la pomme

bonjour Malekal_morte J'ai suivi tes recommandations sauf un point : je ne peux pas désactiver et réactiver la restauration système. ça m'affiche : rstrui.exe composant introuvable cette application n'a pas pu démarrée car framedyn.dll est introuvable. Ensuite je doit cliquer 5 ou6 fois sur OK pour en sortir et aprés la restauration m'indique une erreur 51 J'ai retrouvé le "centre de sécurité", le "nettoyage du bureau". Mais j'ai de nouveau du mal à éteindre le PC il bloque sur enregistrement de vos paramètres. Je n'ai plus accés (en autres peut-être ?) à "services". Je regarde sur le forum si il y a déja une solution . Merci d'avance.

Bonjour Malekal_morte D'abord merci tu temps que tu m'accordes. (mon homme pense qui faudrait mieux attendre pour racheter un PC plus tard). Je crois avoir fais tout ce que tu me demandais (c'est long mais ça "bosse" tout seul !). Je te poste les rapports demandés mais je te précise que je n'ai trouvé aucun fichier bdneykiz* avec l'extention dat ni dossier ou fichier MaillSkinner. ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Wednesday, October 11, 2006 11:24:16 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 11/10/2006 Kaspersky Anti-Virus database records: 217513 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: standard Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ D:\ E:\ F:\ G:\ H:\ I:\ Scan Statistics: Total number of scanned objects: 96817 Number of viruses found: 0 Number of infected objects: 0 / 0 Number of suspicious objects: 0 Duration of the scan process: 01:46:50 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\WDLog-07232006-174512.log Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Olivier\Application Data\ispnews\ispn.ini Object is locked skipped C:\Documents and Settings\Olivier\Application Data\ispnews\ispnc.items Object is locked skipped C:\Documents and Settings\Olivier\Application Data\ispnews\ispnr.items Object is locked skipped C:\Documents and Settings\Olivier\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Olivier\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Olivier\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Olivier\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Olivier\ntuser.dat Object is locked skipped C:\Documents and Settings\Olivier\ntuser.dat.LOG Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\cache.dat Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\chandir.dat Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\chandir.idx Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\chn.dat Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\chn.idx Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\D0000000.FCS Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\inuse.txt Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\L0000015.FCS Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\main.log Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\prs.dat Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\prs.idx Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\prs_die.dat Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\prs_die.idx Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\prs_dnd.dat Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\prs_dnd.idx Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\prs_ext.dat Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\prs_ext.idx Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\prs_rcv.dat Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\prs_rcv.idx Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\storydb.dat Object is locked skipped C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Users\Default\Data\storydb.idx Object is locked skipped C:\Program Files\Securitoo\Av_Fw\Common\admin.pub Object is locked skipped C:\Program Files\Securitoo\Av_Fw\Common\policy.bpf Object is locked skipped C:\Program Files\Securitoo\Av_Fw\Common\policy.ipf Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{6C3FC66C-59A1-4048-B210-77C39B2F9C86}\RP93\change.log Object is locked skipped C:\WINDOWS\$NtUninstallKB828028$\msasn1.dll Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\DEFAULT.LOG Object is locked skipped C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped C:\WINDOWS\system32\config\OSession.evt Object is locked skipped C:\WINDOWS\system32\config\sam Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\security Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\SOFTWARE.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\SYSTEM.