FENETRES PUBLICITAIRES EN PAGAILLE ! !

OHNON -  
 OHNON -
Bonjour,

Comme beaucoup d'entre nous, je suis victime de fenêtres publicitaires qui s'ouvrent sans cesse.
Une vraie galère ! !
J'utilisais auparavant IE7 et rencontrais déjà ce problème : sur conseil, je suis donc passé il y a quelques semaines sur Mozilla Firefox mais le problème persiste, même si au début de l'utilisation il y a eu un gros "mieux". Je fais un retour à la case départ !
Est-ce que je dois mieux paramètrer Firefox (je n'ai pas touché aux paramètres) ?
Y a-t-il d'autres solutions ?

Merci par avance de votre aide parce que là je craque complètement !

Bien à vous,

MR
Configuration: Firefox 3.0

32 réponses

  • 1
  • 2
Résumé de la discussion

Des fenêtres publicitaires persistent sur Firefox 3.0 après un passage d'IE7, et l'utilisateur demande s'un meilleur réglage de Firefox ou d'autres solutions pour résoudre ce problème. La meilleure réponse présente le rapport Deckard's System Scanner et le log HijackThis, révélant des points de restauration, de multiples éléments potentiellement indésirables et publicitaires, ainsi qu'un disque système C avec 6,45 Go libres. Le contenu montre des composants et services liés à Pack Securite/backweb et des extensions ou BHO potentiellement indésirables, suggérant une infection et la nécessité d'un nettoyage approfondi du système. D'autre part, la présence de nombreuses applications d'administration système et de sécurité peut compliquer le diagnostic et nécessite une éradication ciblée des éléments indésirables pour retrouver un fonctionnement normal.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Utilisateur anonyme
     
    Salut ,

    → Télécharge TrendMicro™ HijackThis™

    → Enregistre HJTInstall.exe sur ton bureau.

    → Double-clique sur HJTInstall.exe pour lancer le programme

    (!) Par défaut, il s'installera là :
    C:\Program Files\Trend Micro\HijackThis

    → Accepte la license en cliquant sur le bouton "I Accept"

    Ferme Hijackthis en cliquant sur la croix-rouge.

    → Télécharge sur ton bureau DSS (ex Comboscan) de Deckard:

    (choisis enregistrer, puis Bureau comme emplacement)

    Ferme toutes les applications en cours.

    → Double-clic sur DSS.exe pour lancer l'outil.

    → Une fenêtre s'ouvre, invitant à fermer toutes les applications, clique sur OK.

    → A la fin de l'analyse, une fenêtre s'ouvre, clique sur OK.

    Le rapport main.txt va s'afficher, copie le dans ta prochaine réponse.
    Si un rapport complémentaire a été créé ( extra.txt ), poste le aussi dans ta réponse.

    Les rapports sont ici :
    (!) C:\Deckard\System Scanner\main.txt
    (!) C:\Deckard\System Scanner\extra.txt

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    a++
    0
    1. OHNON
       
      Salut Cyrildu17,

      Merci de ta réponse.
      Ci-dessous le rapport demandé (du moins je l'epère, je ne suis pas très doué en info...) + LE RAPPORT EXTRA. TXT :

      Deckard's System Scanner v20071014.68
      Run by M@xime on 2008-07-12 11:15:53
      Computer is in Normal Mode.
      --------------------------------------------------------------------------------

      -- System Restore --------------------------------------------------------------

      Successfully created a Deckard's System Scanner Restore Point.


      -- Last 5 Restore Point(s) --
      61: 2008-07-12 09:16:07 UTC - RP737 - Deckard's System Scanner Restore Point
      60: 2008-07-11 11:18:53 UTC - RP736 - Point de vérification système
      59: 2008-07-10 11:08:02 UTC - RP735 - Point de vérification système
      58: 2008-07-09 05:01:53 UTC - RP734 - Software Distribution Service 3.0
      57: 2008-07-08 16:55:26 UTC - RP733 - Point de vérification système


      -- First Restore Point --
      1: 2008-04-13 15:29:20 UTC - RP677 - Point de vérification système


      Backed up registry hives.
      Performed disk cleanup.

