O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = F:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE

O8 - Extra context menu item: &Every Toolbar Search - res://F:\PROGRA~1\EVERYT~1.1\everycom.dll/GoRSDN.dll.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll

O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - F:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - F:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll

O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - F:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll

O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - F:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - F:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O18 - Protocol: bw+0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw+0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw-0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw-0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw00 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw00s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw10 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw10s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw20 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw20s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw30 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw30s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw40 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw40s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw50 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw50s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw60 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw60s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw70 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw70s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw80 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw80s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw90 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bw90s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwa0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwa0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwb0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwb0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwc0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwc0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwd0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwd0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwe0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwe0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwf0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwf0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwg0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwg0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwh0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwh0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwi0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwi0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwj0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwj0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwk0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwk0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwl0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwl0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwm0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwm0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwn0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwn0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwo0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwo0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwp0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwp0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwq0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwq0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwr0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwr0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bws0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bws0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwt0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwt0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwu0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwu0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwv0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwv0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bww0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bww0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwx0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwx0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwy0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwy0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwz0 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: bwz0s - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "F:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O23 - Service: hpdj - Unknown owner - F:\DOCUME~1\SABINE~1\LOCALS~1\Temp\hpdj.exe (file missing)

O23 - Service: kavsvc - Kaspersky Lab - F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - F:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - F:\WINDOWS\system32\ZoneLabs\vsmon.exe

[bruce lee]

bonjour,

 

analyse en cours, retour dans 15 minutes

[le juventine]

ok merci

[bruce lee]

re,

 

 

 

1/Télécharge la version d'évaluation d'Ewido:

http://www.ewido.net/en/download/

 

Installe et mets à jour.

 

Important: Pendant l'installation, sur la page "Additional Options" décoche les deux options "Install background guard" et "Install scan via context menu".

 

Démarre Ewido avec l'icône qui se trouve sur ton Bureau. Clique sur mise à jour, attendre la fin de cette mise à jour puis, ferme le programme.

 

2/Télécharge et installe EasyCleaner de Toni Helenius: http://personal.inet.fi/business/toniarts/ecleane.htm

 

3/demarre en mode sans echec http://www.sosordi.net/Faq/Faq.2.html

 

4/

demarrer/panneau de configuration/ajouts et suppresions de programmes et verifie la presence de:

 

ShopperReports

HbTools

MessengerPlus! 3

 

si ces programmes sont presents desinstallent les.

 

5/fais:

demarer executer services.msc repere hpdj

 

Double clic dessus :dans le champs Statut du service met le sur arrêté

dans le champs Type de démarrage met le sur désactivé puis

Appliquer puis ok .

 

 

6/lance hijackthis en cliquant sur do a scan system only coche ces lignes:

 

R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)

O2 - BHO: (no name) - {1607F18B-BE89-457C-84AB-145A41BC7DAC} - (no file)

O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - F:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll

O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - F:\Program Files\HbTools\Bin\4.7.3.0\HbtHostIE.dll

O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - F:\Program Files\HbTools\Bin\4.7.3.0\HbtHostIE.dll

O4 - HKLM\..\Run: [MessengerPlus3] "F:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [vga blah settings mpeg] F:\Documents and Settings\All Users\Application Data\mags wave vga blah\Amenabout.exe

O4 - HKLM\..\Run: [WeatherOnTray] F:\Program Files\HbTools\Bin\4.7.3.0\HbtWeatherOnTray.exe

O4 - HKLM\..\Run: [HbTools] F:\Program Files\HbTools\Bin\4.7.3.0\HbtOEAddOn.exe

O4 - HKLM\..\Run: [psyfqaje] F:\WINDOWS\system32\byrdaohn.exe

O4 - HKCU\..\Run: [bashlies] F:\DOCUME~1\SABINE~1\APPLIC~1\CLOSEF~1\math find save.exe

O4 - HKCU\..\Run: [MessengerPlus3] "F:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - F:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll

O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - F:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll

toutes les lignes 018 sauf les deux dernieres

 

