Se connecter avec
S'enregistrer | Connectez-vous

mon securitoo a un dysfonctmt, mon pc est pas mal verolé, il rame pas mal.

Dernière réponse : dans Sécurité

Salut les gars,
Voilà je pense avoir un pb avec mon anti-virus ( securitoo), mon PC ne voulant pas démarrer normalement, j'ai fait un peu de ménage en mode sans échec, réinstaller sécuritoo et ma connexion internet, et téléchargé des trucs genre ewido et hijackthis ( avt j'avais déja spybot et ad-aware). Maintenant il démarre bien mais il est loin d'etre au top, j'ai fait un scan avec hijackthis ( voir ci-dessous) mais après je ne sais pas comment procéder alors merci énormément de bien vouloir me rendre moins con face à mon PC!!!
J'ai souvent des messages d'erreur : runtime error ou invalid backweb, et j'ai aussi des trucs ki veulent s'installer en allumant mon PC (photogallery) mais j'ai pas le CD pour, alors je voudrais bien virer tout ça, bref je vous souhaite bon courage et merci d'avance!!!
voici mon scan :

Logfile of HijackThis v1.99.1
Scan saved at 11:52:14, on 06/06/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\PhilipsRemote.exe
C:\Program Files\Creative\Desktop Wireless\mouse_2k.exe
C:\PROGRA~1\MUSICM~1\MUSICM~1\MM_DIR~1.EXE
C:\Program Files\Creative\Desktop Wireless\kb_2k.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\HP\hpcoretech\comp\hpdarc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Matbaj\Bureau\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {22FE5705-8A21-297E-6B00-DB208BEFB8A6} - C:\WINDOWS\Ddtrmlvx.dll (file missing)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_22.dll (file missing)
O2 - BHO: (no name) - {4F890774-37AF-A718-F8A3-2A7D1EF81504} - C:\WINDOWS\Ddtrmlvx.dll (file missing)
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [PhilipsRemote] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\PhilipsRemote.exe
O4 - HKLM\..\Run: [CreativeMouse ] C:\Program Files\Creative\Desktop Wireless\mouse_2k.exe
O4 - HKLM\..\Run: [CreativeKeyboard ] C:\Program Files\Creative\Desktop Wireless\kb_2k.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PECarlin] "C:\Program Files\PECarlin\PECarlin.exe"
O4 - HKCU\..\Run: [sys_up1] C:\Program Files\Common Files\svchostsys\svchostsys.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet7_22.dll' missing
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://kit.carpediem.fr/11984/CD/StarsDuPorn.exe
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {92ABACFE-EF6E-42C7-A824-D50A914B5B70} (MastaCash Loader Class) - http://dx.mastacash.com/loader.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: Runner.dll,kbfioelm.dll,cpmbjdmk.dll,SDRunner.dll,Runner.dll,gepdlham.dll,Runner.dll,SDRunner.dll,Runner.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Securitoo AntiVirus Firewall (BackWeb Client - 1044199) - Unknown owner - C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Authentication Agent (FSAA) - Unknown owner - C:\Program Files\Securitoo\av_fw\Common\FSAA.EXE (file missing)
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
O23 - Service: F-Secure Distributed Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\fswsclds.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

Autres pages sur : securitoo dysfonctmt mal verole rame mal

Lassé par la pub ? Créez un compte

Plusieurs infections.

Desinstalle d'abord:
NewDotNet

Télécharge LSPfix
Lance l'application.
Déconnecte-toi d'Internet et ferme toutes les fenêtres d'Internet Explorer.
Coche la case "I know what I'm doing"
Sélectionne la ou les dll suivantes
UNIQUEMENT CELLES QUI SONT INDIQUÉES CI-DESSOUS, ne touche pas aux autres !

newdotnet7_22

Glisse les du panneau de gauche "Keep" au panneau "Remove".
Clique sur "Finish".
(Si elles sont déjà dans le panneau "Remove" alors clique directement sur le bouton "Finish".)
----------
Installe Ewido
Décoche "Install Background Guardet" et "Install Scan Via Context Menu"
Lance Ewido puis mets le à jour.

Redémarre en mode sans échec.

Relance Ewido puis fais un Scan complet du système.
Sauvegarde le rappport puis colle le ici en mode normal.
----------
Redémarre normalement

Fais un scan en ligne Kaspersky
Aide pour les scans en ligne
Sauvegarde puis colle le rapport en fin d'analyse.
---------
Poste un nouveau rapport Hijackthis

voila mon rapport ewido :

---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------

+ Créé le: 14:54:57, 06/06/2006
+ Somme de contrôle: C25B98B5

+ Résultats du scan:

C:\Documents and Settings\Matbaj\Bureau\backups\backup-20060601-123735-932.dll -> Adware.Agent : Nettoyer et sauvegarder
C:\Documents and Settings\Matbaj\Cookies\matbaj@2o7[2].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\Matbaj\Cookies\matbaj@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
C:\Documents and Settings\Matbaj\Cookies\matbaj@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyer et sauvegarder
C:\Documents and Settings\Matbaj\Cookies\matbaj@adtech[2].txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
C:\Documents and Settings\Matbaj\Cookies\matbaj@as1.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
C:\Documents and Settings\Matbaj\Cookies\matbaj@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\Matbaj\Cookies\matbaj@clickbank[2].txt -> TrackingCookie.Clickbank : Nettoyer et sauvegarder
C:\Documents and Settings\Matbaj\Cookies\matbaj@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
C:\Documents and Settings\Matbaj\Cookies\matbaj@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\Matbaj\Cookies\matbaj@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
C:\Documents and Settings\Matbaj\Cookies\matbaj@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
C:\Documents and Settings\Matbaj\Cookies\matbaj@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
C:\Documents and Settings\Matbaj\Cookies\matbaj@weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\Matbaj\Cookies\matbaj@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
C:\Documents and Settings\Matbaj\Local Settings\Temp\nsaCB.tmp\NNMETA638.EXE -> Adware.NewDotNet : Nettoyer et sauvegarder
C:\Documents and Settings\Matbaj\Local Settings\Temp\nsp2F3.tmp\NNMETA638.EXE -> Adware.NewDotNet : Nettoyer et sauvegarder
C:\Documents and Settings\Matbaj\Local Settings\Temp\temp.fr24D8 -> Adware.BookedSpace : Nettoyer et sauvegarder
C:\Documents and Settings\Matbaj\Local Settings\Temp\Tspd.dll -> Adware.Agent : Nettoyer et sauvegarder
C:\Documents and Settings\Matbaj\Local Settings\Temporary Internet Files\Content.IE5\6FODSRGZ\ErrorSafeScannerInstall_fr[1].exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@zedo[2].txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Local Settings\Temp\Tspd.dll -> Adware.Agent : Nettoyer et sauvegarder
C:\Program Files\Masta\babysitter.exe -> Dialer.Masta.c : Nettoyer et sauvegarder
C:\Program Files\NewDotNet -> Adware.NewDotNet : Nettoyer et sauvegarder
C:\Program Files\NewDotNet\readme.html -> Adware.NewDotNet : Nettoyer et sauvegarder
C:\Program Files\NewDotNet\uninstall6_38.exe -> Adware.NewDotNet : Nettoyer et sauvegarder
C:\Program Files\NewDotNet\uninstall7_22.exe -> Adware.NewDotNet : Nettoyer et sauvegarder
C:\Program Files\xxx\xxx.exe -> Dialer.Generic : Nettoyer et sauvegarder
C:\WINDOWS\loader.dll -> Not-A-Virus.PornDownloader.Win32.Masta.b : Nettoyer et sauvegarder
C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Nettoyer et sauvegarder
C:\WINDOWS\NDNuninstall6_90.exe -> Adware.NewDotNet : Nettoyer et sauvegarder
C:\WINDOWS\NDNuninstall6_98.exe -> Adware.NewDotNet : Nettoyer et sauvegarder
C:\WINDOWS\NDNuninstall7_14.exe -> Adware.NewDotNet : Nettoyer et sauvegarder
C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Nettoyer et sauvegarder
C:\WINDOWS\system32\dialx.exe -> Dialer.Masta.c : Nettoyer et sauvegarder


::Fin du rapport

voila où j'en suis bob :

