aoncle
-
Compteur de contenus
9 -
Inscription
-
Dernière visite
aoncle's Achievements
Junior Member (3/12)
0
Réputation sur la communauté
-
merci infiniment je n'ai jamais vu une telle competence!!! c'est rare de voir des personnes prêtes à rendre service comme ça! vraiment je suis très touchée par votre aide... j'espère que je n'aurais plus besoin de votre aide... mais bon ça m'étonnerait! à bientôt
-
voici d'abord le rapport ewido et ensuite le HijackThis --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 16:04:02, 28/02/2006 + Somme de contrôle: 95B2067F + Résultats du scan: HKLM\SOFTWARE\Classes\CLSID\{EA0D26BD-9029-431A-86E0-83152D67828A} -> Adware.180Solutions : Nettoyer et sauvegarder HKU\S-1-5-21-1935655697-1957994488-1417001333-1003\Software\DNS -> Adware.Shorty : Nettoyer et sauvegarder :mozilla.12:C:\Documents and Settings\Jean\Application Data\Mozilla\Firefox\Profiles\u8833e5u.default\cookies.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder :mozilla.17:C:\Documents and Settings\Jean\Application Data\Mozilla\Firefox\Profiles\u8833e5u.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.19:C:\Documents and Settings\Jean\Application Data\Mozilla\Firefox\Profiles\u8833e5u.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder :mozilla.21:C:\Documents and Settings\Jean\Application Data\Mozilla\Firefox\Profiles\u8833e5u.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.22:C:\Documents and Settings\Jean\Application Data\Mozilla\Firefox\Profiles\u8833e5u.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.23:C:\Documents and Settings\Jean\Application Data\Mozilla\Firefox\Profiles\u8833e5u.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder C:\Documents and Settings\Jean\Cookies\jean@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder C:\Documents and Settings\Jean\Cookies\jean@adtech[2].txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder C:\Documents and Settings\Jean\Cookies\jean@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder C:\Documents and Settings\Jean\Cookies\jean@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder C:\Documents and Settings\Jean\Cookies\jean@weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder C:\Documents and Settings\Jean\Cookies\jean@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.11:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.12:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.13:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.14:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.15:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.16:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder :mozilla.32:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder :mozilla.33:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder :mozilla.34:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder :mozilla.35:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder :mozilla.36:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder :mozilla.37:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder :mozilla.38:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder :mozilla.39:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder :mozilla.40:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder :mozilla.41:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder :mozilla.42:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder :mozilla.43:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder :mozilla.44:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder :mozilla.45:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder :mozilla.46:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder :mozilla.47:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder :mozilla.48:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.49:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.50:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.51:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.52:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.53:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder :mozilla.54:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder :mozilla.65:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder :mozilla.66:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder :mozilla.74:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder :mozilla.83:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder :mozilla.85:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyer et sauvegarder :mozilla.86:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyer et sauvegarder :mozilla.87:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder :mozilla.88:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder :mozilla.89:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder :mozilla.107:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder :mozilla.111:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Nettoyer et sauvegarder :mozilla.112:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder :mozilla.113:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder :mozilla.114:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder :mozilla.123:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder :mozilla.124:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder :mozilla.125:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder :mozilla.126:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder :mozilla.127:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder :mozilla.131:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder :mozilla.138:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.139:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.140:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.141:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.142:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.143:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.144:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.147:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder :mozilla.174:C:\Documents and Settings\Jean.PERRET\Application Data\Mozilla\Firefox\Profiles\1ewp4apk.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Application Data\Thunderbird\Profiles\abbzdesr.default\Mail\Local Folders\Inbox -> Downloader.Agent.ae : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/azaml5h11.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/dgnlobby.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/dn2q01f5e.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/dn4u01h9e.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/dnnq0155e.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/DQTCR.DLL -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/ecent97.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/g6jolg1316.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/gplol3331.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/irl0l53m1.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/j06mlaj11do.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/mfjtes40.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/movbvm60.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/n2l8lc3u1f.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/naevtmsg.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/nicfg.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/nsobjapi.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/o6rolg9316.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/q8nuli5918.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/sdnsapi.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/sqssetup.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/SZLSRV32.