 

Ferme toutes les fenêtres ouvertes sauf Hijackthis et clique sur fix checked

 

 

7/pour supprimer les fichiers nefastes on va tous les afficher en faisant comme ceci:

 

Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :

Cocher la case : Afficher les fichiers et dossiers cachés

Décocher la case : Masquer les extensions des fichiers dont le type est connu

Décocher la case : Masquer les fichiers protégés du système d'exploitation

cliquer sur "Appliquer"

cliquer sur le bouton "Appliquer à tous les dossiers" / OK

 

8/supprime ce qui est en gras:

 

F:\WINDOWS\system32\ byrdaohn.exe<== le fichier

F:\Program Files\ ShopperReports<== tout le dossier

F:\Program Files\ HbTools<== tout le dossier

F:\Program Files\ MessengerPlus! 3<== tout le dossier

F:\Documents and Settings\All Users\Application Data\ mags wave vga blah<== tout le dossier

F:\Documents and Settings\SABINE~1\Application Data\ CLOSEF<== tout le dossier qui

commence par CLOSEF

 

 

9/Relance Ewido et clique sur scanner puis sur scan complet du système.

 

Si des fichiers infectés sont trouvés, garde l'option par défaut Supprimer (avec la ligne "Créer des copies de sauvegarde cryptées dans la quarantaine" cochée), et coche "Effectuer cette action avec toutes les infections".

 

A la fin du scan, sauvegarde le rapport (Fichier/Enregistrer sous...) sur le Bureau.

 

10/redemarre en mode normal

 

11/poste le rapport d'ewido ainsi qu'un nouveau log hijackthis.

 

bon courage, et si tu as la moindre question n'hesite surtout pas

 

@+

[le juventine]

ok merci

mais c pas mon pc donc la procedure ne sera peut etre pas pour aujourd hui.je te l enverrai plus tard.a+

[bruce lee]

re,

 

pas de probleme pour la procedure

[le juventine]

salut bruce

comme prevu je t envoie le rapport ewido et le rapport hijackthis.merci

a+

 

salut bruce

comme prevu je t envoie le rapport ewido et le rapport hijackthis.merci

a+

Logfile of HijackThis v1.99.1

Scan saved at 14:04:54, on 15/05/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

F:\WINDOWS\System32\smss.exe

F:\WINDOWS\SYSTEM32\winlogon.exe

F:\WINDOWS\system32\services.exe

F:\WINDOWS\system32\lsass.exe

F:\WINDOWS\system32\svchost.exe

F:\WINDOWS\System32\svchost.exe

F:\WINDOWS\system32\spoolsv.exe

F:\WINDOWS\Explorer.EXE

F:\Program Files\ewido anti-malware\ewidoctrl.exe

F:\WINDOWS\system32\LVCOMSX.EXE

F:\Program Files\Logitech\Video\LogiTray.exe

F:\Documents and Settings\sabine franco\Mes documents\Mes fichiers reçus\Winamp\winampa.exe

F:\Program Files\HP\hpcoretech\hpcmpmgr.exe

F:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

F:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe

F:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

F:\Program Files\Macrogaming\SweetIM\SweetIM.exe

F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

F:\Program Files\Skype\Phone\Skype.exe

F:\Program Files\Logitech\Video\FxSvr2.exe

F:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE

F:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe

F:\WINDOWS\system32\svchost.exe

F:\WINDOWS\system32\ZoneLabs\vsmon.exe

F:\Program Files\MSN Messenger\msnmsgr.exe

F:\Program Files\WinRAR\WinRAR.exe

F:\DOCUME~1\SABINE~1\LOCALS~1\Temp\Rar$EX00.938\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - F:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Reactivator - {AC2E8306-D24E-4082-8669-7781499F4E03} - F:\PROGRA~1\EVERYT~1.1\everycom.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Every Toolbar - {A20A76AD-7A29-4756-87FE-70C334CB40C0} - F:\PROGRA~1\EVERYT~1.1\everycom.dll

O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - F:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll

O4 - HKLM\..\Run: [LVCOMSX] F:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] F:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] F:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [WinampAgent] F:\Documents and Settings\sabine franco\Mes documents\Mes fichiers reçus\Winamp\winampa.exe

O4 - HKLM\..\Run: [HP Component Manager] "F:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [HP Software Update] F:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] F:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [upgConfVer] "F:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\UpgConf.exe" /v:9.01.00

O4 - HKLM\..\Run: [KAVPersonal50] "F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize

O4 - HKLM\..\Run: [sunJavaUpdateSched] F:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [sweetIM] F:\Program Files\Macrogaming\SweetIM\SweetIM.exe

O4 - HKLM\..\Run: [Zone Labs Client] F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [skype] "F:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [sweetIM] F:\Program Files\Macrogaming\SweetIM\SweetIM.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = F:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE

O8 - Extra context menu item: &Every Toolbar Search - res://F:\PROGRA~1\EVERYT~1.1\everycom.dll/GoRSDN.dll.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll

O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - F:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - F:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll

O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - F:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing)

O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - F:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - F:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "F:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 - {6CECD3E4-FDD6-451E-9353-8E6826DFF89D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)

O23 - Service: ewido security suite control - ewido networks - F:\Program Files\ewido anti-malware\ewidoctrl.exe

O23 - Service: kavsvc - Kaspersky Lab - F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - F:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - F:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

---------------------------------------------------------

ewido anti-malware - Rapport de scan

---------------------------------------------------------

 

+ Créé le: 13:52:53, 15/05/2006

+ Somme de contrôle: D77C1B40

 

+ Résultats du scan:

 

HKLM\SOFTWARE\Classes\AppID\WeatherOnTray.EXE -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CLSID -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CurVer -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp.1 -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CLSID -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CurVer -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices.1 -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CLSID -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CurVer -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx.1 -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtHostIE.Bho -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CLSID -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CurVer -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtHostIE.Bho.1 -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CLSID -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CurVer -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim.1 -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CLSID -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CurVer -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend.1 -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbTools.HbtCommBand -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CLSID -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CurVer -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbTools.HbtCommBand.1 -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CLSID -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CurVer -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar.1 -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CLSID -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CurVer -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices.1 -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CLSID -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CurVer -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI.1 -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CLSID -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CurVer -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl.1 -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtTools.HbMain -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtTools.HbMain\CLSID -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtTools.HbMain\CurVer -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\HbtTools.HbMain.1 -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CLSID -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CurVer -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter.1 -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\ShprRprts.HbAx -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\ShprRprts.HbAx\CLSID -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\ShprRprts.HbAx\CurVer -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\ShprRprts.HbAx.1 -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand\CLSID -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand\CurVer -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand.1 -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\ShprRprts.IEButton -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\ShprRprts.IEButton\CLSID -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\ShprRprts.IEButton\CurVer -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\ShprRprts.IEButton.1 -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA\CLSID -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA\CurVer -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA.1 -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CLSID -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CurVer -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl.1 -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CLSID -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CurVer -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager.1 -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\HbTools -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\HbTools\HbTools -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\HbTools\HbTools\Install -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\HbTools\HbTools\PI -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\HbTools\HbTools\PI\3.2 -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\HbTools\HostOI -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\HbTools\HostOI\Mail -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\HbTools\HostOI\Updates -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\HbTools\HostOL -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\HbTools\HostOL\Mail -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\HbTools\HostOL\Updates -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\HbTools\Hotbar -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\HbTools\Hotbar\Install -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\HbTools\Install -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\HbTools\Install\CmpMap -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HbToolsOutlookTools -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HbToolsWebTools -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\ShopperReports -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\ShopperReports\ShopperReports -> Adware.HotBar : Nettoyer et sauvegarder