Logfile of HijackThis v1.99.1
Scan saved at 11:37:20, on 07/06/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\PhilipsRemote.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Creative\Desktop Wireless\mouse_2k.exe
C:\PROGRA~1\MUSICM~1\MUSICM~1\MM_DIR~1.EXE
C:\Program Files\Creative\Desktop Wireless\kb_2k.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\HP\hpcoretech\comp\hpdarc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Matbaj\Bureau\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [PhilipsRemote] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\PhilipsRemote.exe
O4 - HKLM\..\Run: [CreativeMouse ] C:\Program Files\Creative\Desktop Wireless\mouse_2k.exe
O4 - HKLM\..\Run: [CreativeKeyboard ] C:\Program Files\Creative\Desktop Wireless\kb_2k.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode...
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: Runner.dll,kbfioelm.dll,cpmbjdmk.dll,SDRunner.dll,Runner.dll,gepdlham.dll,Runner.dll,SDRunner.dll,Runner.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Securitoo AntiVirus Firewall (BackWeb Client - 1044199) - Unknown owner - C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Authentication Agent (FSAA) - Unknown owner - C:\Program Files\Securitoo\av_fw\Common\FSAA.EXE (file missing)
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
O23 - Service: F-Secure Distributed Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\fswsclds.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

Lance HijackThis
puis --> Do a system scan only
coche les lignes indiquées ci-dessous
puis --> Fix checked
puis oui à la question de confirmation

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

Redémarre en mode sans échec, (en tapotant F8 au démarrage).
Assures-toi que tu as accès aux fichiers cachés.
-Explorateur windows->outils->options des dossiers->affichage
"Afficher les fichiers cachés"->coché
"Masquer les extensions.."->décoché
"Masquer les fichiers protégers du système"->décoché

Supprimes manuellement les fichiers suivants:

C:\WINDOWS\ALCXMNTR.EXE
Vide ta corbeille.
Redémarre ton pc.

j'ai suivi tes conseils rocket, malheureusement au démarrage les mêmes messages apparaissent!
voila mon dernier rapport hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 19:54:49, on 07/06/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\PhilipsRemote.exe
C:\Program Files\Creative\Desktop Wireless\mouse_2k.exe
C:\Program Files\Creative\Desktop Wireless\kb_2k.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\MUSICM~1\MUSICM~1\MM_DIR~1.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\HP\hpcoretech\comp\hpdarc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Matbaj\Bureau\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [PhilipsRemote] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\PhilipsRemote.exe
O4 - HKLM\..\Run: [CreativeMouse ] C:\Program Files\Creative\Desktop Wireless\mouse_2k.exe
O4 - HKLM\..\Run: [CreativeKeyboard ] C:\Program Files\Creative\Desktop Wireless\kb_2k.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode...
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://www.securitoo.com/fra/pages/navol/fscax.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: Runner.dll,kbfioelm.dll,cpmbjdmk.dll,SDRunner.dll,Runner.dll,gepdlham.dll,Runner.dll,SDRunner.dll,Runner.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Securitoo AntiVirus Firewall (BackWeb Client - 1044199) - Unknown owner - C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Authentication Agent (FSAA) - Unknown owner - C:\Program Files\Securitoo\av_fw\Common\FSAA.EXE (file missing)
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
O23 - Service: F-Secure Distributed Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\fswsclds.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

Re,

- Lance Hijackthis ->Do a system scan only
->Coche les lignes puis clique sur Fix checked:

O20 - AppInit_DLLs: Runner.dll,kbfioelm.dll,cpmbjdmk.dll,SDRunner.dll,Runner.dll,gepdlham.dll,Runner.dll,SDRunner.dll,Runner.dll

Suis les instructions donnees ici.

oups.......!! le voila! :

Spyware Terminator Version: 1.4.01.651
Start time: 07/06/2006 20:32:35
System: Windows XP SP2
User: Limited

Processes Scan
C:\WINDOWS\SYSTEM32\WINLOGON.EXE [Microsoft Corporation] C:\WINDOWS\SYSTEM32\ATI2EVXX.DLL [Empty],
C:\WINDOWS\SYSTEM32\SVCHOST.EXE [Microsoft Corporation] C:\WINDOWS\SYSTEM32\ESENT.DLL [Microsoft Corporation
],
C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATOR.EXE [Crawler.com]
C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE [Crawler.com]