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed. --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 21:16:32 11/10/2006 + Scan result: C:\Documents and Settings\Olivier\Mes documents\Olivier téléchargements\Logiciels (setup)\voilafr_toolbarsetup.exe/voilafr_toolbar.dll -> Adware.BHO : Cleaned with backup (quarantined). C:\Documents and Settings\Olivier\Mes documents\Olivier téléchargements\Logiciels (setup)\wanadoo_toolbarsetup.exe/wanadoo_toolbar.dll -> Adware.BHO : Cleaned with backup (quarantined). C:\Documents and Settings\Olivier\Cookies\olivier@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). C:\Documents and Settings\Alexandre\Cookies\alexandre@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\Olivier\Cookies\olivier@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Program Files\AdwareAlert\Quarantine\03-09-2006-15-42-35\10014.qit -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Program Files\AdwareAlert\Quarantine\04-08-2006-11-34-54\10007.qit -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Program Files\AdwareAlert\Quarantine\04-08-2006-11-34-54\10008.qit -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Program Files\AdwareAlert\Quarantine\06-10-2006-19-20-13\10001.qit -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Program Files\AdwareAlert\Quarantine\06-10-2006-19-20-13\10002.qit -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Program Files\AdwareAlert\Quarantine\12-08-2006-11-43-38\10005.qit -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Program Files\AdwareAlert\Quarantine\22-09-2006-22-16-11\10002.qit -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Program Files\AdwareAlert\Quarantine\23-07-2006-22-19-24\10004.qit -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Program Files\AdwareAlert\Quarantine\23-07-2006-22-19-24\10006.qit -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Program Files\AdwareAlert\Quarantine\23-07-2006-22-19-24\10008.qit -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Program Files\AdwareAlert\Quarantine\23-07-2006-22-19-24\10009.qit -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Program Files\AdwareAlert\Quarantine\23-07-2006-22-19-24\10010.qit -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-2075098661-1742969597-1776611950-1006\Dc127\olivier@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\Olivier\Cookies\olivier@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined). C:\Documents and Settings\Olivier\Cookies\olivier@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). C:\Documents and Settings\Olivier\Cookies\olivier@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined). C:\Documents and Settings\Olivier\Cookies\olivier@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined). C:\Documents and Settings\Alexandre\Cookies\alexandre@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined). C:\Documents and Settings\Olivier\Cookies\olivier@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined). C:\Documents and Settings\Alexandre\Cookies\alexandre@ehg-adidas.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). C:\Documents and Settings\Olivier\Cookies\olivier@ehg-francetelecom.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). C:\Documents and Settings\Olivier\Cookies\olivier@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). C:\Documents and Settings\Olivier\Cookies\olivier@overture[1].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined). C:\Documents and Settings\Olivier\Cookies\olivier@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). C:\Documents and Settings\Olivier\Cookies\olivier@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). C:\Program Files\AdwareAlert\Quarantine\03-09-2006-15-42-35\10001.qit -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). C:\Program Files\AdwareAlert\Quarantine\04-08-2006-11-34-54\10000.qit -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). C:\Program Files\AdwareAlert\Quarantine\12-08-2006-11-43-38\10000.qit -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). C:\Documents and Settings\Olivier\Cookies\olivier@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). C:\Documents and Settings\Olivier\Cookies\olivier@weborama[2].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). C:\Documents and Settings\Olivier\Cookies\olivier@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). C:\Program Files\AdwareAlert\Quarantine\03-09-2006-15-42-35\10024.qit -> TrackingCookie.Zedo : Cleaned with backup (quarantined). ::Report end Script clean par Malekal_morte - http://www.malekal.com Microsoft Windows XP [version 5.1.2600] Script execute en mode sans echec *** Suppression de fichiers sur C: *** Suppression des fichiers dans C:\WINDOWS\ C:\WINDOWS\unvise32qt.exe FOUND *** Suppression des fichiers dans C:\WINDOWS\system32 C:\WINDOWS\system32\SpoonUninstall.exe FOUND "C:\WINDOWS\Downloaded Program Files\CONFLICT.1" FOUND C:\WINDOWS\system32\drivers\etc\hosts.msn FOUND "C:\Program Files\Viewpoint\" FOUND *** Suppression des clefs du registre effectuee.. Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CnxDslTaskBar"="\"C:\\Program Files\\ZTE Corporation\\ZXDSL852\\CnxDslTb.exe\" \"ZTE Corporation\\ZXDSL852\"" "Wizard"="" "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup" "FirstSteps"=hex(2):00,00 "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "Microsoft Works Update Detection"="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Works Shared\\WkUFind.exe" "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe" "F-Secure Manager"="\"C:\\Program Files\\Securitoo\\Av_Fw\\Common\\FSM32.EXE\" /splash" "F-Secure TNB"="\"C:\\Program Files\\Securitoo\\Av_Fw\\TNB\\TNBUtil.exe\" /CHECKALL /WAITFORSW" "F-Secure Startup Wizard"="\"C:\\Program Files\\Securitoo\\Av_Fw\\FSGUI\\FSSW.EXE\" /reboot" "News Service"="\"C:\\Program Files\\Securitoo\\Av_Fw\\FSGUI\\ispnews.exe\"" "TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot" "FSASWREG"="\"C:\\Program Files\\Securitoo\\Av_Fw\\Anti-Spyware\\fsaswreg.exe\"" "LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe" "LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe" "bdneykiz"="c:\\windows\\system32\\bdneykiz.exe bdneykiz" "LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS] "Installed"="1" 10/11/06 23:25:11 [info]: BlackLight Engine 1.0.47 initialized 10/11/06 23:25:11 [info]: OS: 5.1 build 2600 (Service Pack 2) 10/11/06 23:25:11 [Note]: 7019 4 10/11/06 23:25:11 [Note]: 7005 0 10/11/06 23:25:17 [Note]: 7006 0 10/11/06 23:25:17 [Note]: 7011 2492 10/11/06 23:25:17 [Note]: 7026 0 10/11/06 23:25:17 [Note]: 7026 0 10/11/06 23:25:30 [Note]: FSRAW library version 1.7.1020 10/11/06 23:38:25 [Note]: 7007 0 Logfile of HijackThis v1.99.1 Scan saved at 23:39:35, on 11/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Documents and Settings\Olivier\Bureau\Sécurité internet\ewido anti-spyware 4.0\guard.exe C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe C:\Program Files\Securitoo\Av_Fw\Anti-Virus\FSGK32.EXE C:\Program Files\Securitoo\Av_Fw\backweb\8520111\program\fsbwsys.exe C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fssm32.exe C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE C:\Program Files\Securitoo\Av_Fw\Common\FSMB32.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Securitoo\Av_Fw\Common\FCH32.EXE C:\Program Files\Securitoo\Av_Fw\Common\FAMEH32.EXE C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsav32.exe C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Securitoo\Av_Fw\FSGUI\fsguiexe.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Program\fspex.exe C:\Program Files\Microsoft Money\System\mnyexpr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\spider.exe C:\Documents and Settings\Olivier\Bureau\Sécurité internet\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://side.search.ke.voila.fr/voilafr/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Toolbar Voila - {4E7BD74F-2B8D-469E-92B9-BC2CF2D5F822} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Toolbar Voila - {4E7BD74F-2B8D-469E-92B9-BC2CF2D5F822} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe" "ZTE Corporation\ZXDSL852" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\Av_Fw\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Securitoo\Av_Fw\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [FSASWREG] "C:\Program Files\Securitoo\Av_Fw\Anti-Spyware\fsaswreg.exe" O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [bdneykiz] c:\windows\system32\bdneykiz.exe bdneykiz O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - Startup: Raccourci vers ZTE.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Rechercher avec Voila - file://C:\Program Files\VOILAFR_TOOLBAR\Cache\SelectedContextSearch.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O15 - Trusted Zone: http://officebeta.iponet.ne O16 - DPF: PackageHtmlCab - http://acces.blonde.com/package/op/PackageHtmlCab.CAB O16 - DPF: {01C17CA5-D863-42ED-B8DD-C3E325A22E4E} (EGDownload Class) - http://www.vizit.us/private/downloadcenter...ownloaderXP.cab O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/28c397344e7aa7...RdxIE601_fr.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...wlscbase969.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1145570520312 O16 - DPF: {981D847D-2C06-4FB7-A09C-4F0A48601B2C} (DiagSetup Class) - http://techcity.aol.fr/download/img/DiagSetup.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A5173EA8-1337-4BAB-A67E-198C9919D9CC} - http://213.11.100.127/websetup/websetup2.cab O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/in...nagerPlugin.CAB O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://www.msnjeux.com/online2/MSN_INTL_FR...outLauncher.cab O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-138F869633F3} (ASPRO Installer Class) - http://acs.pandasoftware.com/activescanpro/as5/asproinst.cab O16 - DPF: {E1AF091A-9F23-4059-89D7-C05EE073285D} (Canal+ Active MSWAY) - http://msn.canalplay.com/cabs/msway44.