HKLM\SOFTWARE\ShopperReports\ShopperReports\PostInstaller -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\Common -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\Common\Time -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\Common\Updates -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\EUI -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Local -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\mail -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\MultiUrl -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\PI -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\PI\3.2 -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Sample -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Sample\Hist -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Sample\Hist\sg852 -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Sample\Hist\sg853 -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Sample\Hist\sg860 -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Sample\Hist\sg861 -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Sample\Hist\sg887 -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Sample\Hist\sg888 -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Sample\Hist\sg889 -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Sample\Hist\sg904 -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Sample\Hist\sg905 -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Sample\Hist\sg910 -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Sample\Hist\sg911 -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Sample\Hist\sg912 -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Sample\Hist\sg913 -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Sample\Hist\sg914 -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Sample\Hist\sg915 -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Sample\Hist\sg926 -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Sample\Hist\sg927 -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Updates -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HbTools\Weather -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HostOI -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HostOI\links -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\HostOI\Updates -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\hostol -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\hostol\links -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\hostol\Mail -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\hostol\soho -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\hostol\Updates -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\Time -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\Time\HostOE -> Adware.HotBar : Nettoyer et sauvegarder

HKU\S-1-5-21-1220945662-1645522239-682003330-1003\Software\HbTools\Time\HostOE\Updates -> Adware.HotBar : Nettoyer et sauvegarder

F:\Documents and Settings\sabine franco\Application Data\ShopperReports -> Adware.HotBar : Nettoyer et sauvegarder

F:\Documents and Settings\sabine franco\Application Data\ShopperReports\cs -> Adware.HotBar : Nettoyer et sauvegarder

F:\Documents and Settings\sabine franco\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : Nettoyer et sauvegarder

F:\Documents and Settings\sabine franco\Application Data\ShopperReports\cs\persist.dbs -> Adware.HotBar : Nettoyer et sauvegarder

F:\Documents and Settings\sabine franco\Application Data\ShopperReports\shprrprt.log -> Adware.HotBar : Nettoyer et sauvegarder

F:\Documents and Settings\sabine franco\Cookies\sabine franco@as1.falkag[1].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder

F:\Documents and Settings\sabine franco\Cookies\sabine franco@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder

F:\Documents and Settings\sabine franco\Cookies\sabine franco@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder

F:\Documents and Settings\sabine franco\Cookies\sabine franco@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder

F:\Documents and Settings\sabine franco\Cookies\sabine franco@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder

F:\Documents and Settings\sabine franco\Cookies\sabine franco@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder

F:\Program Files\Adverts\uninst.exe -> Adware.Lop : Nettoyer et sauvegarder

F:\Program Files\hijackthis\hijackthis\backups\backup-20060515-123445-928.dll -> Adware.Shopper : Nettoyer et sauvegarder

F:\Program Files\hijackthis\hijackthis\backups\backup-20060515-123446-156.dll -> Adware.HotBar : Nettoyer et sauvegarder

F:\RECYCLER\S-1-5-21-1220945662-1645522239-682003330-1003\Df2\Bin\4.7.3.0\HbtAds.dll -> Adware.HotBar : Nettoyer et sauvegarder

F:\RECYCLER\S-1-5-21-1220945662-1645522239-682003330-1003\Df2\Bin\4.7.3.0\HbtGuard.exe -> Adware.Hotbar : Nettoyer et sauvegarder

F:\RECYCLER\S-1-5-21-1220945662-1645522239-682003330-1003\Df2\Bin\4.7.3.0\HbtHostOE.dll -> Adware.HotBar : Nettoyer et sauvegarder

F:\RECYCLER\S-1-5-21-1220945662-1645522239-682003330-1003\Df2\Bin\4.7.3.0\HbtInstIE.dll -> Adware.HotBar : Nettoyer et sauvegarder

F:\RECYCLER\S-1-5-21-1220945662-1645522239-682003330-1003\Df2\Bin\4.7.3.0\HbtOEAddOn.exe -> Adware.HotBar : Nettoyer et sauvegarder

F:\RECYCLER\S-1-5-21-1220945662-1645522239-682003330-1003\Df2\Bin\4.7.3.0\HbtSrv.exe -> Adware.HotBar : Nettoyer et sauvegarder