      [color=red]System Drive C: has 6.48 GiB (less than 15%) free./color


      -- HijackThis (run as M@xime.exe) ----------------------------------------------

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 11:18:34, on 12/07/2008
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16674)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
      C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
      C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE
      C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
      C:\Program Files\Pack Securite\Common\FSMA32.EXE
      C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe
      C:\Program Files\Pack Securite\Common\FSMB32.EXE
      C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      C:\WINDOWS\system32\HPZipm12.exe
      C:\Program Files\Pack Securite\Common\FCH32.EXE
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Pack Securite\Common\FAMEH32.EXE
      C:\Program Files\Pack Securite\FSPC\fspc.exe
      C:\Program Files\Pack Securite\Anti-Virus\fsrw.exe
      C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe
      C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
      C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      C:\Program Files\Pack Securite\Common\FSM32.EXE
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\PROGRA~1\PACKSE~1\ANTI-S~1\fsaw.exe
      C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
      C:\Program Files\TomTom HOME 2\HOMERunner.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\Program Files\Pack Securite\FSGUI\fsguidll.exe
      C:\Program Files\Microsoft ActiveSync\wcescomm.exe
      C:\Program Files\HPQ\Shared\hpqwmi.exe
      C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      C:\PROGRA~1\MI3AA1~1\rapimgr.exe
      C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
      C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
      C:\WINDOWS\explorer.exe
      C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
      C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
      C:\Documents and Settings\M@xime\Bureau\dss.exe
      C:\PROGRA~1\TRENDM~1\HIJACK~1\M@xime.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_48.dll_old
      O2 - BHO: Firepad FireConverter - {6427806D-3820-11D5-9939-00B0D0522EB5} - C:\Program Files\Palm\FireConverterBrowserHelperObject.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
      O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
      O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
      O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
      O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash
      O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
      O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Securite\FSGUI\FSSW.EXE" /reboot
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
      O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
      O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s
      O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
      O4 - HKCU\..\Run: [eceqgmq] c:\documents and settings\m@xime\local settings\application data\eceqgmq.exe eceqgmq
      O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Global Startup: Audible Download Manager.lnk = C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
      O4 - Global Startup: Pack Securite.lnk = C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
      O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Pack Securite\Anti-Spyware\blockpopups.htm
      O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
      O8 - Extra context menu item: &Search - ?p=ZNxdm414YYFR
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra button: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
      O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
      O9 - Extra 'Tools' menuitem: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
      O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
      O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
      O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
      O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
      O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
      O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
      O15 - Trusted Zone: *.registration.sonystyle-europe.com (HKLM)
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O18 - Protocol: bw+0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw+0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O18 - Protocol: bwg0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwg0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: offline-8876480 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O20 - AppInit_DLLs: 90.dll
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
      O23 - Service: Pack Securite (BackWeb Plug-in - 361343) - BackWeb Technologies Inc. - C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
      O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
      O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
      O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
      O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Pack Securite\FSPC\fshttps\fshttps.exe
      O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      0
  2. Utilisateur anonyme
     
    Re ,

    **************************************************

    → Télécharge Navilog1

    et enregistre-le sur ton bureau.

    → Ensuite double clique sur navilog1.exe pour lancer l'installation.
    Une fois l'installation terminée, le fix s'exécutera automatiquement.
    (Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

    Laisse-toi guider. Au menu principal, choisis l'option 1

    Pendant le scan ton anti-virus risque de gueuler , ne t'inquiete pas c'est normal ;)

    Patiente jusqu'au message

    *** Analyse Termine le ..... ***

    Puis poste moi le rapport.

    ( rapport situé a la racine du disque -> C:\Fixnavi.txt )
    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    Tutorial :
    http://mickael.barroux.free.fr/securite/navilog.php

    **************************************************

    Ferme Internet Explorer puis fait :
    Démarrer > panneau de configuration > options internet
    Onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés", mais regarde ailleurs :

    _electronic-group
    _egroup
    _Montorgueil
    _VIP
    _Sunny Day Design Ltd
    _OOO-Favorit 


    Tu les supprimes.

    **************************************************

    A++
    0
    1. OHNON
       
      CI DESSOUS LE RAPPORT DEMANDE :
      (je vais de suite faire ta manip dans le panneau de config)



      [b] Nettoyage executé en mode normal sans redémarrage
      !! Les résultats ne seront pas optimisés !! [/b]


      *** fsbl1.txt non trouvé ***
      (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


      *** Suppression avec sauvegardes résultats GenericNaviSearch ***

      * Suppression dans "C:\WINDOWS\System32" *


      * Suppression dans "C:\Documents and Settings\M@xime\locals~1\applic~1" *


      * Suppression dans "C:\DOCUME~1\CHRIST~1\locals~1\applic~1" *


      * Suppression dans "C:\DOCUME~1\Jord@n\locals~1\applic~1" *


      * Suppression dans "C:\DOCUME~1\L@URIE~1\locals~1\applic~1" *



      *** Suppression dossiers dans "C:\WINDOWS" ***


      *** Suppression dossiers dans "C:\Program Files" ***


      *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***


      *** Suppression dossiers dans "c:\docume~1\alluse~1\menudm~1\progra~1" ***


      *** Suppression dossiers dans "C:\Documents and Settings\M@xime\applic~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\CHRIST~1\applic~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\Jord@n\applic~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\L@URIE~1\applic~1" ***


      *** Suppression dossiers dans "C:\Documents and Settings\M@xime\locals~1\applic~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\CHRIST~1\locals~1\applic~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\Jord@n\locals~1\applic~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\L@URIE~1\locals~1\applic~1" ***


      *** Suppression dossiers dans "C:\Documents and Settings\M@xime\menudm~1\progra~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\CHRIST~1\menudm~1\progra~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\Jord@n\menudm~1\progra~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\L@URIE~1\menudm~1\progra~1" ***



      *** Suppression fichiers ***


      *** Suppression fichiers temporaires ***

      Nettoyage contenu C:\WINDOWS\Temp effectué !
      Nettoyage contenu C:\Documents and Settings\M@xime\locals~1\Temp effectué !

      *** Traitement Recherche complémentaire ***
      (Recherche fichiers spécifiques)

      1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

      2)Recherche, création sauvegardes et suppression Heuristique :


      * Dans "C:\WINDOWS\system32" *


      * Dans "C:\Documents and Settings\M@xime\locals~1\applic~1" *


      * Dans "C:\DOCUME~1\CHRIST~1\locals~1\applic~1" *


      * Dans "C:\DOCUME~1\Jord@n\locals~1\applic~1" *


      * Dans "C:\DOCUME~1\L@URIE~1\locals~1\applic~1" *


      *** Sauvegarde du Registre vers dossier Safebackup ***

      sauvegarde du Registre réalisée avec succès !

      *** Nettoyage Registre ***

      Nettoyage Registre Ok


      *** Certificats ***

      Certificat Egroup supprimé !
      Certificat Electronic-Group supprimé !
      Certificat OOO-Favorit supprimé !
      Certificat Sunny-Day-Design-Ltdt absent !

      *** Fichiers suspects non supprimés par Navilog1 ***
      !! Fichiers légitimes possibles, à contrôler avant suppression !!