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{137EDC13-E54B-415A-9938-E5E0C7F1B881}: NameServer = 80.10.246.130 80.10.246.3 O17 - HKLM\System\CS3\Services\Tcpip\..\{137EDC13-E54B-415A-9938-E5E0C7F1B881}: NameServer = 80.10.246.130 80.10.246.3 O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Securitoo Antivirus Firewall (BackWeb Plug-in - 8520111) - Unknown owner - C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Documents and Settings\Olivier\Bureau\Sécurité internet\ewido anti-spyware 4.0\guard.exe O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\Av_Fw\backweb\8520111\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe BON COURAGE POUR LA LECTURE

Bonjour, merci de m'aider. Je poste le rapport que maintenant, j'ai accés à l'ordi que le soir! 10/10/06 23:24:41 [info]: BlackLight Engine 1.0.47 initialized 10/10/06 23:24:41 [info]: OS: 5.1 build 2600 (Service Pack 2) 10/10/06 23:24:42 [Note]: 7019 4 10/10/06 23:24:42 [Note]: 7005 0 10/10/06 23:24:44 [Note]: 7006 0 10/10/06 23:24:44 [Note]: 7011 2360 10/10/06 23:24:44 [Note]: 7026 0 10/10/06 23:24:45 [Note]: 7026 0 10/10/06 23:24:45 [Note]: 7024 3 10/10/06 23:24:45 [info]: Hidden process: C:\windows\system32\bdneykiz.exe 10/10/06 23:24:45 [Note]: FSRAW library version 1.7.1020 10/10/06 23:30:33 [info]: Hidden file: c:\WINDOWS\system32\bdneykiz.dat 10/10/06 23:30:33 [Note]: 10002 1 10/10/06 23:30:34 [info]: Hidden file: C:\windows\system32\bdneykiz.exe 10/10/06 23:30:34 [Note]: 10002 1 10/10/06 23:30:34 [info]: Hidden file: c:\WINDOWS\system32\bdneykiz_nav.dat 10/10/06 23:30:34 [Note]: 10002 1 10/10/06 23:30:34 [info]: Hidden file: c:\WINDOWS\system32\bdneykiz_navps.dat 10/10/06 23:30:34 [Note]: 10002 1 10/10/06 23:30:59 [info]: Hidden file: c:\WINDOWS\Prefetch\BDNEYKIZ.EXE-108BB2D4.pf 10/10/06 23:30:59 [Note]: 10002 1 10/10/06 23:34:18 [Note]: 7007 0

Bonjour à tous Je voudrais de l'aide car mon PC a de gros ratés. Depuis quelques temps, les "composants" windows n'en font qu'a leur tête. j'ai voulu me débrouiller toute seule ( antivirus, antispywares, "réparateurs") en visitant divers forums. Mais là je suis larguée et j'envoie donc mon rapport pour voir si il y a quelque chose à faire. Logfile of HijackThis v1.99.1 Scan saved at 23:34:40, on 09/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe C:\Program Files\Securitoo\Av_Fw\backweb\8520111\program\fsbwsys.exe C:\Program Files\Securitoo\Av_Fw\Anti-Virus\FSGK32.EXE C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fssm32.exe C:\Program Files\Securitoo\Av_Fw\Common\FSMB32.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Securitoo\Av_Fw\Common\FCH32.EXE C:\Program Files\Securitoo\Av_Fw\Common\FAMEH32.EXE C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsav32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe C:\Program Files\Securitoo\Av_Fw\FSGUI\fsguiexe.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Microsoft Money\System\mnyexpr.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Program\fspex.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Olivier\Local Settings\Temp\Répertoire temporaire 1 pour hijackthis[1].zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://side.search.ke.voila.fr/voilafr/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\ProgramFiles\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Toolbar Voila - {4E7BD74F-2B8D-469E-92B9-BC2CF2D5F822} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\ProgramFiles\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiles\google\googletoolbar2.dll O3 - Toolbar: Toolbar Voila - {4E7BD74F-2B8D-469E-92B9-BC2CF2D5F822} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiles\google\googletoolbar2.dll O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe" "ZTECorporation\ZXDSL852" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\WorksShared\WkUFind.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\Av_Fw\TNB\TNBUtil.exe" /CHECKALL/WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Securitoo\Av_Fw\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [FSASWREG] "C:\Program Files\Securitoo\Av_Fw\Anti-Spyware\fsaswreg.exe" O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - Startup: Raccourci vers ZTE.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOLToolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Rechercher avec Voila - file://C:\ProgramFiles\VOILAFR_TOOLBAR\Cache\SelectedContextSearch.