F:\RECYCLER\S-1-5-21-1220945662-1645522239-682003330-1003\Df2\Bin\4.7.3.0\HbtWeatherOnTray.exe -> Adware.HotBar : Nettoyer et sauvegarder

F:\WINDOWS\system32\byrdaohn.exe -> Adware.Hotbar : Nettoyer et sauvegarder

 

 

::Fin du rapport

[bruce lee]

bonjour,

 

avant de continuer la désinfection:

 

 

sur ton rapport il y a la presencde de:

 

SweetIMBarForIE

 

je te conseil fortement de le supprimer, es tu d'accord que l'on le supprime?

[le juventine]

oui ok pas de probleme

[bruce lee]

bonjour,

 

hijackthis est toujours mal placé....

 

1/ouvre le bloc note(demarrer\tous les programmes\accessoires\bloc notes)

 

2/copie ceci dedans:

 

REGEDIT4

 

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0774F696-D801-4C18-81A7-A3A32B8BEF19}]

 

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD}]

 

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1}]

 

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2A8A997F-BB9F-48F6-AA2B-2762D50F9289}]

 

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{454B4812-E572-4703-A1BB-63490809EAC0}]

 

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{580A1F3F-89B4-433B-BBDB-B97AEB13F3FC}]

 

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{842D315A-7E1E-448B-96E8-9E76D1820BE2}]

 

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B5901229-25CC-43C9-B604-3BB6AC2B48A5}]

 

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{C83DAED4-0611-4F7A-978E-7FEAFCB2F91B}]

 

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14}]

 

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE15}]

 

[HKEY_USERS\S-1-5-21-3554940790-914518934-2835527381-1005\Software\Microsoft\Internet Explorer\Extensions\CmdMapping]

"{946B3E9E-E21A-49c8-9F63-900533FAFE14}"=-

 

[-HKEY_USERS\S-1-5-21-3554940790-914518934-2835527381-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{946B3E9E-E21A-49C8-9F63-900533FAFE14}]

 

 

-Enregistrez ce fichier reg dans : Bureau

-Nom du fichier :ShopperReports.reg

-Type du fichier : tous les fichiers

-cliquez sur Enregistrer

-quittez le Bloc Notes

 

2/demarre en mode sans echec http://www.sosordi.net/Faq/Faq.2.html

 

3/

demarrer/panneau de configuration/ajouts et suppresions de programmes et verifie la presence de:

 

Macrogaming

 

si ce programme est present desinstalle le.

 

 

4/lance hijackthis en cliquant sur do a scan system only coche ces lignes:

 

 

O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - F:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll

O4 - HKLM\..\Run: [sweetIM] F:\Program Files\Macrogaming\SweetIM\SweetIM.exe

O4 - HKCU\..\Run: [sweetIM] F:\Program Files\Macrogaming\SweetIM\SweetIM.exe

O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - F:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing)

O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - F:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing)

 

Ferme toutes les fenêtres ouvertes sauf Hijackthis et clique sur fix checked

 

 

5/pour supprimer les fichiers nefastes on va tous les afficher en faisant comme ceci:

 

Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :

Cocher la case : Afficher les fichiers et dossiers cachés

Décocher la case : Masquer les extensions des fichiers dont le type est connu

Décocher la case : Masquer les fichiers protégés du système d'exploitation

cliquer sur "Appliquer"

cliquer sur le bouton "Appliquer à tous les dossiers" / OK

 

6/supprime ce qui est en gras:

 

F:\Program Files\ Macrogaming<== tout le dossier

 

 

7/Utilisation du fichier: ShopperReports.reg précedemment créé

- double cliquez sur le fichier (Bureau) / Acceptez l'avertissement concernant la fusion / ne pas s'étonner de ne rien voir / validez le message disant que la fusion est terminée.

 

8/redemarre en mode normal

 

9/poste le rapport d'ewido ainsi qu'un nouveau log hijackthis.

 

bon courage, et si tu as la moindre question n'hesite surtout pas

 

@+