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/t88u0il9e8q.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/unrcoina.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\backup.zip/dlls/wbnsflte.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\azaml5h11.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\dgnlobby.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\dn2q01f5e.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\dn4u01h9e.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\dnnq0155e.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\DQTCR.DLL -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\ecent97.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\g6jolg1316.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\gplol3331.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\irl0l53m1.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\j06mlaj11do.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\mfjtes40.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\movbvm60.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\n2l8lc3u1f.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\naevtmsg.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\nicfg.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\nsobjapi.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\o6rolg9316.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\q8nuli5918.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\sdnsapi.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\sqssetup.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\SZLSRV32.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\t88u0il9e8q.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\unrcoina.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Bureau\l2mfix\dlls\wbnsflte.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Cookies\jean@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Cookies\jean@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Local Settings\Temporary Internet Files\Content.IE5\FKRQ9F3Z\AppWrap[1].exe -> Adware.AdURL : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Local Settings\Temporary Internet Files\Content.IE5\JQB70DXZ\AppWrap[1].exe -> Adware.AdURL : Nettoyer et sauvegarder C:\Documents and Settings\Jean.PERRET\Local Settings\Temporary Internet Files\Content.IE5\SDIRGTUB\AppWrap[1].exe -> Adware.AdURL : Nettoyer et sauvegarder C:\WINDOWS\876057.exe -> Adware.Mirar : Nettoyer et sauvegarder C:\WINDOWS\Downloaded Program Files\elite.ocx -> Adware.MediaMotor : Nettoyer et sauvegarder C:\WINDOWS\icont.exe -> Adware.AdURL : Nettoyer et sauvegarder C:\WINDOWS\iconu.exe -> Adware.Zestyfind : Nettoyer et sauvegarder C:\WINDOWS\system32\WinNB57.dll -> Adware.Mirar : Nettoyer et sauvegarder C:\WINDOWS\Temp\bw2.com -> Adware.Zestyfind : Nettoyer et sauvegarder ::Fin du rapport Logfile of HijackThis v1.99.1 Scan saved at 16:24:08, on 28/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE C:\Program Files\Pack Securite\Common\FSMA32.EXE C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe C:\Program Files\Pack Securite\Common\FSMB32.EXE C:\WINDOWS\Mixer.exe C:\Program Files\Pack Securite\Common\FSM32.EXE C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\Program Files\Pack Securite\Common\FCH32.EXE C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Microsoft Money\System\mnyexpr.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Pack Securite\Common\FAMEH32.EXE C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe C:\Program Files\Pack Securite\Anti-Virus\fsrw.exe C:\Program Files\Pack Securite\FSPC\fspc.exe C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe C:\Program Files\Utilitaire de gestion du LAN Wifi IEEE 802.11g\WlanUtl.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Securite\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Pack Securite.lnk = C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Pack Securite\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll O9 - Extra button: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing O23 - Service: Pack Securite (BackWeb Plug-in - 361343) - BackWeb Technologies Inc. - C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe O23 - Service: F-Secure HTTP Server (fshttps) - Unknown owner - C:\Program Files\Pack Securite\FSPC\fshttps\fshttps.exe (file missing) O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE voilà !!! c'est bon?
-
c'est bizarre lorsque je veux mettre à jour ewido il me dit "la connection ne peut etre etablie" alors que je suis en ce moment connectée!!
-
ok merci de me rassurer bon j'attends l'analyse alors... merci infiniment!
-
le voici! désolée j'ai l'air un peu débile mais c'est tout un language qu'il faut connaitre et c'est pas évident au début!!! Logfile of HijackThis v1.99.1 Scan saved at 13:51:49, on 28/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE C:\Program Files\Pack Securite\Common\FSMA32.EXE C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe C:\Program Files\Pack Securite\Common\FSMB32.EXE C:\Program Files\Pack Securite\Common\FCH32.EXE C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe C:\Program Files\Pack Securite\Common\FAMEH32.EXE C:\Program Files\Pack Securite\Anti-Virus\fsrw.exe C:\Program Files\Pack Securite\FSPC\fspc.exe C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe C:\WINDOWS\Mixer.exe C:\Program Files\Pack Securite\Common\FSM32.EXE C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Microsoft Money\System\mnyexpr.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Zango Toolbar - {EA0D26BD-9029-431A-86E0-83152D67828A} - C:\Program Files\Zango Programs\Zango Toolbar\ZangoTB.dll (file missing) O4 - HKLM\..\Run: [winsysupd] C:\windows\winsysupd9.exe O4 - HKLM\..\Run: [winsysban] C:\windows\winsysban9.exe O4 - HKLM\..\Run: [Windows Logon Application] C:\WINDOWS\System32\logon.exe O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [Application Layer Gateway Service] C:\WINDOWS\System32\algs.exe O4 - HKLM\..\Run: [huX9GtUFQ] C:\WINDOWS\fgsxmr.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Securite\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [MediaGateway] C:\Program Files\MediaGateway\MediaGateway.exe O4 - HKLM\..\Run: [gimmygames] C:\windows\gimmygames9.exe O4 - HKLM\..\Run: [e444] C:\windows\eee2.exe O4 - HKLM\..\Run: [ahkw] C:\windows\eee2.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [kbdcon] C:\WINDOWS\System32\kbdcon.exe O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Pack Securite.lnk = C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Pack Securite\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll O9 - Extra button: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing O15 - Trusted Zone: *.elitemediagroup.net O15 - Trusted Zone: *.media-motor.net O15 - Trusted Zone: *.popuppers.com O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1125 O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} - http://static.zangocash.com/cab/Zango/ie/bridge-c18.cab O16 - DPF: {9AC54695-69A4-46F1-BE10-10C74F9520D5} - http://cabs.elitemediagroup.net/cabs/mediaview.cab O20 - Winlogon Notify: Syncmgr - C:\WINDOWS\system32\n2l8lc3u1f.dll (file missing) O23 - Service: Pack Securite (BackWeb Plug-in - 361343) - BackWeb Technologies Inc. - C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe O23 - Service: F-Secure HTTP Server (fshttps) - Unknown owner - C:\Program Files\Pack Securite\FSPC\fshttps\fshttps.exe (file missing) O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE
-
excusez moi mais je ne sais pas ce que veux dire "nouveau log", est-ce qu'il faut que je fasse une nouvelle discussion neuve ou bien je mets mon nouveau rapport à la suite dans une nouvelle réponse de cette conversation?