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\NetworkDiagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\ProgramFiles\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\ProgramFiles\Messenger\msmsgs.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing)(HKCU) O15 - Trusted Zone: http://officebeta.iponet.ne O16 - DPF: PackageHtmlCab - http://acces.blonde.com/package/op/PackageHtmlCab.CAB O16 - DPF: {01BE5BD7-B2DD-48B3-A759-59265A91E787} -http://akamai.downloadv3.com/binaries/EGDA...ESS_1064_XP.cab O16 - DPF: {01C17CA5-D863-42ED-B8DD-C3E325A22E4E} (EGDownload Class) -http://www.vizit.us/private/downloadcenter...ownloaderXP.cab O16 - DPF: {07C9CFC7-DE33-4A0C-9FFB-CDFBA843B157} - http://akamai.downloadv3.com/binaries/EGDA...ESS_1063_XP.cab O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {0D1011B3-89C8-4F8E-8693-BB970E2E81E0} - http://scripts.downloadv3.com/binaries/EGD...9_ASPIV4_XP.cab O16 - DPF: {0DA910BC-6919-489E-B584-D9A4AAC7B8DE} - http://scripts.downloadv3.com/binaries/EGD...8_ASPIV4_XP.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab O16 - DPF: {2A3DFC59-8A87-49A1-85D1-42903410911F} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1058_XP.cab O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - http://scripts.downloadv3.com/binaries/EGD...ESS_1070_XP.cab O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab O16 - DPF: {54579C3D-A58D-4623-B5B5-465552BDA45B} - http://scripts.downloadv3.com/binaries/EGD...2_ASPIV4_XP.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software- dl.real.com/28c397344e7aa7f8aa05/netzip/RdxIE601_fr.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...wlscbase969.cab O16 - DPF: {624321F1-0581-49D8-99BD-2E952C2DF31B} - http://akamai.downloadv3.com/binaries/EGDA...3_ASPIV4_XP.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1145570520312 O16 - DPF: {7504F0D5-644A-4103-9D02-95488B6CB9A1} - http://scripts.downloadv3.com/binaries/EGD...3_ASPIV4_XP.cab O16 - DPF: {87C1805D-C5AE-4455-AB39-E245BB516136} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1059_XP.cab O16 - DPF: {8D8BAF56-B581-4B90-A549-C4AC6B03F1BB} - http://scripts.downloadv3.com/binaries/EGD...ESS_1074_XP.cab O16 - DPF: {95460ABD-946A-46FF-9F56-268718323EEE} - http://scripts.downloadv3.com/binaries/EGD...ESS_1068_XP.cab O16 - DPF: {981D847D-2C06-4FB7-A09C-4F0A48601B2C} (DiagSetup Class) - http://techcity.aol.fr/download/img/DiagSetup.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A5173EA8-1337-4BAB-A67E-198C9919D9CC} - http://213.11.100.127/websetup/websetup2.cab O16 - DPF: {AF7410C1-FBA3-415E-800A-4110CED40536} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1060_XP.cab O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab O16 - DPF: {BA749BC1-143E-430D-B1DA-1D2AF67A3658} - http://scripts.downloadv3.com/binaries/EGD...ESS_1069_XP.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {C2481ED1-9896-4D49-AE90-69858DFDE446} - http://scripts.downloadv3.com/binaries/EGD...ESS_1073_XP.cab O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/in...nagerPlugin.CAB O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://www.msnjeux.com/online2/MSN_INTL_FR...outLauncher.cab O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-138F869633F3} (ASPRO Installer Class) - http://acs.pandasoftware.com/activescanpro/as5/asproinst.cab O16 - DPF: {E1AF091A-9F23-4059-89D7-C05EE073285D} (Canal+ Active MSWAY) - http://msn.canalplay.com/cabs/msway44.cab O16 - DPF: {E7AE1661-EBEB-492B-AE0D-860DF24174C6} - http://akamai.downloadv3.com/binaries/EGDA...4_ASPIV4_XP.cab O16 - DPF: {EC4AFBF3-4540-4306-AF10-4CAC509EA16B} - http://scripts.downloadv3.com/binaries/EGD...4_ASPIV4_XP.cab O16 - DPF: {EF4DCD99-D26B-44A4-BA77-CFDCC97E7291} - http://akamai.downloadv3.com/binaries/EGDA...ESS_1062_XP.cab O16 - DPF: {EFB23983-5803-4914-ADA3-C0EA2CFBDC37} - http://scripts.downloadv3.com/binaries/EGD...ESS_1072_XP.cab O16 - DPF: {FA605711-8E72-46B2-AE49-BED11B2E729D} - http://akamai.downloadv3.com/binaries/EGDA...3_ASPIV4_XP.cab O16 - DPF: {FA83E942-B796-46DE-9155-1632ECC5473B} - http://akamai.downloadv3.com/binaries/EGDA...ESS_1061_XP.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{137EDC13-E54B-415A-9938-E5E0C7F1B881}: NameServer =80.10.246.1 80.10.246.132 O17 - HKLM\System\CS3\Services\Tcpip\..\{137EDC13-E54B-415A-9938-E5E0C7F1B881}: NameServer =80.10.246.1 80.10.246.132 O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichierscommuns\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Securitoo Antivirus Firewall (BackWeb Plug-in - 8520111) - Unknown owner - C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\Av_Fw\backweb\8520111\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\ProgramFiles\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\ProgramFiles\Securitoo\Av_Fw\Common\FSMA32.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe