Log HiJack
Nicolas
-
balltrap34 Messages postés 16241 Statut Contributeur sécurité -
balltrap34 Messages postés 16241 Statut Contributeur sécurité -
Bonjour à tous,
un petit coup de main avec ce log HiJackThis ne serait pas de trop,
Logfile of HijackThis v1.98.2
Scan saved at 13:53:19, on 22/10/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2614.3500)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\TREND MICRO\OFFICESCAN CLIENT\PCCWIN97.EXE
C:\PROGRAM FILES\ULTRAVNC\WINVNC.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\TREND MICRO\OFFICESCAN CLIENT\OFCDOG.EXE
C:\PROGRAM FILES\TREND MICRO\OFFICESCAN CLIENT\POP3TRAP.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\STARTER.EXE
C:\WINDOWS\SYSTEM\WINDOWS\SERVICES.EXE
C:\WINDOWS\TEMP\CJHMD.EXE
C:\WINDOWS\SYSTEM\JGSSTOR.EXE
C:\WINDOWS\TEMP\VOI.EXE
C:\WINDOWS\TEMP\SBUHKZXM.EXE
C:\PROGRAM FILES\INTERNET OPTIMIZER\OPTIMIZE.EXE
C:\WINDOWS\TEMP\YI7JLMW.EXE
C:\WINDOWS\TEMP\ZEZ.EXE
C:\PROGRAM FILES\COMMON FILES\SEARCHUPGRADER\SEARCHUPGRADER.EXE
C:\WINDOWS\OLECOM32.EXE
C:\WINDOWS\SYSTEM\JSCETOBJ.EXE
C:\PROGRAM FILES\ULEAD SYSTEMS\ULEAD PHOTOIMPACT 4.2\ABMTSR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\AUTOUPDATE\AUTOUPDATE.EXE
C:\WINDOWS\SYSTEM\WINOA386.MOD
C:\WINDOWS\TEMP\SIDEFIND.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\BUREAU\HIJACKTHIS.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer,Search = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKLM\Software\Microsoft\Internet Explorer,Search = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
O2 - BHO: (no name) - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - (no file)
O2 - BHO: (no name) - {D59E3C21-233B-11D9-9307-005056A888B9} - C:\WINDOWS\SYSTEM\HOGN.DLL
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\PROGRAM FILES\SIDEFIND\SFBHO.DLL (file missing)
O2 - BHO: BHO Class - {CBEFB350-ED5B-4115-B846-C1041676B377} - C:\WINDOWS\SYSTEM\CUSTOMIE.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.ExE
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [USSShReg] C:\PROGRA~1\ULEADS~1\ULEADP~1.2\SSAVER\USSSHREG.EXE /r
O4 - HKLM\..\Run: [OfficeScan95] "C:\PROGRAM FILES\TREND MICRO\OFFICESCAN CLIENT\pccwin97.exe" -HideWindow
O4 - HKLM\..\Run: [Windows] C:\WINDOWS\SYSTEM\windows\services.exe
O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe
O4 - HKLM\..\Run: [Windows Explorer] C:\WINDOWS\olecom32.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [OfficeScan95] "C:\PROGRAM FILES\TREND MICRO\OFFICESCAN CLIENT\pccwin97.exe"
O4 - HKLM\..\RunServices: [WinVNC] "C:\PROGRAM FILES\ULTRAVNC\WINVNC.EXE" -service
O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1014.dll,InstantAccess
O4 - HKCU\..\Run: [Z3rtRWc7g] JSCETOBJ.EXE
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\PROGRAM FILES\SIDEFIND\SIDEFIND.DLL
O13 - www. Prefix: http://ehttp.cc/?