      Fichiers suspects dans "C:\Documents and Settings\M@xime\locals~1\applic~1" :

      eceqgmq.exe trouvé !

      *** Nettoyage terminé le 12/07/2008 à 11:42:14,12 ***
      0
      1. OHNON > OHNON
         
        je suis allé dans les certificats, j'ai parcouru tous les onglets, je n'ai pas vu les electronic group, egroup et autres....
        C'est normal ?

        Merci cyril
        0
  3. Utilisateur anonyme
     
    Re ,

    1 / Rapport non complet.

    2/ J'ai demandé l'option 1 PAS LA 2.

    Double-clique sur le raccourci Navilog1 présent sur ton bureau .

    Au menu principal, choisis l'option 4 et valide.

    Le fix va te demander de saisir le nom de fichier.

    Copie colle ce qui est en gras ci-dessous puis valide:

    eceqgmq

    Le fix va te demander de le ressaisir, fais-le et valide.

    Le fix va t'informer qu'il va alors redémarrer ton PC
    Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
    Appuie sur une touche comme demandé.
    (si ton Pc ne redémarre pas automatiquement, fais le toi même)
    Au redémarrage de ton PC, choisis ta session habituelle si nécéssaire.
    Patiente jusqu'au message :
    *** Nettoyage Termine le ..... ***

    --> Le blocnote va s'ouvrir.
    Sauvegarde le rapport de manière à le retrouver
    Referme le blocnote. Ton bureau va réapparaitre , dans le cas contraire > CTRL+ALT+SUPPR pour ouvrir le Gestionnaire des tâches.
    Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"

    Tape explorer.exe et valide. Cela fera re-apparaître le Bureau.

    --> Poste le rapport.

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    A++
    0
    1. OHNON
       
      J'ai redémarré mon PC manuellement car il ne l'a pas fait automatiquement. J'ai attendu 5 bonnes minutes mais le message ***Nettoyage terminé le...*** ne s'est pas affiché (je n'ai pas attendu assez longtemps ??) je n'ai donc pas le bloc note que tu me demandes....
      J'ai fait une fausse manip quelque part ???
      0
  4. Utilisateur anonyme
     
    Re ,

    Rapport ici il me semble : C:\fixnavi.txt

    Sinon , tu relances une OPTION 1 avec Navilog et tu me postes le rapport.

    Parce que la avec ce que tu as fait , je ne suis plus.

    A++

    0
    1. OHNON
       
      je n'ai pas trouvé le fichier fixnavi.txt sur C:
      J'ai donc relancé Navilog mais il ne me demande pas de choisir une option : il me réaffiche un rapport après avoir fait un scan il me semble...
      Je t'avais dit que je n'étais pas doué... quelle galère...
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    Re ,
    Poste en entier le rapport que tu as eu stp.

    il me réaffiche un rapport après avoir fait un scan il me semble... 


    a+
    0
    1. OHNON
       
      ok. Merci de ta patience.
      Donc, à l'instant, en relançant navilog, j'ai du rentrer le mot de passe que tu m'a envoyer, le fix a relancer mon PC automatiquement, et à la réouverture, il m'a ouvert le bloc note - C'EST CE QUI N'AVAIT PAS MARCHE TOUT A L'HEURE ! ! Donc on a progressé !
      Je te poste donc le rapport ci dessous :

      Clean Navipromo version 3.6.0 commencé le 12/07/2008 à 14:30:17,40

      Outil exécuté depuis C:\Program Files\navilog1
      Session actuelle : "M@xime"

      Mise à jour le 27.06.2008 à 23h00 par IL-MAFIOSO


      Microsoft Windows XP [version 5.1.2600]
      Internet Explorer : 7.0.5730.11
      Système de fichiers : NTFS


      Mode suppression par méthode manuelle

      Nom du fichier saisi : eceqgmq

      Nettoyage exécuté au redémarrage de l'ordinateur

      *** Recherche, création sauvegardes et suppression ***

      * Suppression dans "C:\WINDOWS\system32" *

      C:\WINDOWS\prefetch\eceqgmq*.pf trouvé !
      Copie C:\WINDOWS\prefetch\eceqgmq*.pf réalisée avec succès !
      C:\WINDOWS\prefetch\eceqgmq*.pf supprimé !

      * Suppression dans "C:\Documents and Settings\M@xime\locals~1\applic~1" *

      eceqgmq.exe trouvé !
      Copie eceqgmq.exe réalisée avec succès !
      eceqgmq.exe supprimé !

      eceqgmq.dat trouvé !
      Copie eceqgmq.dat réalisée avec succès !
      eceqgmq.dat supprimé !

      eceqgmq_nav.dat trouvé !
      Copie eceqgmq_nav.dat réalisée avec succès !
      eceqgmq_nav.dat supprimé !

      eceqgmq_navps.dat trouvé !
      Copie eceqgmq_navps.dat réalisée avec succès !
      eceqgmq_navps.dat supprimé !

      * Suppression dans "C:\DOCUME~1\CHRIST~1\locals~1\applic~1" *

      * Suppression dans "C:\DOCUME~1\Jord@n\locals~1\applic~1" *

      * Suppression dans "C:\DOCUME~1\L@URIE~1\locals~1\applic~1" *


      *** Suppression dossiers dans "C:\WINDOWS" ***


      *** Suppression dossiers dans "C:\Program Files" ***


      *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***


      *** Suppression dossiers dans "c:\docume~1\alluse~1\menudm~1\progra~1" ***


      *** Suppression dossiers dans "C:\Documents and Settings\M@xime\applic~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\CHRIST~1\applic~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\Jord@n\applic~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\L@URIE~1\applic~1" ***


      *** Suppression dossiers dans "C:\Documents and Settings\M@xime\locals~1\applic~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\CHRIST~1\locals~1\applic~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\Jord@n\locals~1\applic~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\L@URIE~1\locals~1\applic~1" ***


      *** Suppression dossiers dans "C:\Documents and Settings\M@xime\menudm~1\progra~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\CHRIST~1\menudm~1\progra~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\Jord@n\menudm~1\progra~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\L@URIE~1\menudm~1\progra~1" ***



      *** Suppression fichiers ***


      *** Suppression fichiers temporaires ***

      Nettoyage contenu C:\WINDOWS\Temp effectué !
      Nettoyage contenu C:\Documents and Settings\M@xime\locals~1\Temp effectué !