-
merci bruce lee! voici mon second rapport que je suis allée chercher dans log.txt L2mfix 010406 Creating Account. La commande s'est termin‚e correctement. Adding Administrative privleges. Checking for L2MFix account(0=no 1=yes): 1 Granting SeDebugPrivilege to L2MFIX ... successful Running From: C:\WINDOWS\system32 Killing Processes! Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 380 'smss.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 644 'winlogon.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 868 'explorer.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 1404 'rundll32.exe' Restoring Sedebugprivilege: Granting SeDebugPrivilege to Administrateurs ... successful Scanning First Pass. Please Wait! First Pass Completed Second Pass Scanning Second pass Completed! 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). Deleting: C:\WINDOWS\system32\azaml5h11.dll Successfully Deleted: C:\WINDOWS\system32\azaml5h11.dll Deleting: C:\WINDOWS\system32\dgnlobby.dll Successfully Deleted: C:\WINDOWS\system32\dgnlobby.dll Deleting: C:\WINDOWS\system32\dn2q01f5e.dll Successfully Deleted: C:\WINDOWS\system32\dn2q01f5e.dll Deleting: C:\WINDOWS\system32\dn4u01h9e.dll Successfully Deleted: C:\WINDOWS\system32\dn4u01h9e.dll Deleting: C:\WINDOWS\system32\dnnq0155e.dll Successfully Deleted: C:\WINDOWS\system32\dnnq0155e.dll Deleting: C:\WINDOWS\system32\DQTCR.DLL Successfully Deleted: C:\WINDOWS\system32\DQTCR.DLL Deleting: C:\WINDOWS\system32\ecent97.dll Successfully Deleted: C:\WINDOWS\system32\ecent97.dll Deleting: C:\WINDOWS\system32\g6jolg1316.dll Successfully Deleted: C:\WINDOWS\system32\g6jolg1316.dll Deleting: C:\WINDOWS\system32\gplol3331.dll Successfully Deleted: C:\WINDOWS\system32\gplol3331.dll Deleting: C:\WINDOWS\system32\irl0l53m1.dll Successfully Deleted: C:\WINDOWS\system32\irl0l53m1.dll Deleting: C:\WINDOWS\system32\j06mlaj11do.dll Successfully Deleted: C:\WINDOWS\system32\j06mlaj11do.dll Deleting: C:\WINDOWS\system32\mfjtes40.dll Successfully Deleted: C:\WINDOWS\system32\mfjtes40.dll Deleting: C:\WINDOWS\system32\movbvm60.dll Successfully Deleted: C:\WINDOWS\system32\movbvm60.dll Deleting: C:\WINDOWS\system32\n2l8lc3u1f.dll Successfully Deleted: C:\WINDOWS\system32\n2l8lc3u1f.dll Deleting: C:\WINDOWS\system32\naevtmsg.dll Successfully Deleted: C:\WINDOWS\system32\naevtmsg.dll Deleting: C:\WINDOWS\system32\nicfg.dll Successfully Deleted: C:\WINDOWS\system32\nicfg.dll Deleting: C:\WINDOWS\system32\nsobjapi.dll Successfully Deleted: C:\WINDOWS\system32\nsobjapi.dll Deleting: C:\WINDOWS\system32\o6rolg9316.dll Successfully Deleted: C:\WINDOWS\system32\o6rolg9316.dll Deleting: C:\WINDOWS\system32\q8nuli5918.dll Successfully Deleted: C:\WINDOWS\system32\q8nuli5918.dll Deleting: C:\WINDOWS\system32\sdnsapi.dll Successfully Deleted: C:\WINDOWS\system32\sdnsapi.dll Deleting: C:\WINDOWS\system32\sqssetup.dll Successfully Deleted: C:\WINDOWS\system32\sqssetup.dll Deleting: C:\WINDOWS\system32\SZLSRV32.dll Successfully Deleted: C:\WINDOWS\system32\SZLSRV32.dll Deleting: C:\WINDOWS\system32\t88u0il9e8q.dll Successfully Deleted: C:\WINDOWS\system32\t88u0il9e8q.dll Deleting: C:\WINDOWS\system32\unrcoina.dll Successfully Deleted: C:\WINDOWS\system32\unrcoina.dll Deleting: C:\WINDOWS\system32\wbnsflte.dll Successfully Deleted: C:\WINDOWS\system32\wbnsflte.dll msg11?.dll 0 fichier(s) copi‚(s). Restoring Windows Update Certificates.: The following Is the Current Export of the Winlogon notify key: **************************************************************************** Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "Logoff"="ChainWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Logoff"="CryptnetWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] "DLLName"="cscdll.dll" "Logon"="WinlogonLogonEvent" "Logoff"="WinlogonLogoffEvent" "ScreenSaver"="WinlogonScreenSaverEvent" "Startup"="WinlogonStartupEvent" "Shutdown"="WinlogonShutdownEvent" "StartShell"="WinlogonStartShellEvent" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DLLName"="wlnotify.dll" "Logon"="SCardStartCertProp" "Logoff"="SCardStopCertProp" "Lock"="SCardSuspendCertProp" "Unlock"="SCardResumeCertProp" "Enabled"=dword:00000001 "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "StartShell"="SchedStartShell" "Logoff"="SchedEventLogOff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] "Logoff"="WLEventLogoff" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DLLName"="WlNotify.dll" "Lock"="SensLockEvent" "Logon"="SensLogonEvent" "Logoff"="SensLogoffEvent" "Safe"=dword:00000001 "MaxWait"=dword:00000258 "StartScreenSaver"="SensStartScreenSaverEvent" "StopScreenSaver"="SensStopScreenSaverEvent" "Startup"="SensStartupEvent" "Shutdown"="SensShutdownEvent" "StartShell"="SensStartShellEvent" "PostShell"="SensPostShellEvent" "Disconnect"="SensDisconnectEvent" "Reconnect"="SensReconnectEvent" "Unlock"="SensUnlockEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Syncmgr] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\n2l8lc3u1f.dll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "Logoff"="TSEventLogoff" "Logon"="TSEventLogon" "PostShell"="TSEventPostShell" "Shutdown"="TSEventShutdown" "StartShell"="TSEventStartShell" "Startup"="TSEventStartup" "MaxWait"=dword:00000258 "Reconnect"="TSEventReconnect" "Disconnect"="TSEventDisconnect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DLLName"="wlnotify.dll" "Logon"="RegisterTicketExpiredNotificationEvent" "Logoff"="UnregisterTicketExpiredNotificationEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 The following are the files found: **************************************************************************** C:\WINDOWS\system32\azaml5h11.dll C:\WINDOWS\system32\dgnlobby.dll C:\WINDOWS\system32\dn2q01f5e.dll C:\WINDOWS\system32\dn4u01h9e.dll C:\WINDOWS\system32\dnnq0155e.dll C:\WINDOWS\system32\DQTCR.DLL C:\WINDOWS\system32\ecent97.dll C:\WINDOWS\system32\g6jolg1316.dll C:\WINDOWS\system32\gplol3331.dll C:\WINDOWS\system32\irl0l53m1.dll C:\WINDOWS\system32\j06mlaj11do.dll C:\WINDOWS\system32\mfjtes40.dll C:\WINDOWS\system32\movbvm60.dll C:\WINDOWS\system32\n2l8lc3u1f.dll C:\WINDOWS\system32\naevtmsg.dll C:\WINDOWS\system32\nicfg.dll C:\WINDOWS\system32\nsobjapi.dll C:\WINDOWS\system32\o6rolg9316.dll C:\WINDOWS\system32\q8nuli5918.dll C:\WINDOWS\system32\sdnsapi.dll C:\WINDOWS\system32\sqssetup.dll C:\WINDOWS\system32\SZLSRV32.dll C:\WINDOWS\system32\t88u0il9e8q.dll C:\WINDOWS\system32\unrcoina.dll C:\WINDOWS\system32\wbnsflte.dll Registry Entries that were Deleted: Please verify that the listing looks ok. If there was something deleted wrongly there are backups in the backreg folder. **************************************************************************** Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A42B7BE4-4C9A-4E5D-8F6B-362DC6FE5D08}] @="" "IDEx"="ADDR" [HKEY_CLASSES_ROOT\CLSID\{A42B7BE4-4C9A-4E5D-8F6B-362DC6FE5D08}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A42B7BE4-4C9A-4E5D-8F6B-362DC6FE5D08}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A42B7BE4-4C9A-4E5D-8F6B-362DC6FE5D08}\InprocServer32] @="C:\\WINDOWS\\system32\\kudcz1.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{70233AE0-CD94-4D6C-B1B2-913D8A3BF8F0}] @="" [HKEY_CLASSES_ROOT\CLSID\{70233AE0-CD94-4D6C-B1B2-913D8A3BF8F0}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{70233AE0-CD94-4D6C-B1B2-913D8A3BF8F0}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{70233AE0-CD94-4D6C-B1B2-913D8A3BF8F0}\InprocServer32] @="C:\\WINDOWS\\system32\\DQTCR.DLL" "ThreadingModel"="Apartment" REGEDIT4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{A42B7BE4-4C9A-4E5D-8F6B-362DC6FE5D08}"=- "{70233AE0-CD94-4D6C-B1B2-913D8A3BF8F0}"=- [-HKEY_CLASSES_ROOT\CLSID\{A42B7BE4-4C9A-4E5D-8F6B-362DC6FE5D08}] [-HKEY_CLASSES_ROOT\CLSID\{70233AE0-CD94-4D6C-B1B2-913D8A3BF8F0}] REGEDIT4 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] "SV1"="" **************************************************************************** Desktop.ini Contents: **************************************************************************** **************************************************************************** Checking for L2MFix account(0=no 1=yes): 0 Zipping up files for submission: adding: dlls/azaml5h11.dll (164 bytes security) (deflated 5%) adding: dlls/dgnlobby.dll (164 bytes security) (deflated 5%) adding: dlls/dn2q01f5e.dll (164 bytes security) (deflated 5%) adding: dlls/dn4u01h9e.dll (164 bytes security) (deflated 4%) adding: dlls/dnnq0155e.dll (164 bytes security) (deflated 5%) adding: dlls/DQTCR.DLL (164 bytes security) (deflated 5%) adding: dlls/ecent97.dll (164 bytes security) (deflated 5%) adding: dlls/g6jolg1316.dll (164 bytes security) (deflated 5%) adding: dlls/gplol3331.dll (164 bytes security) (deflated 4%) adding: dlls/irl0l53m1.dll (164 bytes security) (deflated 5%) adding: dlls/j06mlaj11do.dll (164 bytes security) (deflated 5%) adding: dlls/mfjtes40.dll (164 bytes security) (deflated 5%) adding: dlls/movbvm60.dll (164 bytes security) (deflated 5%) adding: dlls/n2l8lc3u1f.dll (164 bytes security) (deflated 5%) adding: dlls/naevtmsg.dll (164 bytes security) (deflated 5%) adding: dlls/nicfg.dll (164 bytes security) (deflated 4%) adding: dlls/nsobjapi.dll (164 bytes security) (deflated 4%) adding: dlls/o6rolg9316.dll (164 bytes security) (deflated 5%) adding: dlls/q8nuli5918.dll (164 bytes security) (deflated 5%) adding: dlls/sdnsapi.dll (164 bytes security) (deflated 5%) adding: dlls/sqssetup.dll (164 bytes security) (deflated 5%) adding: dlls/SZLSRV32.dll (164 bytes security) (deflated 5%) adding: dlls/t88u0il9e8q.dll (164 bytes security) (deflated 5%) adding: dlls/unrcoina.dll (164 bytes security) (deflated 5%) adding: dlls/wbnsflte.dll (164 bytes security) (deflated 4%) adding: backregs/70233AE0-CD94-4D6C-B1B2-913D8A3BF8F0.reg (212 bytes security) (deflated 70%) adding: backregs/A42B7BE4-4C9A-4E5D-8F6B-362DC6FE5D08.reg (212 bytes security) (deflated 69%) adding: backregs/notibac.reg (164 bytes security) (deflated 87%) adding: backregs/shell.reg (164 bytes security) (deflated 74%)
-
merci beaucoup voici mon report.txt L2MFIX find log 010406 These are the registry keys present ********************************************************************************** Winlogon/notify: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "Logoff"="ChainWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Logoff"="CryptnetWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] "DLLName"="cscdll.dll" "Logon"="WinlogonLogonEvent" "Logoff"="WinlogonLogoffEvent" "ScreenSaver"="WinlogonScreenSaverEvent" "Startup"="WinlogonStartupEvent" "Shutdown"="WinlogonShutdownEvent" "StartShell"="WinlogonStartShellEvent" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DLLName"="wlnotify.dll" "Logon"="SCardStartCertProp" "Logoff"="SCardStopCertProp" "Lock"="SCardSuspendCertProp" "Unlock"="SCardResumeCertProp" "Enabled"=dword:00000001 "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "StartShell"="SchedStartShell" "Logoff"="SchedEventLogOff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] "Logoff"="WLEventLogoff" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DLLName"="WlNotify.dll" "Lock"="SensLockEvent" "Logon"="SensLogonEvent" "Logoff"="SensLogoffEvent" "Safe"=dword:00000001 "MaxWait"=dword:00000258 "StartScreenSaver"="SensStartScreenSaverEvent" "StopScreenSaver"="SensStopScreenSaverEvent" "Startup"="SensStartupEvent" "Shutdown"="SensShutdownEvent" "StartShell"="SensStartShellEvent" "PostShell"="SensPostShellEvent" "Disconnect"="SensDisconnectEvent" "Reconnect"="SensReconnectEvent" "Unlock"="SensUnlockEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Syncmgr] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\n2l8lc3u1f.dll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "Logoff"="TSEventLogoff" "Logon"="TSEventLogon" "PostShell"="TSEventPostShell" "Shutdown"="TSEventShutdown" "StartShell"="TSEventStartShell" "Startup"="TSEventStartup" "MaxWait"=dword:00000258 "Reconnect"="TSEventReconnect" "Disconnect"="TSEventDisconnect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DLLName"="wlnotify.dll" "Logon"="RegisterTicketExpiredNotificationEvent" "Logoff"="UnregisterTicketExpiredNotificationEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 ********************************************************************************** useragent: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] "{23B73F1D-542F-F3D7-3912-FDB2378522E5}"="" ********************************************************************************** Shell Extension key: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia" "{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM" "{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS" "{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile" "{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage" "{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension" "{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration" "{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage ?cran du Panneau de configuration" "{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration" "{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS" "{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚" "{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement" "{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette" "{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows" "{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM" "{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM" "{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers" "{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web" "{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI" "{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage" "{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents" "{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal" "{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts" "{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC" "{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes" "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage" "{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension" "{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO" "{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign" "{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau" "{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau" "{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo" "{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo" "{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo" "{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo" "{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo" "{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension" "{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Extension feuille de propri‚t‚ de mise … jour automatique" "{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interpr‚teur de commandes pour l'environnement d'ex‚cution de scripts Windows" "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft" "{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler" "{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension" "{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es" "{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer" "{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher" "{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support" "{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support" "{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..." "{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet" "{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique" "{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices" "{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration" "{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler" "{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler" "{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler" "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler" "{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler" "{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor" "{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft" "{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="?tat du t‚l‚chargement" "{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu" "{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚" "{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy" "{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft" "{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche" "{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band" "{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche" "{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web" "{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre" "{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse" "{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse" "{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft" "{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor" "{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU" "{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU" "{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible" "{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante" "{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analyseur de la barre d'adresses" "{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft" "{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft" "{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft" "{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes" "{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp" "{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau" "{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite" "{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur" "{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global" "{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band" "{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service" "{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer" "{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture" "{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut" "{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service" "{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique" "{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook" "{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4" "{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook" "{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC" "{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC" "{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet" "{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space" "{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band" "{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache" "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck" "{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr" "{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription" "{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler" "{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent" "{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent" "{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent" "{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent" "{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent" "{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler" "{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement" "{0B124F8F-91F0-11D1-B8B5-006008059382}"="?num‚rateur d'applications install‚es" "{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin" "{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs" "{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory" "{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI" "{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)" "{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML" "{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler" "{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web" "{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web" "{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell" "{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport" "{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs" "{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler" "{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target" "{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne" "{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne" "{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object" "{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu" "{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties" "{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview" "{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext" "{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control" "{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control" "{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control" "{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control" "{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control" "{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI" "{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object" "{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find" "{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find" "{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI" "{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs" "{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook" "{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target" "{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties" "{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu" "{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options" "{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion" "{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler" "{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell" "{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%" "{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler" "{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer" "{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..." "{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler" "{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler" "{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler" "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"="Shell Extension for Malware scanning" "{E0D79304-84BE-11CE-9641-444553540000}"="WinZip" "{E0D79305-84BE-11CE-9641-444553540000}"="WinZip" "{E0D79306-84BE-11CE-9641-444553540000}"="WinZip" "{E0D79307-84BE-11CE-9641-444553540000}"="WinZip" "{A42B7BE4-4C9A-4E5D-8F6B-362DC6FE5D08}"="" "{70233AE0-CD94-4D6C-B1B2-913D8A3BF8F0}"="" "{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Dossiers Web" "{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler" ********************************************************************************** HKEY ROOT CLASSIDS: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A42B7BE4-4C9A-4E5D-8F6B-362DC6FE5D08}] @="" "IDEx"="ADDR" [HKEY_CLASSES_ROOT\CLSID\{A42B7BE4-4C9A-4E5D-8F6B-362DC6FE5D08}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A42B7BE4-4C9A-4E5D-8F6B-362DC6FE5D08}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A42B7BE4-4C9A-4E5D-8F6B-362DC6FE5D08}\InprocServer32] @="C:\\WINDOWS\\system32\\kudcz1.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{70233AE0-CD94-4D6C-B1B2-913D8A3BF8F0}] @="" [HKEY_CLASSES_ROOT\CLSID\{70233AE0-CD94-4D6C-B1B2-913D8A3BF8F0}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{70233AE0-CD94-4D6C-B1B2-913D8A3BF8F0}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{70233AE0-CD94-4D6C-B1B2-913D8A3BF8F0}\InprocServer32] @="C:\\WINDOWS\\system32\\DQTCR.DLL" "ThreadingModel"="Apartment" ********************************************************************************** Files Found are not all bad files: C:\WINDOWS\SYSTEM32\ azaml5~1.dll Wed 22 Feb 2006 22:23:32 ..S.R 236 049 230,52 K dgnlobby.dll Sun 26 Feb 2006 20:25:20 ..S.R 234 621 229,12 K dn2q01~1.dll Sun 19 Feb 2006 12:18:58 ..S.R 235 488 229,97 K dn4u01~1.dll Tue 28 Feb 2006 10:56:18 ..S.R 233 718 228,24 K dnnq01~1.dll Fri 24 Feb 2006 23:09:12 ..S.R 235 573 230,05 K dqtcr.dll Tue 28 Feb 2006 10:56:18 ..S.R 236 595 231,05 K ecent97.dll Sun 19 Feb 2006 21:38:28 ..S.R 234 967 229,46 K g6jolg~1.dll Mon 20 Feb 2006 0:02:28 ..S.R 234 967 229,46 K gplol3~1.dll Sat 25 Feb 2006 22:47:22 ..S.R 233 539 228,06 K irl0l5~1.dll Sun 19 Feb 2006 18:32:16 ..S.R 234 967 229,46 K j06mla~1.dll Wed 22 Feb 2006 15:20:04 ..S.R 236 646 231,10 K mfjtes40.dll Tue 28 Feb 2006 8:29:30 ..S.R 236 595 231,05 K movbvm60.dll Wed 22 Feb 2006 10:07:42 ..S.R 236 049 230,52 K n2l8lc~1.dll Tue 28 Feb 2006 9:55:40 ..S.R 236 595 231,05 K naevtmsg.dll Tue 28 Feb 2006 9:50:40 ..S.R 236 595 231,05 K nicfg.dll Sat 18 Feb 2006 13:00:36 ..S.R 233 938 228,45 K nsobjapi.dll Fri 24 Feb 2006 8:03:52 ..S.R 234 220 228,73 K o6rolg~1.dll Sun 19 Feb 2006 12:34:20 ..S.R 236 363 230,82 K q8nuli~1.dll Mon 20 Feb 2006 12:12:40 ..S.R 236 224 230,69 K sdnsapi.dll Sun 26 Feb 2006 8:24:38 ..S.R 234 621 229,12 K sqssetup.dll Wed 22 Feb 2006 8:34:46 ..S.R 236 049 230,52 K szlsrv32.dll Thu 23 Feb 2006 9:04:04 ..S.R 236 049 230,52 K t88u0i~1.dll Sun 19 Feb 2006 21:05:46 ..S.R 234 967 229,46 K unrcoina.dll Mon 27 Feb 2006 8:52:46 ..S.R 236 595 231,05 K w95inf16.dll Fri 17 Feb 2006 9:28:38 A.... 2 272 2,22 K w95inf32.dll Fri 17 Feb 2006 9:28:38 A.... 4 608 4,50 K wbnsflte.dll Mon 27 Feb 2006 21:53:58 ..S.R 233 852 228,37 K winnb57.dll Sat 18 Feb 2006 10:38:30 A.... 303 104 296,00 K winsflt.dll Sun 19 Feb 2006 12:16:34 A.... 1 183 744 1,13 M 29 items found: 29 files (25 H/S), 0 directories. Total of file sizes: 7 379 570 bytes 7,04 M Locate .tmp files: No matches found. ********************************************************************************** Directory Listing of system files: Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 6440-3BC7 R‚pertoire de C:\WINDOWS\System32 28/02/2006 10:56 236ÿ595 DQTCR.DLL 28/02/2006 10:56 233ÿ718 dn4u01h9e.dll 28/02/2006 09:55 236ÿ595 n2l8lc3u1f.dll 28/02/2006 09:50 236ÿ595 naevtmsg.dll 28/02/2006 08:29 236ÿ595 mfjtes40.dll 27/02/2006 21:53 233ÿ852 wbnsflte.dll 27/02/2006 08:52 236ÿ595 unrcoina.dll 26/02/2006 20:25 234ÿ621 dgnlobby.dll 26/02/2006 08:24 234ÿ621 sdnsapi.dll 25/02/2006 22:47 233ÿ539 gplol3331.dll 24/02/2006 23:09 235ÿ573 dnnq0155e.dll 24/02/2006 08:03 234ÿ220 nsobjapi.dll 23/02/2006 09:04 236ÿ049 SZLSRV32.dll 22/02/2006 22:23 236ÿ049 azaml5h11.dll 22/02/2006 15:20 236ÿ646 j06mlaj11do.dll 22/02/2006 10:07 236ÿ049 movbvm60.dll 22/02/2006 08:34 236ÿ049 sqssetup.dll 20/02/2006 12:12 236ÿ224 q8nuli5918.dll 20/02/2006 00:02 234ÿ967 g6jolg1316.dll 19/02/2006 21:38 234ÿ967 ecent97.dll 19/02/2006 21:05 234ÿ967 t88u0il9e8q.dll 19/02/2006 18:48 <REP> dllcache 19/02/2006 18:32 234ÿ967 irl0l53m1.dll 19/02/2006 12:34 236ÿ363 o6rolg9316.dll 19/02/2006 12:18 235ÿ488 dn2q01f5e.dll 18/02/2006 13:00 233ÿ938 nicfg.dll 13/02/2006 16:33 <REP> Microsoft 25 fichier(s) 5ÿ885ÿ842 octets 2 R‚p(s) 32ÿ007ÿ266ÿ304 octets libres
-
Bonjour et merci d'avance de votre aide! Voilà depuis quelques temps j'ai pleins de problèmes avec mon ordinateur... je ne m'y connais pas hyper bien en informatique mais j'apprends vite. je suis tombée sur ce forum par hasard et j'ai suivi toute la procédure indiquée par megataupe (c'est super bien expliqué, j'ai rencontré une difficulté pour la configuration d'antivir qui apparement a changé de "visage") bref voici ci dessous mon rapport, je vous remercie d'avance de votre aide pour que je puisse récuperer un bon outil de travail! Logfile of HijackThis v1.99.1 Scan saved at 11:00:34, on 28/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe C:\Program Files\Pack Securite\Common\FSMA32.EXE C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe C:\Program Files\Pack Securite\Common\FSMB32.EXE C:\Program Files\Pack Securite\Common\FCH32.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\Pack Securite\Common\FAMEH32.EXE C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe C:\Program Files\Pack Securite\Anti-Virus\fsrw.exe C:\Program Files\Pack Securite\FSPC\fspc.exe C:\WINDOWS\Mixer.exe C:\Program Files\Pack Securite\Common\FSM32.EXE C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Microsoft Money\System\mnyexpr.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Zango Toolbar - {EA0D26BD-9029-431A-86E0-83152D67828A} - C:\Program Files\Zango Programs\Zango Toolbar\ZangoTB.dll (file missing) O4 - HKLM\..\Run: [winsysupd] C:\windows\winsysupd9.exe O4 - HKLM\..\Run: [winsysban] C:\windows\winsysban9.exe O4 - HKLM\..\Run: [Windows Logon Application] C:\WINDOWS\System32\logon.exe O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [Application Layer Gateway Service] C:\WINDOWS\System32\algs.exe O4 - HKLM\..\Run: [huX9GtUFQ] C:\WINDOWS\fgsxmr.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Securite\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [MediaGateway] C:\Program Files\MediaGateway\MediaGateway.exe O4 - HKLM\..\Run: [gimmygames] C:\windows\gimmygames9.exe O4 - HKLM\..\Run: [e444] C:\windows\eee2.exe O4 - HKLM\..\Run: [ahkw] C:\windows\eee2.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [kbdcon] C:\WINDOWS\System32\kbdcon.exe O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Pack Securite.lnk = C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Pack Securite\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll O9 - Extra button: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing O15 - Trusted Zone: *.elitemediagroup.net O15 - Trusted Zone: *.media-motor.net O15 - Trusted Zone: *.popuppers.com O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1125 O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} - http://static.zangocash.com/cab/Zango/ie/bridge-c18.cab O16 - DPF: {9AC54695-69A4-46F1-BE10-10C74F9520D5} - http://cabs.elitemediagroup.net/cabs/mediaview.cab O20 - Winlogon Notify: Syncmgr - C:\WINDOWS\system32\n2l8lc3u1f.dll O23 - Service: Pack Securite (BackWeb Plug-in - 361343) - BackWeb Technologies Inc. - C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe O23 - Service: F-Secure HTTP Server (fshttps) - Unknown owner - C:\Program Files\Pack Securite\FSPC\fshttps\fshttps.exe (file missing) O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE merci encore!