Startup Scan

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"NVIEW" = "C:\WINDOWS\system32\NVIEW.DLL" [ NVIDIA Corporation ]
"BackupNotify" = "C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\BACKUPNOTIFY.EXE" [ Empty ]
"WOOKIT" = "C:\PROGRAM FILES\WANADOO\SHELL.EXE" [ Empty ]
"Skype" = ""C:\Program Files\Skype\Phone\Skype.exe" \nosplash \minimized" [ file not found ]
"msnmsgr" = "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" [ Microsoft Corporation ]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"hpsysdrv" = "C:\WINDOWS\SYSTEM\HPSYSDRV.EXE" [ Hewlett-Packard Company ]
"HotKeysCmds" = "C:\WINDOWS\SYSTEM32\HKCMD.EXE" [ Intel Corporation ]
"CamMonitor" = "C:\PROGRAM FILES\HP\DIGITAL IMAGING\UNLOAD\HPQCMON.EXE" [ Empty ]
"HPHUPD05" = "c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [ file not found ]
"HPHmon05" = "C:\WINDOWS\SYSTEM32\HPHMON05.EXE" [ Hewlett-Packard ]
"KBD" = "C:\HP\KBD\KBD.EXE" [ Hewlett-Packard Company ]
"Recguard" = "C:\WINDOWS\SMINST\RECGUARD.EXE" [ Empty ]
"NvCplDaemon" = "C:\WINDOWS\SYSTEM32\NVCPL.DLL" [ NVIDIA Corporation ]
"nwiz" = "C:\WINDOWS\system32\NWIZ.EXE" [ NVIDIA Corporation ]
"VTTimer" = "VTTimer.exe" [ file not found ]
"ATIModeChange" = "C:\WINDOWS\system32\ATI2MDXX.EXE" [ ATI Technologies, Inc. ]
"PS2" = "C:\WINDOWS\system32\ps2.exe" [ file not found ]
"ATIPTA" = "C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE" [ ATI Technologies, Inc. ]
"Microsoft Works Update Detection" = "C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\WORKS SHARED\WKUFIND.EXE" [ Microsoft® Corporation ]
"Share-to-Web Namespace Daemon" = "C:\PROGRAM FILES\HP\HP SHARE-TO-WEB\HPGS2WND.EXE" [ Hewlett-Packard ]
"MMTray" = "C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MM_TRAY.EXE" [ MUSICMATCH, Inc. ]
"PhilipsRemote" = "C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\PHILIPSREMOTE.EXE" [ Empty ]
"CreativeMouse " = "C:\PROGRAM FILES\CREATIVE\DESKTOP WIRELESS\MOUSE_2K.EXE" [ Empty ]
"CreativeKeyboard " = "C:\PROGRAM FILES\CREATIVE\DESKTOP WIRELESS\KB_2K.EXE" [ Empty ]
"QuickTime Task" = "C:\PROGRAM FILES\QUICKTIME\QTTASK.EXE" [ Apple Computer, Inc. ]
"HP Software Update" = "C:\PROGRAM FILES\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE" [ Hewlett-Packard Co. ]
"HP Component Manager" = "C:\PROGRAM FILES\HP\HPCORETECH\HPCMPMGR.EXE" [ Hewlett-Packard Company ]
"WOOWATCH" = "C:\Program Files\Wanadoo\Watch.exe" [ France Télécom R&D ]
"WOOTASKBARICON" = "C:\Program Files\Wanadoo\GestMAJ.exe" [ France Télécom R&D ]
"F-Secure Manager" = "C:\PROGRAM FILES\SECURITOO\AV_FW\COMMON\FSM32.EXE" [ F-Secure Corporation ]
"F-Secure TNB" = "C:\PROGRAM FILES\SECURITOO\AV_FW\TNB\TNBUTIL.EXE" [ F-Secure Corporation ]
"SpywareTerminator" = "C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE" [ Crawler.com ]

Toolbars Scan
HP View {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPDTLK02.DLL [Hewlett-Packard Company]

