ShogunZa

ok, je m'occupde de faire ça demain, et j'vous reposte tout ça, vous ete tres efficasse merci j'ai un autre souci ... je dois metre le disque d'installation Windows pour demarer ... j'entant, meme en chegeans la sequance de boot dans le bios, et en passant le 1st boot device sur Hard disk, il me demande le bootable disk ... que puis-je faire ? nota, si je met le cd windows, il me demade "d'appyer sur une touche si vous desirez booter sur le cd" si je ne fais rien, il boot sur le Hd normalement et sans souci ... @Qc001 -> bah comme c'etai marquer "not-a-virus" j'me suis dis que le supprimé serais peut etre une peu ... une hesitation quoi ...

merci bien ! j'ai un autre souci ... je dois metre le disque d'installation Windows pour demarer ... j'entant, meme en chegeans la sequance de boot dans le bios, et en passant le 1st boot device sur Hard disk, il me demande le bootable disk ... que puis-je faire ? nota, si je met le cd windows, il me demade "d'appyer sur une touche si vous desirez booter sur le cd" si je ne fais rien, il boot sur le Hd normalement et sans souci ...

L2mfix 010406 Creating Account. La commande s'est termin‚e correctement. Adding Administrative privleges. Checking for L2MFix account(0=no 1=yes): 1 Granting SeDebugPrivilege to L2MFIX ... successful Running From: C:\WINDOWS\system32 Killing Processes! Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 684 'smss.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 760 'winlogon.exe' Killing PID 760 'winlogon.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 2564 'explorer.exe' Killing PID 2564 'explorer.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 1820 'rundll32.exe' Restoring Sedebugprivilege: Granting SeDebugPrivilege to Administrateurs ... successful Scanning First Pass. Please Wait! First Pass Completed Second Pass Scanning Second pass Completed! 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). Deleting: C:\WINDOWS\system32\ksdhela2.dll Successfully Deleted: C:\WINDOWS\system32\ksdhela2.dll Deleting: C:\WINDOWS\system32\l8p2li7o18.dll Successfully Deleted: C:\WINDOWS\system32\l8p2li7o18.dll Deleting: C:\WINDOWS\system32\r8p8li7u18.dll Successfully Deleted: C:\WINDOWS\system32\r8p8li7u18.dll msg11?.dll 0 fichier(s) copi‚(s). Restoring Windows Update Certificates.: The following Is the Current Export of the Winlogon notify key: **************************************************************************** Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "Logoff"="ChainWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Logoff"="CryptnetWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] "DLLName"="cscdll.dll" "Logon"="WinlogonLogonEvent" "Logoff"="WinlogonLogoffEvent" "ScreenSaver"="WinlogonScreenSaverEvent" "Startup"="WinlogonStartupEvent" "Shutdown"="WinlogonShutdownEvent" "StartShell"="WinlogonStartShellEvent" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DLLName"="wlnotify.dll" "Logon"="SCardStartCertProp" "Logoff"="SCardStopCertProp" "Lock"="SCardSuspendCertProp" "Unlock"="SCardResumeCertProp" "Enabled"=dword:00000001 "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "StartShell"="SchedStartShell" "Logoff"="SchedEventLogOff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] "Logoff"="WLEventLogoff" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DLLName"="WlNotify.dll" "Lock"="SensLockEvent" "Logon"="SensLogonEvent" "Logoff"="SensLogoffEvent" "Safe"=dword:00000001 "MaxWait"=dword:00000258 "StartScreenSaver"="SensStartScreenSaverEvent" "StopScreenSaver"="SensStopScreenSaverEvent" "Startup"="SensStartupEvent" "Shutdown"="SensShutdownEvent" "StartShell"="SensStartShellEvent" "PostShell"="SensPostShellEvent" "Disconnect"="SensDisconnectEvent" "Reconnect"="SensReconnectEvent" "Unlock"="SensUnlockEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellServiceObjectDelayLoad] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\l8p2li7o18.dll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "Logoff"="TSEventLogoff" "Logon"="TSEventLogon" "PostShell"="TSEventPostShell" "Shutdown"="TSEventShutdown" "StartShell"="TSEventStartShell" "Startup"="TSEventStartup" "MaxWait"=dword:00000258 "Reconnect"="TSEventReconnect" "Disconnect"="TSEventDisconnect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB] "Asynchronous"=dword:00000000 "DllName"="C:\\PROGRA~1\\Stardock\\OBJECT~1\\WINDOW~1\\fastload.dll" "Startup"="StartSys" "Logon"="StartWB" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DLLName"="wlnotify.dll" "Logon"="RegisterTicketExpiredNotificationEvent" "Logoff"="UnregisterTicketExpiredNotificationEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 The following are the files found: **************************************************************************** C:\WINDOWS\system32\ksdhela2.dll C:\WINDOWS\system32\l8p2li7o18.dll C:\WINDOWS\system32\r8p8li7u18.dll Registry Entries that were Deleted: Please verify that the listing looks ok. If there was something deleted wrongly there are backups in the backreg