      *** Traitement Recherche complémentaire ***
      (Recherche fichiers spécifiques)

      1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

      2)Recherche, création sauvegardes et suppression Heuristique :


      * Dans "C:\WINDOWS\system32" *


      * Dans "C:\Documents and Settings\M@xime\locals~1\applic~1" *


      * Dans "C:\DOCUME~1\CHRIST~1\locals~1\applic~1" *


      * Dans "C:\DOCUME~1\Jord@n\locals~1\applic~1" *


      * Dans "C:\DOCUME~1\L@URIE~1\locals~1\applic~1" *


      *** Sauvegarde du Registre vers dossier Safebackup ***

      sauvegarde du Registre réalisée avec succès !

      *** Nettoyage Registre ***

      Nettoyage Registre Ok


      *** Certificats ***

      Certificat Egroup supprimé !
      Certificat Electronic-Group supprimé !
      Certificat OOO-Favorit supprimé !
      Certificat Sunny-Day-Design-Ltdt absent !

      *** Nettoyage terminé le 12/07/2008 à 14:36:45,67 ***
      0
  7. Utilisateur anonyme
     
    Re ,
    Parfait , on avance , on avance :)

    Clique sur démarrerexécuter ► copie/colle ceci & valide :

    "%userprofile%\bureau\dss.exe" /config

    ► Valide. et clique sur Scan.
    ► Cela va ouvrir le panneau de configuration de DSS
    ► Clique sur Check All puis Scan

    A++
    0
  8. OHNON
     
    Voici le rapport :

    Deckard's System Scanner v20071014.68
    Run by M@xime on 2008-07-12 14:52:08
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- System Restore --------------------------------------------------------------

    -- Last 5 Restore Point(s) --
    61: 2008-07-12 09:16:07 UTC - RP737 - Deckard's System Scanner Restore Point
    60: 2008-07-11 11:18:53 UTC - RP736 - Point de vérification système
    59: 2008-07-10 11:08:02 UTC - RP735 - Point de vérification système
    58: 2008-07-09 05:01:53 UTC - RP734 - Software Distribution Service 3.0
    57: 2008-07-08 16:55:26 UTC - RP733 - Point de vérification système

    -- First Restore Point --
    1: 2008-04-13 15:29:20 UTC - RP677 - Point de vérification système

    Performed disk cleanup.

    [color=red]System Drive C: has 6.45 GiB (less than 15%) free./color

    -- HijackThis (run as M@xime.exe) ----------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:52:23, on 12/07/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
    C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
    C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE
    C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
    C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe
    C:\Program Files\Pack Securite\Common\FSMA32.EXE
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Pack Securite\Common\FSMB32.EXE
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Pack Securite\Common\FCH32.EXE
    C:\Program Files\Pack Securite\Common\FAMEH32.EXE
    C:\Program Files\Pack Securite\Anti-Virus\fsrw.exe
    C:\Program Files\Pack Securite\FSPC\fspc.exe
    C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
    C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\notepad.exe
    C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\Pack Securite\Common\FSM32.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\PROGRA~1\PACKSE~1\ANTI-S~1\fsaw.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\Pack Securite\FSGUI\fsguidll.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\HPQ\Shared\hpqwmi.exe
    C:\PROGRA~1\MI3AA1~1\rapimgr.exe
    C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
    C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
    C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\M@xime\bureau\dss.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\M@xime.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_48.dll_old
    O2 - BHO: Firepad FireConverter - {6427806D-3820-11D5-9939-00B0D0522EB5} - C:\Program Files\Palm\FireConverterBrowserHelperObject.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
    O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Securite\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s
    O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Audible Download Manager.lnk = C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
    O4 - Global Startup: Pack Securite.lnk = C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
    O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Pack Securite\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
    O8 - Extra context menu item: &Search - ?p=ZNxdm414YYFR
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra 'Tools' menuitem: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
    O15 - Trusted Zone: *.registration.sonystyle-europe.com (HKLM)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: bw+0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: 90.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Pack Securite (BackWeb Plug-in - 361343) - BackWeb Technologies Inc. - C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Pack Securite\FSPC\fshttps\fshttps.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    0
  9. Utilisateur anonyme
     
    Re ,

    Va dans le panneau de configuration, Options régionales et linguistiques, onglet "Langues", bouton "Détails", l'onglet "Avancé", cocher la case "Arrêter les services de texte avancés".

    *****************************************************************************


    ● Désactiver le TeaTimer de Spybot S&D :
    ● Lance Spybot S&D:
    ● Dans le menu, clic sur "Mode" > Choisis le Mode avançé
    ● Dans la colonne de gauche clic sur la rubrique [Outils] > Résident
    ● Décoche la case devant Résident "TeaTimer"
    ● Décoche la case devant Résident "SDHelper"
    Avant de se désactiver, une fenêtre du TeaTimer va apparaitre et te demander d'accepter ou de refuser les modifications dans le registre, il faut donc accepter les modifications.
    ● Referme Spybot


    *****************************************************************************


    Hijackthis ce trouve ici : C:\Program Files\Trend Micro\Hijackthis\M@xime.exe

    *****************************************************************************

    → Relance hijackthis , en menu principal choisis ' Do a system scan only' Et fixe ces/cette ligne(s) : ( coche la case à leurs gauches )

    O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_48.dll_old
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
    O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O20 - AppInit_DLLs: 90.dll


    Ferme toutes les fenêtres (hormis Hijackthis), y compris ton navigateur web.