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O16 - DPF: {00000000-8c7d-4ea8-b113-9163c935d38e} -
O16 - DPF: {00000000-d9e3-4bc6-a0bd-3d0ca4be5271} -
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) - http://s59-002/officescan/console/html/AtxEnc.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) - http://s59-002/officescan/console/ClientInstall/RemoveCtrl.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupINICtrl Class) - http://s59-002/officescan/console/ClientInstall/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - http://s59-002/officescan/console/ClientInstall/setup.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = saab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 172.20.59.2,194.2.0.20
O18 - Filter: text/html - {9403AE40-1E26-11D9-9307-0050D134B258} - C:\WINDOWS\SYSTEM\HOGN.DLL
O18 - Filter: text/plain - {9403AE40-1E26-11D9-9307-0050D134B258} - C:\WINDOWS\SYSTEM\HOGN.DLL
Merci,
Nicolas
un petit coup de main avec ce log HiJackThis ne serait pas de trop,
Logfile of HijackThis v1.98.2
Scan saved at 13:53:19, on 22/10/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2614.3500)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\TREND MICRO\OFFICESCAN CLIENT\PCCWIN97.EXE
C:\PROGRAM FILES\ULTRAVNC\WINVNC.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\TREND MICRO\OFFICESCAN CLIENT\OFCDOG.EXE
C:\PROGRAM FILES\TREND MICRO\OFFICESCAN CLIENT\POP3TRAP.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\STARTER.EXE
C:\WINDOWS\SYSTEM\WINDOWS\SERVICES.EXE
C:\WINDOWS\TEMP\CJHMD.EXE
C:\WINDOWS\SYSTEM\JGSSTOR.EXE
C:\WINDOWS\TEMP\VOI.EXE
C:\WINDOWS\TEMP\SBUHKZXM.EXE
C:\PROGRAM FILES\INTERNET OPTIMIZER\OPTIMIZE.EXE
C:\WINDOWS\TEMP\YI7JLMW.EXE
C:\WINDOWS\TEMP\ZEZ.EXE
C:\PROGRAM FILES\COMMON FILES\SEARCHUPGRADER\SEARCHUPGRADER.EXE
C:\WINDOWS\OLECOM32.EXE
C:\WINDOWS\SYSTEM\JSCETOBJ.EXE
C:\PROGRAM FILES\ULEAD SYSTEMS\ULEAD PHOTOIMPACT 4.2\ABMTSR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\AUTOUPDATE\AUTOUPDATE.EXE
C:\WINDOWS\SYSTEM\WINOA386.MOD
C:\WINDOWS\TEMP\SIDEFIND.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\BUREAU\HIJACKTHIS.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer,Search = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKLM\Software\Microsoft\Internet Explorer,Search = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
O2 - BHO: (no name) - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - (no file)
O2 - BHO: (no name) - {D59E3C21-233B-11D9-9307-005056A888B9} - C:\WINDOWS\SYSTEM\HOGN.DLL
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\PROGRAM FILES\SIDEFIND\SFBHO.DLL (file missing)
O2 - BHO: BHO Class - {CBEFB350-ED5B-4115-B846-C1041676B377} - C:\WINDOWS\SYSTEM\CUSTOMIE.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.ExE
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [USSShReg] C:\PROGRA~1\ULEADS~1\ULEADP~1.2\SSAVER\USSSHREG.EXE /r
O4 - HKLM\..\Run: [OfficeScan95] "C:\PROGRAM FILES\TREND MICRO\OFFICESCAN CLIENT\pccwin97.exe" -HideWindow
O4 - HKLM\..\Run: [Windows] C:\WINDOWS\SYSTEM\windows\services.exe
O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe
O4 - HKLM\..\Run: [Windows Explorer] C:\WINDOWS\olecom32.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [OfficeScan95] "C:\PROGRAM FILES\TREND MICRO\OFFICESCAN CLIENT\pccwin97.exe"
O4 - HKLM\..\RunServices: [WinVNC] "C:\PROGRAM FILES\ULTRAVNC\WINVNC.EXE" -service
O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1014.dll,InstantAccess
O4 - HKCU\..\Run: [Z3rtRWc7g] JSCETOBJ.EXE
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\PROGRAM FILES\SIDEFIND\SIDEFIND.DLL
O13 - www. Prefix: http://ehttp.cc/?
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O16 - DPF: {00000000-8c7d-4ea8-b113-9163c935d38e} -
O16 - DPF: {00000000-d9e3-4bc6-a0bd-3d0ca4be5271} -
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) - http://s59-002/officescan/console/html/AtxEnc.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) - http://s59-002/officescan/console/ClientInstall/RemoveCtrl.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupINICtrl Class) - http://s59-002/officescan/console/ClientInstall/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - http://s59-002/officescan/console/ClientInstall/setup.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = saab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 172.20.59.2,194.2.0.20
O18 - Filter: text/html - {9403AE40-1E26-11D9-9307-0050D134B258} - C:\WINDOWS\SYSTEM\HOGN.DLL
O18 - Filter: text/plain - {9403AE40-1E26-11D9-9307-0050D134B258} - C:\WINDOWS\SYSTEM\HOGN.DLL
Merci,
Nicolas
A voir également:
- Log HiJack
- Hijack this - Télécharger - Antivirus & Antimalwares
- Vpn no log - Guide
- View rescue log traduction - Guide
- Log crash windows - Guide
- 0.log miui - Forum Logiciels
2 réponses
R1 - HKCU\Software\Microsoft\Internet Explorer,Search = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKLM\Software\Microsoft\Internet Explorer,Search = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
O2 - BHO: (no name) - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - (no file)
O13 - www. Prefix: http://ehttp.cc/?
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) - http://s59-002/officescan/console/html/AtxEnc.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) - http://s59-002/officescan/console/ClientInstall/RemoveCtrl.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupINICtrl Class) - http://s59-002/officescan/console/ClientInstall/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - http://s59-002/officescan/console/ClientInstall/setup.cab
Salut
fixes ca......
R1 - HKLM\Software\Microsoft\Internet Explorer,Search = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
O2 - BHO: (no name) - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - (no file)
O13 - www. Prefix: http://ehttp.cc/?