folder. **************************************************************************** Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{9B084271-5290-4FC1-8E77-80147BE983F8}] @="" [HKEY_CLASSES_ROOT\CLSID\{9B084271-5290-4FC1-8E77-80147BE983F8}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{9B084271-5290-4FC1-8E77-80147BE983F8}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{9B084271-5290-4FC1-8E77-80147BE983F8}\InprocServer32] @="C:\\WINDOWS\\system32\\ksdhela2.dll" "ThreadingModel"="Apartment" REGEDIT4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{EFAE29FF-EDDD-4A3C-87DF-75C3096F26DB}"=- "{9B084271-5290-4FC1-8E77-80147BE983F8}"=- [-HKEY_CLASSES_ROOT\CLSID\{EFAE29FF-EDDD-4A3C-87DF-75C3096F26DB}] [-HKEY_CLASSES_ROOT\CLSID\{9B084271-5290-4FC1-8E77-80147BE983F8}] REGEDIT4 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] "SV1"="" **************************************************************************** Desktop.ini Contents: **************************************************************************** **************************************************************************** Checking for L2MFix account(0=no 1=yes): 0 Zipping up files for submission: adding: dlls/ksdhela2.dll (164 bytes security) (deflated 4%) adding: dlls/l8p2li7o18.dll (164 bytes security) (deflated 4%) adding: dlls/r8p8li7u18.dll (164 bytes security) (deflated 5%) adding: backregs/9B084271-5290-4FC1-8E77-80147BE983F8.reg (212 bytes security) (deflated 70%) adding: backregs/notibac.reg (164 bytes security) (deflated 87%) adding: backregs/shell.reg (164 bytes security) (deflated 73%) --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 22:40:11, 05/02/2006 + Somme de contrôle: 12F677D0 + Résultats du scan: C:\Documents and Settings\Mr ShOgun\Local Settings\Temporary Internet Files\Content.IE5\KTE7GP2N\WinFixer2005ScannerInstallFRA[1].exe -> Not-A-Virus.Downloader.Win32.WinFixer.b : Ignoré [1820] C:\WINDOWS\system32\ksdhela2.dll -> Spyware.Look2Me : Erreur durant le nettoyage [332] C:\WINDOWS\system32\ksdhela2.dll -> Spyware.Look2Me : Erreur durant le nettoyage C:\Documents and Settings\Mr ShOgun\Local Settings\Temp\Cookies\mr shogun@247realmedia[2].txt -> Spyware.Cookie.247realmedia : Nettoyer et sauvegarder C:\Documents and Settings\Mr ShOgun\Local Settings\Temp\Cookies\mr shogun@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder C:\Documents and Settings\Mr ShOgun\Local Settings\Temp\Cookies\mr shogun@ads.pointroll[1].txt -> Spyware.Cookie.Pointroll : Nettoyer et sauvegarder C:\Documents and Settings\Mr ShOgun\Local Settings\Temp\Cookies\mr shogun@atdmt[2].txt -> Spyware.Cookie.Atdmt : Nettoyer et sauvegarder C:\Documents and Settings\Mr ShOgun\Local Settings\Temp\Cookies\mr shogun@bluestreak[1].txt -> Spyware.Cookie.Bluestreak : Nettoyer et sauvegarder C:\Documents and Settings\Mr ShOgun\Local Settings\Temp\Cookies\mr shogun@casalemedia[1].txt -> Spyware.Cookie.Casalemedia : Nettoyer et sauvegarder C:\Documents and Settings\Mr ShOgun\Local Settings\Temp\Cookies\mr shogun@com[2].txt -> Spyware.Cookie.Com : Nettoyer et sauvegarder C:\Documents and Settings\Mr ShOgun\Local Settings\Temp\Cookies\mr shogun@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Nettoyer et sauvegarder C:\Documents and Settings\Mr ShOgun\Local Settings\Temp\Cookies\mr shogun@estat[1].txt -> Spyware.Cookie.Estat : Nettoyer et sauvegarder C:\Documents and Settings\Mr ShOgun\Local Settings\Temp\Cookies\mr shogun@fastclick[2].txt -> Spyware.Cookie.Fastclick : Nettoyer et sauvegarder C:\Documents and Settings\Mr ShOgun\Local Settings\Temp\Cookies\mr shogun@overture[1].txt -> Spyware.Cookie.Overture : Nettoyer et sauvegarder C:\Documents and Settings\Mr ShOgun\Local Settings\Temp\Cookies\mr shogun@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Nettoyer et sauvegarder C:\Documents and Settings\Mr ShOgun\Local Settings\Temp\Cookies\mr shogun@trafficmp[1].txt -> Spyware.Cookie.Trafficmp : Nettoyer et sauvegarder C:\Documents and Settings\Mr ShOgun\Local Settings\Temp\Cookies\mr shogun@valueclick[1].txt -> Spyware.Cookie.Valueclick : Nettoyer et sauvegarder C:\Documents and Settings\Mr ShOgun\Local Settings\Temp\Cookies\mr shogun@weborama[1].txt -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder C:\Documents and Settings\Mr ShOgun\Local Settings\Temp\Cookies\mr shogun@wreport.weborama[1].txt -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder C:\Documents and Settings\Mr ShOgun\Local Settings\Temporary Internet Files\Content.IE5\GTUV6IPL\AppWrap[1].exe -> Spyware.AdURL : Nettoyer et sauvegarder C:\Documents and Settings\Mr ShOgun\Local Settings\Temporary Internet Files\Content.IE5\GTUV6IPL\AppWrap[2].exe -> Spyware.Zestyfind : Nettoyer et sauvegarder C:\Documents and Settings\Mr ShOgun\Local Settings\Temporary Internet Files\Content.IE5\KPEJG9AF\ErrorSafeScannerInstall_fr[1].exe -> Not-A-Virus.Downloader.Agent.d : Nettoyer et sauvegarder C:\WINDOWS\system32\wbvcore.dll -> Spyware.Look2Me : Nettoyer et sauvegarder C:\WINDOWS\Temp\Cookies\mr shogun@ad.yieldmanager[2].txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder C:\WINDOWS\Temp\Cookies\mr shogun@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Application Data\Mercora\MercoraClient\Data\MyPictures.dat -> Spyware.Grokster : Nettoyer et sauvegarder :mozilla.16:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder :mozilla.17:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder :mozilla.18:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder :mozilla.30:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Atdmt : Nettoyer et sauvegarder :mozilla.41:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Overture : Nettoyer et sauvegarder :mozilla.42:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Doubleclick : Nettoyer et sauvegarder :mozilla.43:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Overture : Nettoyer et sauvegarder :mozilla.55:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Bluestreak : Nettoyer et sauvegarder :mozilla.56:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Advertising : Nettoyer et sauvegarder :mozilla.57:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Advertising : Nettoyer et sauvegarder :mozilla.59:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Adtech : Nettoyer et sauvegarder :mozilla.61:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Adtech : Nettoyer et sauvegarder :mozilla.66:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Falkag : Nettoyer et sauvegarder :mozilla.68:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Nettoyer et sauvegarder :mozilla.73:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Fastclick : Nettoyer et sauvegarder :mozilla.75:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Mediaplex : Nettoyer et sauvegarder :mozilla.77:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Adserver : Nettoyer et sauvegarder :mozilla.78:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Adserver : Nettoyer et sauvegarder :mozilla.98:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Burstnet : Nettoyer et sauvegarder :mozilla.99:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Casalemedia : Nettoyer et sauvegarder :mozilla.106:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Bfast : Nettoyer et sauvegarder :mozilla.107:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder :mozilla.108:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder :mozilla.109:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder :mozilla.119:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Valueclick : Nettoyer et sauvegarder :mozilla.120:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Valueclick : Nettoyer et sauvegarder :mozilla.147:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Serving-sys : Nettoyer et sauvegarder :mozilla.148:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Serving-sys : Nettoyer et sauvegarder :mozilla.149:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Serving-sys : Nettoyer et sauvegarder :mozilla.150:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Serving-sys : Nettoyer et sauvegarder :mozilla.159:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Estat : Nettoyer et sauvegarder :mozilla.193:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.247realmedia : Nettoyer et sauvegarder :mozilla.194:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Statcounter : Nettoyer et sauvegarder :mozilla.195:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Statcounter : Nettoyer et sauvegarder :mozilla.196:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Statcounter : Nettoyer et sauvegarder :mozilla.208:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.209:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.210:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.211:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.212:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.255:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Trafficmp : Nettoyer et sauvegarder :mozilla.263:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Ivwbox : Nettoyer et sauvegarder :mozilla.289:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.2o7 : Nettoyer et sauvegarder :mozilla.290:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Overture : Nettoyer et sauvegarder :mozilla.291:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Overture : Nettoyer et sauvegarder :mozilla.309:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Euroclick : Nettoyer et sauvegarder :mozilla.706:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Trafic : Nettoyer et sauvegarder :mozilla.719:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Clickzs : Nettoyer et sauvegarder :mozilla.746:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Spinbox : Nettoyer et sauvegarder :mozilla.779:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.780:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.781:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.782:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.783:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.784:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.785:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.786:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.787:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.788:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.789:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.790:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.791:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.792:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.855:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Masterstats : Nettoyer et sauvegarder :mozilla.914:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Sitestat : Nettoyer et sauvegarder :mozilla.915:I:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\qct59n1i.default\cookies.txt -> Spyware.Cookie.Sitestat : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@247realmedia[2].txt -> Spyware.Cookie.247realmedia : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@ads.pointroll[2].txt -> Spyware.Cookie.Pointroll : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@adtech[2].txt -> Spyware.Cookie.Adtech : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@advertising[2].txt -> Spyware.Cookie.Advertising : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@as-us.falkag[1].txt -> Spyware.Cookie.Falkag : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@atdmt[2].txt -> Spyware.Cookie.Atdmt : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@bluestreak[1].txt -> Spyware.Cookie.Bluestreak : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@burstnet[2].txt -> Spyware.Cookie.Burstnet : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@casalemedia[1].txt -> Spyware.Cookie.Casalemedia : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@estat[1].txt -> Spyware.Cookie.Estat : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@fastclick[2].txt -> Spyware.Cookie.Fastclick : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@fl01.ct2.comclick[2].txt -> Spyware.Cookie.Comclick : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@paycounter[1].txt -> Spyware.Cookie.Paycounter : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@servedby.advertising[2].txt -> Spyware.Cookie.Advertising : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@server.iad.liveperson[1].txt -> Spyware.Cookie.Liveperson : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@tribalfusion[2].txt -> Spyware.Cookie.Tribalfusion : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@weborama[1].txt -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@www.smartadserver[1].txt -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\Cookies\denis@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Nettoyer et sauvegarder I:\Documents and Settings\Denis\Local Settings\Temp\THI179D.tmp\localNrd.cab/localNRD.dll -> Spyware.BiSpy : Erreur durant le nettoyage I:\Documents and Settings\Denis\Local Settings\Temp\THI179D.tmp\localNrd.cab/preInsln.exe -> Spyware.BiSpy : Erreur durant le nettoyage I:\WINDOWS\Downloaded Program Files\miniclipGameLoader.dll -> Spyware.Retro64 : Nettoyer et sauvegarder I:\WINDOWS\system32\config\systemprofile\Cookies\system@sexlist[2].txt -> Spyware.Cookie.Sexlist : Nettoyer et sauvegarder K:\PROGRAMES\Realone Superpass.zip/RealOne_Superpass/RealOnePlayer.exe -> Backdoor.Optix.Pro.o : Erreur durant le nettoyage ::Fin du rapport

L2MFIX find log 010406 These are the registry keys present ********************************************************************************** Winlogon/notify: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "Logoff"="ChainWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Logoff"="CryptnetWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] "DLLName"="cscdll.dll" "Logon"="WinlogonLogonEvent" "Logoff"="WinlogonLogoffEvent" "ScreenSaver"="WinlogonScreenSaverEvent" "Startup"="WinlogonStartupEvent" "Shutdown"="WinlogonShutdownEvent" "StartShell"="WinlogonStartShellEvent" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DLLName"="wlnotify.dll" "Logon"="SCardStartCertProp" "Logoff"="SCardStopCertProp" "Lock"="SCardSuspendCertProp" "Unlock"="SCardResumeCertProp" "Enabled"=dword:00000001 "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "StartShell"="SchedStartShell" "Logoff"="SchedEventLogOff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] "Logoff"="WLEventLogoff" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DLLName"="WlNotify.dll" "Lock"="SensLockEvent" "Logon"="SensLogonEvent" "Logoff"="SensLogoffEvent" "Safe"=dword:00000001 "MaxWait"=dword:00000258 "StartScreenSaver"="SensStartScreenSaverEvent" "StopScreenSaver"="SensStopScreenSaverEvent" "Startup"="SensStartupEvent" "Shutdown"="SensShutdownEvent" "StartShell"="SensStartShellEvent" "PostShell"="SensPostShellEvent" "Disconnect"="SensDisconnectEvent" "Reconnect"="SensReconnectEvent" "Unlock"="SensUnlockEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellServiceObjectDelayLoad] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\l8p2li7o18.dll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "Logoff"="TSEventLogoff" "Logon"="TSEventLogon" "PostShell"="TSEventPostShell" "Shutdown"="TSEventShutdown" "StartShell"="TSEventStartShell" "Startup"="TSEventStartup" "MaxWait"=dword:00000258 "Reconnect"="TSEventReconnect" "Disconnect"="TSEventDisconnect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB] "Asynchronous"=dword:00000000 "DllName"="C:\\PROGRA~1\\Stardock\\OBJECT~1\\WINDOW~1\\fastload.dll" "Startup"="StartSys" "Logon"="StartWB" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DLLName"="wlnotify.dll" "Logon"="RegisterTicketExpiredNotificationEvent" "Logoff"="UnregisterTicketExpiredNotificationEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 ********************************************************************************** useragent: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] "{FAB72948-C2FB-6548-F530-9D0E36CA2555}"="" ********************************************************************************** Shell Extension key: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia" "{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM" "{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS" "{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile" "{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage" "{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension" "{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration" "{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage ?cran du Panneau de configuration" "{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration" "{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS" "{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚" "{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement" "{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette" "{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows" "{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM" "{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM" "{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers" "{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web" "{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI" "{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage" "{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents" "{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal" "{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts" "{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC" "{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes" "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage" "{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension" "{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO" "{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign" "{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau" "{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau" "{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo" "{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo" "{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo" "{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo" "{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo" "{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension" "{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension" "{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interpr‚teur de commandes pour l'environnement d'ex‚cution de scripts Windows" "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft" "{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler" "{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension" "{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es" "{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer" "{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher" "{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support" "{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support" "{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..." "{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet" "{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique" "{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices" "{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration" "{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler" "{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler" "{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler" "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler" "{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler" "{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor" "{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft" "{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="?tat du t‚l‚chargement" "{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu" "{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚" "{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy" "{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft" "{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche" "{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band" "{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche" "{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web" "{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre" "{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse" "{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse" "{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft" "{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor" "{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU" "{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU" "{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible" "{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante" "{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analyseur de la barre d'adresses" "{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft" "{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft" "{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft" "{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes" "{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp" "{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau" "{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite" "{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur" "{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global" "{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band" "{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service" "{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer" "{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture" "{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut" "{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service" "{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique" "{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook" "{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4" "{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook" "{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC" "{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC" "{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet" "{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space" "{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band" "{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache" "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck" "{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr" "{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription" "{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler" "{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent" "{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent" "{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent" "{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent" "{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent" "{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler" "{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement" "{0B124F8F-91F0-11D1-B8B5-006008059382}"="?num‚rateur d'applications install‚es" "{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin" "{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs" "{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory" "{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI" "{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)" "{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML" "{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler" "{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web" "{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web" "{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell" "{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport" "{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs" "{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler" "{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target" "{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne" "{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne" "{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object" "{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu" "{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties" "{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview" "{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext" "{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control" "{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control" "{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control" "{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control" "{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control" "{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI" "{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object" "{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find" "{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find" "{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI" "{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs" "{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook" "{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target" "{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties" "{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu" "{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options" "{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion" "{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler" "{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell" "{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%" "{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler" "{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer" "{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..." "{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler" "{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler" "{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler" "{EFAE29FF-EDDD-4A3C-87DF-75C3096F26DB}"="" "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension" "{9B084271-5290-4FC1-8E77-80147BE983F8}"="" "{A70C977A-BF00-412C-90B7-034C51DA2439}"="NvCpl DesktopContext Class" "{FFB699E0-306A-11d3-8BD1-00104B6F7516}"="Play on my TV helper" "{1CDB2949-8F65-4355-8456-263E7C208A5D}"="Desktop Explorer" "{1E9B04FB-F9E5-4718-997B-B8DA88302A47}"="Desktop Explorer Menu" "{1E9B04FB-F9E5-4718-997B-B8DA88302A48}"="nView Desktop Context Menu" "{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}"="jetAudio" "{B327765E-D724-4347-8B16-78AE18552FC3}"="NeroDigitalIconHandler" "{7F1CF152-04F8-453A-B34C-E609530A9DC8}"="NeroDigitalPropSheetHandler" "{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults" "{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Previous Versions Property Page" "{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Previous Versions" "{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder" "{2F5AC606-70CF-461C-BFE1-734234536262}"="WindowBlinds CPL Extension" ********************************************************************************** HKEY ROOT CLASSIDS: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{9B084271-5290-4FC1-8E77-80147BE983F8}] @="" [HKEY_CLASSES_ROOT\CLSID\{9B084271-5290-4FC1-8E77-80147BE983F8}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{9B084271-5290-4FC1-8E77-80147BE983F8}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{9B084271-5290-4FC1-8E77-80147BE983F8}\InprocServer32] @="C:\\WINDOWS\\system32\\ksdhela2.dll" "ThreadingModel"="Apartment" ********************************************************************************** Files Found are not all bad files: C:\WINDOWS\SYSTEM32\ gdi32.dll Thu 29 Dec 2005 3:56:04 A.... 280 064 273,50 K ksdhela2.dll Sun 5 Feb 2006 19:02:32 ..S.R 233 851 228,37 K l8p2li~1.dll Sun 5 Feb 2006 18:54:34 ..S.R 233 851 228,37 K nv4_disp.dll Sat 10 Dec 2005 3:06:00 A.... 3 955 456 3,77 M nvapi.dll Sat 10 Dec 2005 3:06:00 A.... 110 592 108,00 K nvcod.dll Sat 10 Dec 2005 3:06:00 A.... 35 840 35,00 K nvcodins.dll Sat 10 Dec 2005 3:06:00 A.... 35 840 35,00 K nvcpl.dll Sat 10 Dec 2005 3:06:00 A.... 7 311 360 6,97 M nvhwvid.dll Sat 10 Dec 2005 3:06:00 A.... 573 440 560,00 K nview.dll Sat 10 Dec 2005 3:06:00 A.... 1 466 368 1,40 M nvmccs.dll Sat 10 Dec 2005 3:06:00 A.... 229 376 224,00 K nvmccsrs.dll Sat 10 Dec 2005 3:06:00 A.... 45 056 44,00 K nvmctray.dll Sat 10 Dec 2005 3:06:00 A.... 86 016 84,00 K nvnt4cpl.dll Sat 10 Dec 2005 3:06:00 A.... 286 720 280,00 K nvoglnt.dll Sat 10 Dec 2005 3:06:00 A.... 5 402 624 5,15 M nvrsar.dll Sat 10 Dec 2005 3:06:00 A.... 319 488 312,00 K nvrscs.dll Sat 10 Dec 2005 3:06:00 A.... 241 664 236,00 K nvrsda.dll Sat 10 Dec 2005 3:06:00 A.... 245 760 240,00 K nvrsde.dll Sat 10 Dec 2005 3:06:00 A.... 270 336 264,00 K nvrsel.dll Sat 10 Dec 2005 3:06:00 A.... 274 432 268,00 K nvrseng.dll Sat 10 Dec 2005 3:06:00 A.... 241 664 236,00 K nvrses.dll Sat 10 Dec 2005 3:06:00 A.... 274 432 268,00 K nvrsesm.dll Sat 10 Dec 2005 3:06:00 A.... 266 240 260,00 K nvrsfi.dll Sat 10 Dec 2005 3:06:00 A.... 241 664 236,00 K nvrsfr.dll Sat 10 Dec 2005 3:06:00 A.... 278 528 272,00 K nvrshe.dll Sat 10 Dec 2005 3:06:00 A.... 319 488 312,00 K nvrshu.dll Sat 10 Dec 2005 3:06:00 A.... 253 952 248,00 K nvrsit.dll Sat 10 Dec 2005 3:06:00 A.... 274 432 268,00 K nvrsja.dll Sat 10 Dec 2005 3:06:00 A.... 258 048 252,00 K nvrsko.dll Sat 10 Dec 2005 3:06:00 A.... 253 952 248,00 K nvrsnl.dll Sat 10 Dec 2005 3:06:00 A.... 266 240 260,00 K nvrsno.dll Sat 10 Dec 2005 3:06:00 A.... 249 856 244,00 K nvrspl.dll Sat 10 Dec 2005 3:06:00 A.... 249 856 244,00 K nvrspt.dll Sat 10 Dec 2005 3:06:00 A.... 266 240 260,00 K nvrsptb.dll Sat 10 Dec 2005 3:06:00 A.... 262 144 256,00 K nvrsru.dll Sat 10 Dec 2005 3:06:00 A.... 262 144 256,00 K nvrssk.dll Sat 10 Dec 2005 3:06:00 A.... 249 856 244,00 K nvrssl.dll Sat 10 Dec 2005 3:06:00 A.... 249 856 244,00 K nvrssv.dll Sat 10 Dec 2005 3:06:00 A.... 245 760 240,00 K nvrstr.dll Sat 10 Dec 2005 3:06:00 A.... 249 856 244,00 K nvrszhc.dll Sat 10 Dec 2005 3:06:00 A.... 217 088 212,00 K nvrszht.dll Sat 10 Dec 2005 3:06:00 A.... 118 784 116,00 K nvshell.dll Sat 10 Dec 2005 3:06:00 A.... 466 944 456,00 K nvwddi.dll Sat 10 Dec 2005 3:06:00 A.... 81 920 80,00 K nvwdmcpl.dll Sat 10 Dec 2005 3:06:00 A.... 1 662 976 1,59 M nvwimg.dll Sat 10 Dec 2005 3:06:00 A.... 1 019 904 996,00 K nvwrsar.dll Sat 10 Dec 2005 3:06:00 A.... 282 624 276,00 K nvwrscs.dll Sat 10 Dec 2005 3:06:00 A.... 286 720 280,00 K nvwrsda.dll Sat 10 Dec 2005 3:06:00 A.... 294 912 288,00 K nvwrsde.dll Sat 10 Dec 2005 3:06:00 A.... 311 296 304,00 K nvwrsel.dll Sat 10 Dec 2005 3:06:00 A.... 335 872 328,00 K nvwrseng.dll Sat 10 Dec 2005 3:06:00 A.... 286 720 280,00 K nvwrses.dll Sat 10 Dec 2005 3:06:00 A.... 335 872 328,00 K nvwrsesm.dll Sat 10 Dec 2005 3:06:00 A.... 327 680 320,00 K nvwrsfi.dll Sat 10 Dec 2005 3:06:00 A.... 303 104 296,00 K nvwrsfr.dll Sat 10 Dec 2005 3:06:00 A.... 327 680 320,00 K nvwrshe.dll Sat 10 Dec 2005 3:06:00 A.... 278 528 272,00 K nvwrshu.dll Sat 10 Dec 2005 3:06:00 A.... 315 392 308,00 K nvwrsit.dll Sat 10 Dec 2005 3:06:00 A.... 323 584 316,00 K nvwrsja.dll Sat 10 Dec 2005 3:06:00 A.... 212 992 208,00 K nvwrsko.dll Sat 10 Dec 2005 3:06:00 A.... 196 608 192,00 K nvwrsnl.dll Sat 10 Dec 2005 3:06:00 A.... 319 488 312,00 K nvwrsno.dll Sat 10 Dec 2005 3:06:00 A.... 299 008 292,00 K nvwrspl.dll Sat 10 Dec 2005 3:06:00 A.... 294 912 288,00 K nvwrspt.dll Sat 10 Dec 2005 3:06:00 A.... 323 584 316,00 K nvwrsptb.dll Sat 10 Dec 2005 3:06:00 A.... 319 488 312,00 K nvwrsru.dll Sat 10 Dec 2005 3:06:00 A.... 315 392 308,00 K nvwrssk.dll Sat 10 Dec 2005 3:06:00 A.... 299 008 292,00 K nvwrssl.dll Sat 10 Dec 2005 3:06:00 A.... 303 104 296,00 K nvwrssv.dll Sat 10 Dec 2005 3:06:00 A.... 294 912 288,00 K nvwrstr.dll Sat 10 Dec 2005 3:06:00 A.... 303 104 296,00 K nvwrszhc.dll Sat 10 Dec 2005 3:06:00 A.... 163 840 160,00 K nvwrszht.dll Sat 10 Dec 2005 3:06:00 A.... 167 936 164,00 K r8p8li~1.dll Sun 5 Feb 2006 19:02:32 ..S.R 235 729 230,20 K wbhelp2.dll Sat 4 Feb 2006 22:51:38 A.... 50 688 49,50 K wbvcore.dll Sun 5 Feb 2006 13:58:32 ..S.R 233 851 228,37 K 76 items found: 76 files (4 H/S), 0 directories. Total of file sizes: 38 763 586 bytes 36,96 M Locate .tmp files: No matches found. ********************************************************************************** Directory Listing of system files: Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est F03B-38A5 R‚pertoire de C:\WINDOWS\System32 05/02/2006 19:02 233ÿ851 ksdhela2.dll 05/02/2006 19:02 235ÿ729 r8p8li7u18.dll 05/02/2006 18:54 233ÿ851 l8p2li7o18.dll 05/02/2006 13:58 233ÿ851 wbvcore.dll 05/02/2006 13:56 <REP> dllcache 04/02/2006 17:34 <REP> Microsoft 4 fichier(s) 937ÿ282 octets 2 R‚p(s) 75ÿ579ÿ023ÿ360 octets libres je suis en rain de faire un scan avec EWIDO

j'utilise IE car j'ai plutôt l'habitude de celui là ... mais why not ... j'vais changer ... non j'ai pas de fire wall ... quel serais le plus simple d'utilisation, pour une efficassiter la plus irreprochable analise hijackthis http://forum.zebulon.fr/index.php?showtopic=86821

voici donc mon nouveau machin hijack ... toujours autent de pop up et de bordel macromedia ...

Logfile of HijackThis v1.99.1 Scan saved at 18:17:24, on 05/02/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Program Files\Network Monitor\netmon.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\INF\MSI\SlowDownCPU\SlowDownCPU.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\VIAudioi\SBADeck\ADeck.exe C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\explorer.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe C:\Program Files\DAP\DAP.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\Program Files\JetAudio\jetAudio.exe C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\WINDOWS\System32\rundll32.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\MRSHOG~1\LOCALS~1\Temp\Rar$EX00.718\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O4 - HKLM\..\Run: [slowDownCPU] C:\WINDOWS\INF\MSI\SlowDownCPU\SlowDownCPU.exe O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1 O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE O4 - HKLM\..\Run: [sBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Application Layer Gateway Service] C:\WINDOWS\System32\algs.exe O4 - HKLM\..\Run: [ahmb] c:\windows\eee2.exe O4 - HKLM\..\Run: [TIAP] C:\windows\eee2.exe O4 - HKLM\..\Run: [ahkw] C:\windows\eee2.exe O4 - HKLM\..\Run: [gimmygames] C:\windows\gimmygames.exe O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [wahm] C:\windows\eee2.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\RunServices: [Configuration Loader] scvhost.exe O4 - HKLM\..\RunServices: [The Service Pack Loader] spxp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/ O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1139073129283 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,wbsys.dll O20 - Winlogon Notify: Syncmgr - C:\WINDOWS\system32\l60ulgd9160.dll O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\U2hvZ3Vu\command.exe (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe voici mon rapport j'ai plein de merde qui apparraise sans crier "gare" (encore heureux d'aileur, au moins j'peu ecouter de la musique ...) des fennetres pop up mais pas vraiment (elles apparraisse toutes seule, sans navigation) des machin publicitaire en flash et ma navigation est plus que dure ... (le boutton actualisé commence a etre usé ...) a vot' bon coeur ... merci d'avance !

Bonjour dite, j'ai un probleme, je vien d'installer ma nouvelle becane, les mise a jours sont faite ... j'ai kapersky, spybot, adware, adwatch, mis a jours et les annalise jne donne rien ... cependant j'ai plein de probleme: une navigation casi impossible, je suis obligé de bataillé avec explorer pour qu'il m'affiche les pages internet ... des deconnexion arbitraire ... (je suis chez 9telecom, avec la 9box, rien a voir avec eux, mon autre machine fonctionne sans probleme ...) et j'ai ces truc là qui apparaisse, et que je ne sais comment viré .. z'avez 2mn a perdre pour m'expliquer ce que c'est ? thnx