    → clique sur ' fixchecked '


    *****************************************************************************


    /!\ Manip crée spécialement pour cet utilisateur , ne pas reproduire chez soi ... /!\

    1)Télécharge OTMoveIt2 ( de Old Timer )

    2)Une fois téléchargé double-clique sur OTMoveIt2.exe pour le lancer.

    Assure toi que la case Unregister Dll's and Ocx's soit bien cochée

    3)puis copie les lignes en gras qui se trouvent en dessous :



    [kill explorer]
    C:\Program Files\Navilog1
    C:\Program Files\NewDotNet
    C:\WINDOWS\NDNuninstall7_48.exe
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MyWebSearch Email Plugin.lnk
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\MyWebSearch Email Plugin.lnk
    C:\WINDOWS\pss\MyWebSearch Email Plugin.lnk
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^M@xime^Menu Démarrer^Programmes^Démarrage^MyWebSearch Email Plugin.lnk
    C:\Documents and Settings\M@xime\Menu Démarrer\Programmes\Démarrage\MyWebSearch Email Plugin.lnk
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup
    Emptytemp
    [start explorer]


    et colle-les dans le cadre de gauche de OTMoveIt : "Paste List Of Files/Folders to Move."
    clique sur MoveIt! pour lancer la suppression.
    le résultat apparaitra dans le cadre Results.
    clique sur Exit pour fermer.
    4) Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    5) Il te sera peut-être demander de redémarrer le pc pour achever la suppression -> Accepte ( si il ne fait pas automatiquement , fait-le toi même )

    /!\ Note : Au démarrage ton bureau RISQUE de ne plus apparaître , dans ce cas fait --> CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches.
    Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"

    Tape explorer.exe et valide. Cela fera re-apparaître le Bureau.


    *****************************************************************************


    A++
    0
    1. OHNON
       
      bonjour Cyril,

      Non je n'ai pas lâché l'affaire :)) , mais quand j'ai vu les multiples manips demandées dans ton dernier post, j'ai préféré attendre d'être au calme pour m'y coller ! !
      C'est chose faite ce matin, je m'y suis mis !

      J'en suis à l'étape OTMoveIt.

      Par contre j'ai un petit bug :
      J'ai téléchargé OTMoveIt / l'ai ouvert / verifié la case à cocher / fait le copier-coller demandé (de [kill explorer] à [start explorer] INCLUS / et enfin j'ai cliquer sur MoveIt! => et là mon ordi mouline avec le sablier...

      Ci dessous le lien qui te permettra - J'ESPERE - de voir l'image de mon écran

      http://cjoint.com/data/hnj3duC7mJ.htm


      Est-ce normal ? La suppression des fichiers doit prendre combien de temps ? ?

      Merci encore à toi !

      Max
      0
  10. Utilisateur anonyme
     
    Re ,

    Okay pour OtmoveIt ,ferme-le.

    Réésaye avec ce texte :

    [kill explorer]
    C:\Program Files\Navilog1
    C:\Program Files\NewDotNet
    C:\WINDOWS\NDNuninstall7_48.exe
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MyWebSearch Email Plugin.lnk
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\MyWebSearch Email Plugin.lnk
    C:\WINDOWS\pss\MyWebSearch Email Plugin.lnk
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^M@xime^Menu Démarrer^Programmes^Démarrage^MyWebSearch Email Plugin.lnk
    C:\Documents and Settings\M@xime\Menu Démarrer\Programmes\Démarrage\MyWebSearch Email Plugin.lnk
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup
    Emptytemp
    [start explorer]


    Erreur de ma part , excuse-moi. ( j'avais édité , mais tu as été plus rapide )

    A++
    0
  11. OHNON
     
    Salut Cyril,

    Tu es tout excusé car là ça marche beaucoup beaucoup mieux ! :)

    Ci dessous le rapport demandé :

    Explorer killed successfully
    File/Folder C:\Program Files\Navilog1 not found.
    Folder move failed. C:\Program Files\NewDotNet scheduled to be moved on reboot.
    File move failed. C:\WINDOWS\NDNuninstall7_48.exe scheduled to be moved on reboot.
    < HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MyWebSearch Email Plugin.lnk >
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MyWebSearch Email Plugin.lnk\\ not found.
    File/Folder C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\MyWebSearch Email Plugin.lnk not found.
    File/Folder C:\WINDOWS\pss\MyWebSearch Email Plugin.lnk not found.
    < HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^M@xime^Menu Démarrer^Programmes^Démarrage^MyWebSearch Email Plugin.lnk >
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^M@xime^Menu Démarrer^Programmes^Démarrage^MyWebSearch Email Plugin.lnk\\ not found.
    < C:\Documents and Settings\M@xime\Menu Démarrer\Programmes\Démarrage\MyWebSearch Email Plugin.lnk >
    File/Folder C:\Documents and Settings\M@xime\Menu Démarrer\Programmes\Démarrage\MyWebSearch Email Plugin.lnk not found.
    < HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3 >
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3\\ not found.
    < HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar >
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar\\ not found.
    < HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor >
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor\\ not found.
    < HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin >
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin\\ not found.
    < HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup >
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup\\ not found.
    < Emptytemp >
    File delete failed. C:\DOCUME~1\M@xime\LOCALS~1\Temp\WCESLog.log scheduled to be deleted on reboot.
    Temp folders emptied.
    IE temp folders emptied.
    Explorer started successfully

    OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 07132008_110920

    Files moved on Reboot...
    Folder move failed. C:\Program Files\NewDotNet scheduled to be moved on reboot.
    File move failed. C:\WINDOWS\NDNuninstall7_48.exe scheduled to be moved on reboot.
    C:\DOCUME~1\M@xime\LOCALS~1\Temp\WCESLog.log moved successfully.
    0
  12. Utilisateur anonyme
     
    Re ,

    Parfait.