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) - http://s59-002/officescan/console/html/AtxEnc.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) - http://s59-002/officescan/console/ClientInstall/RemoveCtrl.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupINICtrl Class) - http://s59-002/officescan/console/ClientInstall/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - http://s59-002/officescan/console/ClientInstall/setup.cab
Salut
fixes ca......
salut
telecharge ces 2 log et garde les en attente
spyboot
adaware
(ici) http://pageperso.aol.fr/balltrap34/page%20virus.htm
rajoute ceci
O2 - BHO: (no name) - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - (no file)
O2 - BHO: (no name) - {D59E3C21-233B-11D9-9307-005056A888B9} - C:\WINDOWS\SYSTEM\HOGN.DLL
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\PROGRAM FILES\SIDEFIND\SFBHO.DLL (file missing)
O2 - BHO: BHO Class - {CBEFB350-ED5B-4115-B846-C1041676B377} - C:\WINDOWS\SYSTEM\CUSTOMIE.DLL
O4 - HKLM\..\Run: [Windows] C:\WINDOWS\SYSTEM\windows\services.exe
O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe
O4 - HKLM\..\Run: [Windows Explorer] C:\WINDOWS\olecom32.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1014.dll,InstantAccess
O4 - HKCU\..\Run: [Z3rtRWc7g] JSCETOBJ.EXE
O13 - www. Prefix: http://ehttp.cc/?
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O16 - DPF: {00000000-8c7d-4ea8-b113-9163c935d38e} -
O16 - DPF: {00000000-d9e3-4bc6-a0bd-3d0ca4be5271} -
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) - http://s59-002/officescan/console/html/AtxEnc.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) - http://s59-002/officescan/console/ClientInstall/RemoveCtrl.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupINICtrl Class) - http://s59-002/officescan/console/ClientInstall/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - http://s59-002/officescan/console/ClientInstall/setup.cab
O18 - Filter: text/html - {9403AE40-1E26-11D9-9307-0050D134B258} - C:\WINDOWS\SYSTEM\HOGN.DLL
O18 - Filter: text/plain - {9403AE40-1E26-11D9-9307-0050D134B258} - C:\WINDOWS\SYSTEM\HOGN.DLL
relance hj coche et fix ces lignes en dessus
ensuite redemarre en mode sans echec recherche et suppr ceci
C:\WINDOWS\SYSTEM\HOGN.DLL <---le fichier
JSCETOBJ.EXE
C:\WINDOWS\olecom32.exe <--le fichier
c:\program files\180solutions<---le dossier
utilise les 2 log du debut et vire tous se qu il trouvent
refait un hj pour voir
la chasse et le balltrap ma vrai passion
voir site perso dans profil
telecharge ces 2 log et garde les en attente
spyboot
adaware
(ici) http://pageperso.aol.fr/balltrap34/page%20virus.htm
rajoute ceci
O2 - BHO: (no name) - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - (no file)
O2 - BHO: (no name) - {D59E3C21-233B-11D9-9307-005056A888B9} - C:\WINDOWS\SYSTEM\HOGN.DLL
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\PROGRAM FILES\SIDEFIND\SFBHO.DLL (file missing)
O2 - BHO: BHO Class - {CBEFB350-ED5B-4115-B846-C1041676B377} - C:\WINDOWS\SYSTEM\CUSTOMIE.DLL
O4 - HKLM\..\Run: [Windows] C:\WINDOWS\SYSTEM\windows\services.exe
O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe
O4 - HKLM\..\Run: [Windows Explorer] C:\WINDOWS\olecom32.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1014.dll,InstantAccess
O4 - HKCU\..\Run: [Z3rtRWc7g] JSCETOBJ.EXE
O13 - www. Prefix: http://ehttp.cc/?
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O16 - DPF: {00000000-8c7d-4ea8-b113-9163c935d38e} -
O16 - DPF: {00000000-d9e3-4bc6-a0bd-3d0ca4be5271} -
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) - http://s59-002/officescan/console/html/AtxEnc.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) - http://s59-002/officescan/console/ClientInstall/RemoveCtrl.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupINICtrl Class) - http://s59-002/officescan/console/ClientInstall/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - http://s59-002/officescan/console/ClientInstall/setup.cab
O18 - Filter: text/html - {9403AE40-1E26-11D9-9307-0050D134B258} - C:\WINDOWS\SYSTEM\HOGN.DLL
O18 - Filter: text/plain - {9403AE40-1E26-11D9-9307-0050D134B258} - C:\WINDOWS\SYSTEM\HOGN.DLL
relance hj coche et fix ces lignes en dessus
ensuite redemarre en mode sans echec recherche et suppr ceci
C:\WINDOWS\SYSTEM\HOGN.DLL <---le fichier
JSCETOBJ.EXE
C:\WINDOWS\olecom32.exe <--le fichier
c:\program files\180solutions<---le dossier
utilise les 2 log du debut et vire tous se qu il trouvent
refait un hj pour voir
la chasse et le balltrap ma vrai passion
voir site perso dans profil