BHO Scan
AcroIEHlprObj Class {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX [Empty]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} [file not found]
{CCA281CA-C863-46ef-9331-5C8D4460577F} [file not found]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{42071714-76d4-11d1-8b24-00a0c9068ff3} = Extension Affichage Panorama du Panneau de configuration (deskpan.dll) [file not found]
{764BF0E1-F219-11ce-972D-00AA00A14F56} = Extensions de l'environnement de compression de fichiers () [file not found]
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} = Menu contextuel de cryptage () [file not found]
{88895560-9AA2-1069-930E-00AA0030EBC8} = Extension icône HyperTerminal (C:\WINDOWS\SYSTEM32\HTICONS.DLL) [Hilgraeve, Inc.]
{0DF44EAA-FF21-4412-828E-260A8728E7F1} = Barre des tâches et menu Démarrer () [file not found]
{7A9D77BD-5403-11d2-8785-2E0420524153} = Comptes d'utilisateurs () [file not found]
{19CC43A1-6925-4B48-B292-830291F393A6} = HPNSView (C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPDNS_01.DLL) [Empty]
{DEE12703-6333-4D4E-8F34-738C4DCC2E04} = RecordNow! SendToExt (C:\PROGRAM FILES\RECORDNOW!\SHLEXT.DLL) [Sonic Solutions]
{7F67036B-66F1-411A-AD85-759FB9C5B0DB} = SampleView (C:\WINDOWS\SYSTEM32\SHELLVRTF.DLL) [XSS]
{1CDB2949-8F65-4355-8456-263E7C208A5D} = Explorateur de Bureau (C:\WINDOWS\SYSTEM32\NVSHELL.DLL) [NVIDIA Corporation]
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} = Desktop Explorer Menu (C:\WINDOWS\SYSTEM32\NVSHELL.DLL) [NVIDIA Corporation]
{6af09ec9-b429-11d4-a1fb-0090960218cb} = My Bluetooth Places (C:\WINDOWS\SYSTEM32\BTNEIGHBORHOOD.DLL) [WIDCOMM, Inc.]
{A4DF5659-0801-4A60-9607-1C48695EFDA9} = Dossier de téléchargement Share-to-Web (C:\PROGRAM FILES\HP\HP SHARE-TO-WEB\HPGS2WNS.DLL) [Hewlett-Packard]
{00020D75-0000-0000-C000-000000000046} = Microsoft Office Outlook Desktop Icon Handler (C:\Program Files\Microsoft Office\OFFICE11\MLSHEXT.DLL) [Microsoft Corporation]
{0006F045-0000-0000-C000-000000000046} = Microsoft Office Outlook Custom Icon Handler (C:\Program Files\Microsoft Office\OFFICE11\OLKFSTUB.DLL) [Microsoft Corporation]
{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler (C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE11\MSOHEV.DLL) [Microsoft Corporation]

Winlogon Notify Scan
AtiExtEvent = Ati2evxx.dll (C:\WINDOWS\system32\ATI2EVXX.DLL) [Empty]
igfxcui = igfxsrvc.dll (C:\WINDOWS\system32\IGFXSRVC.DLL) [Intel Corporation]

Services Scan
"ALCXWDM" = C:\WINDOWS\SYSTEM32\DRIVERS\ALCXWDM.SYS [Realtek Semiconductor Corp.]
"Ati HotKey Poller" = C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE [Empty]
"ati2mtag" = C:\WINDOWS\SYSTEM32\DRIVERS\ATI2MTAG.SYS [ATI Technologies Inc.]
"BackWeb Client - 1044199" = C:\Program Files\Securitoo\av_fw\backweb\1044199\Program\ServiceWrapper-1044199.exe [Empty]
"BtAudio" = C:\WINDOWS\SYSTEM32\DRIVERS\BTAUDIO.SYS [WIDCOMM, Inc.]
"BTDriver" = C:\WINDOWS\SYSTEM32\DRIVERS\BTPORT.SYS [WIDCOMM, Inc.]
"BTKRNL" = C:\WINDOWS\SYSTEM32\DRIVERS\BTKRNL.SYS [WIDCOMM, Inc.]
"BTSERIAL" = C:\WINDOWS\SYSTEM32\DRIVERS\BTSERIAL.SYS [Empty]
"BTSLBCSP" = C:\WINDOWS\SYSTEM32\DRIVERS\BTSLBCSP.SYS [WIDCOMM, Inc.]
"btwdins" = C:\PROGRAM FILES\WIDCOMM\LOGICIEL BLUETOOTH\BIN\BTWDINS.EXE [WIDCOMM, Inc.]
"BTWDNDIS" = C:\WINDOWS\SYSTEM32\DRIVERS\BTWDNDIS.SYS [WIDCOMM, Inc.]
"BTWUSB" = C:\WINDOWS\SYSTEM32\DRIVERS\BTWUSB.SYS [WIDCOMM, Inc.]
"cdiskdun" = C:\Documents and Settings\Propriétaire\Local Settings\Temp\cdiskdun.sys [Empty]
"dmboot" = C:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS [Microsoft Corp., Veritas Software]
"dmio" = C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS [Microsoft Corp., Veritas Software]
"dmload" = C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS [Microsoft Corp., Veritas Software.]
"EL90XBC" = C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS [3Com Corporation]
"enodpl" = C:\WINDOWS\SYSTEM32\DRIVERS\ENODPL.SYS [Empty]
"ewido security suite control" = C:\PROGRAM FILES\EWIDO ANTI-MALWARE\EWIDOCTRL.EXE [ewido networks]
"F-Secure Filter" = C:\PROGRAM FILES\SECURITOO\AV_FW\ANTI-VIRUS\WIN2K\FSFILTER.SYS [Empty]
"F-Secure Gatekeeper" = C:\PROGRAM FILES\SECURITOO\AV_FW\ANTI-VIRUS\WIN2K\FSGK.SYS [Empty]
"F-Secure Gatekeeper Handler Starter" = C:\PROGRAM FILES\SECURITOO\AV_FW\ANTI-VIRUS\FSGK32ST.EXE [F-Secure Corp.]
"F-Secure Recognizer" = C:\PROGRAM FILES\SECURITOO\AV_FW\ANTI-VIRUS\WIN2K\FSREC.SYS [Empty]
"FETNDISB" = C:\WINDOWS\SYSTEM32\DRIVERS\FETND5B.SYS [VIA Technologies, Inc. ]
"FSAA" = "C:\Program Files\Securitoo\av_fw\Common\FSAA.EXE" [file not found]
"fsbwsys" = C:\PROGRAM FILES\SECURITOO\AV_FW\BACKWEB\1044199\PROGRAM\FSBWSYS.EXE [F-Secure Corp.]
"FSDFW" = C:\WINDOWS\SYSTEM32\DRIVERS\FSDFW.SYS [F-Secure Corporation]
"FSDFWD" = C:\PROGRAM FILES\SECURITOO\AV_FW\DFW\PROGRAM\FSDFWD.EXE [F-Secure Corporation]
"FSMA" = C:\PROGRAM FILES\SECURITOO\AV_FW\COMMON\FSMA32.EXE [F-Secure Corporation]
"FSpm" = C:\PROGRAM FILES\SECURITOO\AV_FW\COMMON\FSPM.SYS [F-Secure Corporation]
"Fswsclds" = C:\PROGRAM FILES\SECURITOO\AV_FW\FSWSCLDS.EXE [F-Secure Corporation]
"FTRTSVC" = C:\WINDOWS\SYSTEM32\FTRTSVC.EXE [France Telecom]
"HPZid412" = C:\WINDOWS\SYSTEM32\DRIVERS\HPZID412.SYS [HP]
"HPZipr12" = C:\WINDOWS\SYSTEM32\DRIVERS\HPZIPR12.SYS [HP]
"HPZius12" = C:\WINDOWS\SYSTEM32\DRIVERS\HPZIUS12.SYS [HP]
"HSFHWBS2" = C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.SYS [Conexant Systems, Inc.]
"HSF_DP" = C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.SYS [Conexant Systems, Inc.]
"ialm" = C:\WINDOWS\SYSTEM32\DRIVERS\IALMNT5.SYS [Intel Corporation]
"mdmxsdk" = C:\WINDOWS\SYSTEM32\DRIVERS\MDMXSDK.SYS [Conexant]
"nv" = C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS [NVIDIA Corporation]
"NVSvc" = C:\WINDOWS\SYSTEM32\NVSVC32.EXE [NVIDIA Corporation]
"nv_agp" = C:\WINDOWS\SYSTEM32\DRIVERS\NV_AGP.SYS [NVIDIA Corporation]
"PCAMPR5" = C:\WINDOWS\System32\PCAMPR5.SYS [file not found]
"PCANDIS5" = C:\WINDOWS\SYSTEM32\PCANDIS5.SYS [Printing Communications Assoc., Inc. (PCAUSA)]
"pfc" = C:\WINDOWS\SYSTEM32\DRIVERS\PFC.SYS [Padus, Inc.]
"Pml Driver HPZ12" = C:\WINDOWS\SYSTEM32\HPZIPM12.EXE [HP]
"PRISM_A02" = C:\WINDOWS\SYSTEM32\DRIVERS\PRISMA02.SYS [Conexant Systems, Inc.]
"Ps2" = C:\WINDOWS\SYSTEM32\DRIVERS\PS2.SYS [Hewlett-Packard Company]
"Ptilink" = C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS [Parallel Technologies, Inc.]
"PxHelp20" = C:\WINDOWS\SYSTEM32\DRIVERS\PXHELP20.SYS [Sonic Solutions]
"QCMerced" = C:\WINDOWS\SYSTEM32\DRIVERS\LVCM.SYS [Logitech Inc.]
"Secdrv" = C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS [Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.]
"ser2pl" = C:\WINDOWS\SYSTEM32\DRIVERS\SER2PL.SYS [Prolific Technology Inc.]
"SiS315" = C:\WINDOWS\SYSTEM32\DRIVERS\SISGRP.SYS [Silicon Integrated Systems Corporation]
"SISAGP" = C:\WINDOWS\SYSTEM32\DRIVERS\SISAGPX.SYS [Silicon Integrated Systems Corporation]
"SiSkp" = C:\WINDOWS\SYSTEM32\DRIVERS\SRVKP.SYS [Silicon Integrated Systems Corporation]
"SONYPVU1" = C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS [Sony Corporation]
"sp_rsdrv2" = C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SPYWARE TERMINATOR\SP_RSDRV2.SYS [Empty]
"tandpl" = C:\WINDOWS\SYSTEM32\DRIVERS\TANDPL.SYS [Empty]
"UacFlt" = C:\WINDOWS\SYSTEM32\DRIVERS\UACBFLT.SYS [Micronas GmbH]
"viaagp1" = C:\WINDOWS\SYSTEM32\DRIVERS\VIAAGP1.SYS [VIA Technologies, Inc.]
"viagfx" = C:\WINDOWS\SYSTEM32\DRIVERS\VTMINI.SYS [Copyright (C) VIA/S3 Graphics, Inc.]
"winachsf" = C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.SYS [Conexant Systems, Inc.]
"{6080A529-897E-4629-A488-ABA0C29B635E}" = C:\WINDOWS\SYSTEM32\DRIVERS\IALMSBW.SYS [Intel Corporation]
"{D31A0762-0CEB-444e-ACFF-B049A1F6FE91}" = C:\WINDOWS\SYSTEM32\DRIVERS\IALMKCHW.SYS [Intel Corporation]

Protocol Filters Scan
Class Install Handler = {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} (C:\WINDOWS\SYSTEM32\URLMON.DLL) [Microsoft Corporation]
text/xml = {807553E5-5146-11D5-A672-00B0D022E945} (C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\OFFICE11\MSOXMLMF.DLL) [Microsoft Corporation]

Hosts Scan
LOCALHOST mapping = 1

IE Scan
IERESET.INF missing Signature="$CHICAGO$"
IERESET.INF missing AdvancedINF=2.5,"You need a new version of advpack.dll"
IERESET.INF missing AddReg=RestoreHomePage.reg
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","Start Page",0,%START_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Default_Page_URL",0,%START_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Default_Search_URL",0,%SEARCH_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Search Page",0,%SEARCH_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","1",0,"www.%s.com"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","2",0,"www.%s.org"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","3",0,"www.%s.net"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","4",0,"www.%s.edu"
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","Search Page",0,%SEARCH_PAGE_URL%
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\SearchUrl","Provider",0,""
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Search","SearchAssistant",0,"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Search","CustomizeSearch",0,"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
IERESET.INF missing HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\SafeSites",%SAFESITE_VALUE%,0,"http://ie.search.msn.com/*"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","5"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","6"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","7"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","8"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","9"
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","AutoSearch"
IERESET.INF missing SEARCH_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
IERESET.INF missing AddReg=RestoreBrowserSettings.reg
IERESET.INF missing DelReg=DeleteTemplates.reg or DelReg=DeleteTemplates.reg, DeleteAutosearch.reg
IERESET.INF missing START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..." or START_PAGE_URL="http://www.msn.com"
IERESET.INF missing SAFESITE_VALUE="http://home.microsoft.com/" or SAFESITE_VALUE="ie.search.msn.com"
IERESET.INF missing MS_START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..." or MS_START_PAGE_URL="http://www.msn.com"
URLSearchHook = {08C06D61-F1F3-4799-86F8-BE1A89362C85} (C:\Program Files\Wanadoo\SearchPageURL.dll) [Empty] HIJACK WARNING!

Lassé par la pub ? Créez un compte

Créer un nouveau sujet

Tom's guide dans le monde