    Clique sur démarrerexécuter ► copie/colle ceci & valide :

    "%userprofile%\bureau\dss.exe" /config

    ► Valide. et clique sur Scan.
    ► Cela va ouvrir le panneau de configuration de DSS
    ► Clique sur Check All puis Scan

    A++
    0
  13. OHNON
     
    ci dessous le rapport :

    Deckard's System Scanner v20071014.68
    Run by M@xime on 2008-07-13 11:25:01
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    [color=red]System Drive C: has 6.82 GiB (less than 15%) free.[/color]

    -- HijackThis (run as M@xime.exe) ----------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:25:13, on 13/07/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
    C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
    C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE
    C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
    C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe
    C:\Program Files\Pack Securite\Common\FSMA32.EXE
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Pack Securite\Common\FSMB32.EXE
    C:\Program Files\Pack Securite\Common\FCH32.EXE
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Pack Securite\Common\FAMEH32.EXE
    C:\Program Files\Pack Securite\FSPC\fspc.exe
    C:\Program Files\Pack Securite\Anti-Virus\fsrw.exe
    C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\notepad.exe
    C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\Pack Securite\Common\FSM32.EXE
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\PROGRA~1\PACKSE~1\ANTI-S~1\fsaw.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\PROGRA~1\MI3AA1~1\rapimgr.exe
    C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
    C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
    C:\Program Files\Pack Securite\FSGUI\fsguidll.exe
    C:\Program Files\HPQ\Shared\hpqwmi.exe
    C:\WINDOWS\system32\LVComsX.exe
    C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\Documents and Settings\M@xime\bureau\dss.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\M@xime.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Firepad FireConverter - {6427806D-3820-11D5-9939-00B0D0522EB5} - C:\Program Files\Palm\FireConverterBrowserHelperObject.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Securite\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s
    O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - Global Startup: Audible Download Manager.lnk = C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
    O4 - Global Startup: Pack Securite.lnk = C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
    O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Pack Securite\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
    O8 - Extra context menu item: &Search - ?p=ZNxdm414YYFR
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra 'Tools' menuitem: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
    O15 - Trusted Zone: *.registration.sonystyle-europe.com (HKLM)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: bw+0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: 90.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Pack Securite (BackWeb Plug-in - 361343) - BackWeb Technologies Inc. - C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Pack Securite\FSPC\fshttps\fshttps.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    0
  14. Utilisateur anonyme
     
    Re ,

    *************************************************************

    /!\ Outils très puissant , ne pas reproduire la manip ci-dessous sur son pc sans y avoir été autorisé par une personne compétente /!\

    _________________________________________________

    1)Désactive ta restauration système
    Clic sur « Démarrer »
    Clic droit sur « Poste de travail », puis sur « Propriétés »,
    Vas sur l’onglet « Restauration système »
    Tu y coches la case « Désactiver la restauration »
    Termine par [Appliquer] [OK]


    _________________________________________________

    2)Télécharge ComboFix ici → http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    Et enregistre le sur le bureau >>> /!\ IMPORTANT /!\

    Regardes ici, si tu souhaites te familiariser avec son utilisation: https://www.google.fr/?gws_rd=ssl

    AVANT d'utiliser ComboFix :
    → Déconnecte ton PC d'Internet et referme les fenêtres de tous les programmes en cours. /!\
    → Désactive provisoirement (et seulement le temps de l'utilisation de ComboFix), la protection en temps réel de ton Antivirus et de tes Antispywares et de TOUT tes logiciels de protection !!!, (activés, ils pourraient gêner fortement la procédure de recherche et de nettoyage de l'outil). /!\

    3)Sur ton bureau double clic sur Combofix.exe.
    Appuies sur la touche 1, pour que le programme commence à s'exécuter et suis les instructions à l'écran.

    /!\ PENDANT TOUTE la durée (ça peut être assez long si le pc est très infecté) du scan de ComboFix, n'ouvres aucun programme, ne touche pas à ta souris et ne surfe pas sur le net /!\

    Soit patient (même si tu penses que le PC est arrêté) ; les temps « d'arrêt apparent » sont parfois de plusieurs minutes (il y a ± 40 étapes d’analyse).

    En cours de nettoyage il est possible, que tu reçoives un avertissement te disant que le pc va redémarrer, laisse le faire.

    Après le redemarrage du pc, un rapport s'ouvrira dans le Bloc notes en fin d'analyse, copie et colle tout son contenu dans ton prochain message.

    (Le fichier rapport Combofix.txt , est ensuite automatiquement sauvegardé dans C:\Combofix.txt)

    _________________________________________________

    4)Ensuite réactive ta restauration système
    Clic droit sur « Poste de travail », puis sur « Propriétés »,
    Vas sur l’onglet « Restauration système »
    Tu décoches la case « Désactiver la restauration »
    Termine par [Appliquer] [OK]


    _________________________________________________

    Tutorial ( aide ):

    http://bibou0007.com/outils-specifiques-f78/tutorial-combofix-t121.htm

    https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

    *************************************************************

    A++
    0
  15. OHNON
     
    Valaaaa...
    Ci dessous le rapport Combofix :

    ComboFix 08-07-12.2 - M@xime 2008-07-13 11:49:52.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.541 [GMT 2:00]
    Endroit: C:\Documents and Settings\M@xime\Bureau\ComboFix.exe
    * Création d'un nouveau point de restauration
    * Resident AV is active

    [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\newdotnet
    C:\Program Files\newdotnet\newdotnet7_48.dll_old
    C:\WINDOWS\NDNuninstall7_48.exe
    C:\WINDOWS\system32\oeminfo.ini

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-06-13 to 2008-07-13 ))))))))))))))))))))))))))))))))))))
    .

    2008-07-13 09:26 . 2008-07-13 09:26 <REP> d-------- C:\_OTMoveIt
    2008-07-12 11:15 . 2008-07-12 11:15 <REP> d-------- C:\Deckard
    2008-07-05 14:07 . 2008-07-05 14:07 <REP> d-------- C:\Program Files\Microsoft ActiveSync
    2008-07-05 14:06 . 2008-07-05 14:06 <REP> d-------- C:\Program Files\Windows Mobile Device Handbook
    2008-07-05 10:01 . 2008-07-05 10:01 <REP> d-------- C:\Documents and Settings\M@xime\Application Data\Samsung
    2008-07-05 10:00 . 2008-07-05 09:59 5,632 --a------ C:\WINDOWS\system32\drivers\StarOpen.sys
    2008-07-05 09:40 . 2008-07-05 09:46 <REP> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
    2008-07-05 09:40 . 2008-07-05 09:40 <REP> d-------- C:\WINDOWS\system32\Samsung PC Studio Codecs
    2008-07-05 09:40 . 2005-08-28 20:51 766 --a------ C:\WINDOWS\system32\Uninstall.ico
    2008-06-27 18:22 . 2008-06-27 18:22 0 --a------ C:\WINDOWS\nsreg.dat
    2008-06-22 18:13 . 2008-06-22 18:13 <REP> d-------- C:\WINDOWS\system32\fr
    2008-06-22 18:13 . 2008-06-22 18:13 <REP> d-------- C:\WINDOWS\system32\bits
    2008-06-22 18:13 . 2008-06-22 18:13 <REP> d-------- C:\WINDOWS\l2schemas
    2008-06-22 18:09 . 2008-06-22 18:09 <REP> d-------- C:\WINDOWS\ServicePackFiles
    2008-06-22 17:58 . 2008-06-22 17:58 <REP> d-------- C:\WINDOWS\EHome
    2008-06-22 16:38 . 2004-08-04 00:38 327,168 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
    2008-06-20 19:47 . 2008-06-20 19:47 247,808 --------- C:\WINDOWS\system32\dllcache\mswsock.dll
    2008-06-20 19:47 . 2008-06-20 19:47 147,968 --------- C:\WINDOWS\system32\dllcache\dnsapi.dll
    2008-06-20 13:51 . 2008-06-20 13:51 361,600 --------- C:\WINDOWS\system32\dllcache\tcpip.sys
    2008-06-20 13:40 . 2008-06-20 13:40 138,496 --------- C:\WINDOWS\system32\dllcache\afd.sys
    2008-06-20 13:08 . 2008-06-20 13:08 225,856 --------- C:\WINDOWS\system32\dllcache\tcpip6.sys

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-07-13 07:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-07-13 07:02 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-07-05 11:53 --------- d-----w C:\Program Files\eMule
    2008-07-05 07:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-07-05 07:39 --------- d-----w C:\Program Files\Samsung
    2008-06-22 16:28 --------- d-----w C:\Program Files\MSN Messenger
    2008-06-20 17:47 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
    2008-06-20 11:51 361,600 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
    2008-06-20 11:40 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys
    2008-06-20 11:08 225,856 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
    2008-06-14 17:33 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
    2008-06-14 17:33 272,768 ------w C:\WINDOWS\system32\dllcache\bthport.sys
    2008-06-03 18:09 --------- d-----w C:\Program Files\SpeedFan
    2008-05-09 10:55 90,112 ----a-w C:\WINDOWS\system32\wshext.dll
    2008-05-09 10:55 90,112 ------w C:\WINDOWS\system32\dllcache\wshext.dll
    2008-05-09 10:55 512,000 ------w C:\WINDOWS\system32\dllcache\jscript.dll
    2008-05-09 10:55 430,080 ----a-w C:\WINDOWS\system32\vbscript.dll
    2008-05-09 10:55 430,080 ------w C:\WINDOWS\system32\dllcache\vbscript.dll
    2008-05-09 10:55 180,224 ----a-w C:\WINDOWS\system32\scrobj.dll
    2008-05-09 10:55 180,224 ------w C:\WINDOWS\system32\dllcache\scrobj.dll
    2008-05-09 10:55 172,032 ----a-w C:\WINDOWS\system32\scrrun.dll
    2008-05-09 10:55 172,032 ------w C:\WINDOWS\system32\dllcache\scrrun.dll
    2008-05-08 14:02 203,136 ------w C:\WINDOWS\system32\dllcache\rmcast.sys
    2008-05-08 11:24 155,648 ----a-w C:\WINDOWS\system32\wscript.exe
    2008-05-08 11:24 155,648 ------w C:\WINDOWS\system32\dllcache\wscript.exe
    2008-05-07 09:07 135,168 ----a-w C:\WINDOWS\system32\cscript.exe
    2008-05-07 09:07 135,168 ------w C:\WINDOWS\system32\dllcache\cscript.exe
    2008-05-07 05:11 1,294,336 ----a-w C:\WINDOWS\system32\quartz.dll
    2008-05-07 05:11 1,294,336 ------w C:\WINDOWS\system32\dllcache\quartz.dll
    2008-04-23 20:16 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    2008-04-22 07:41 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    2008-04-22 07:41 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
    2008-04-22 07:39 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
    2008-04-20 05:07 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
    2008-04-14 02:50 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
    2008-04-14 02:37 332,800 ----a-w C:\WINDOWS\system32\netsetup.exe
    2008-04-14 02:33 98,816 ----a-w C:\WINDOWS\system32\psbase.dll
    2008-04-14 02:32 86,073 ----a-w C:\WINDOWS\system32\dllcache\voicesub.dll
    2008-04-14 02:32 764,416 ----a-w C:\WINDOWS\system32\winntbbu.dll
    2008-04-14 02:32 76,288 ----a-w C:\WINDOWS\system32\uniime.dll
    2008-04-14 02:32 76,288 ----a-w C:\WINDOWS\system32\dllcache\uniime.dll
    2008-04-14 02:32 67,584 ----a-w C:\WINDOWS\system32\dllcache\pmigrate.dll
    2008-04-14 02:32 61,471 ----a-w C:\WINDOWS\system32\odbcji32.dll
    2008-04-14 02:32 53,760 ----a-w C:\WINDOWS\system32\dllcache\pintlcsd.dll
    2008-04-14 02:32 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
    2008-04-14 02:32 426,041 ----a-w C:\WINDOWS\system32\dllcache\voicepad.dll
    2008-04-14 02:32 175,104 ----a-w C:\WINDOWS\system32\dllcache\pintlcsa.dll
    2008-04-14 02:32 15,872 ----a-w C:\WINDOWS\system32\dllcache\padrs404.dll
    2008-04-14 02:32 15,360 ----a-w C:\WINDOWS\system32\dllcache\padrs804.dll
    2008-04-14 02:32 10,240 ----a-w C:\WINDOWS\system32\dllcache\tmigrate.dll
    2008-04-14 02:07 2,147,328 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
    2008-04-14 02:07 2,025,984 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
    2008-04-14 02:06 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
    2008-04-14 02:04 93,184 ----a-w C:\WINDOWS\system32\msxml6r.dll
    2008-04-14 02:04 93,184 ------w C:\WINDOWS\system32\dllcache\msxml6r.dll
    2008-04-14 02:03 81,920 ------w C:\WINDOWS\system32\msshavmsg.dll
    2008-04-14 02:02 50,688 ----a-w C:\WINDOWS\system32\inetres.dll
    2008-04-14 02:00 572,416 ----a-w C:\WINDOWS\system32\shdoclc.dll
    2008-04-14 01:59 10,240 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
    2008-04-14 01:58 1,845,760 ----a-w C:\WINDOWS\system32\win32k.sys
    2008-04-14 01:58 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll
    2008-04-14 01:57 70,144 ----a-w C:\WINDOWS\system32\browselc.dll
    2008-04-14 01:54 103,936 ----a-w C:\WINDOWS\system32\dpcdll.dll
    2008-04-13 18:44 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
    2008-04-13 18:40 445,440 ----a-w C:\WINDOWS\system32\xpob2res.dll
    2008-04-13 18:36 2,986,496 ----a-w C:\WINDOWS\system32\xpsp2res.dll
    2008-04-13 18:35 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll
    2008-04-13 18:35 197,632 ----a-w C:\WINDOWS\system32\xpsp1res.dll
    2008-04-13 18:31 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll
    2008-04-13 18:30 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll
    2008-04-13 17:37 208,384 ----a-w C:\WINDOWS\system32\rsaenh.dll
    2008-04-13 17:37 138,752 ----a-w C:\WINDOWS\system32\dssenh.dll
    2008-04-13 17:34 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe
    2008-04-13 17:33 424,960 ----a-w C:\WINDOWS\system32\licdll.dll
    2008-04-13 17:33 1,005,056 ----a-w C:\WINDOWS\system32\setupapi.dll
    2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll
    2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dll
    2008-04-13 17:21 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll
    2008-04-13 16:45 216,064 ----a-w C:\WINDOWS\system32\moricons.dll
    2008-04-13 16:43 70,144 ----a-w C:\WINDOWS\system32\dllcache\pintlphr.exe
    2008-04-13 16:23 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll
    2008-04-13 15:39 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
    2008-04-08 21:50 194 ----a-w C:\Documents and Settings\M@xime\Application Data\wklnhst.dat
    2006-01-11 14:24 42,230,042 ----a-w C:\Program Files\NIS06900FR.exe
    2005-12-19 09:44 4,096 ----a-w C:\Documents and Settings\M@xime\log.dat
    2007-02-18 14:25 10,240 --sha-w C:\WINDOWS\rnapxs\rnapxs.dat
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 14:07 1289000]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Autoconfigurateur WiFi Neuf"="C:\Program Files\Neuf\Kit\WiFi\9wifi.exe" [2006-12-15 19:23 139264]
    "hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-05-04 11:59 794624]
    "F-Secure Manager"="C:\Program Files\Pack Securite\Common\FSM32.EXE" [2005-05-09 09:05 118833]
    "F-Secure TNB"="C:\Program Files\Pack Securite\TNB\TNBUtil.exe" [2005-06-02 15:05 700416]
    "F-Secure Startup Wizard"="C:\Program Files\Pack Securite\FSGUI\FSSW.EXE" [2005-09-05 15:00 372736]
    "TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2008-05-06 10:42 202088]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=90.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "vidc.VP31"= vp31vfw.dll
    "vidc.3IV2"= 3ivxVfWCodec.dll
    "vidc.VP40"= vp4vfw.dll
    "vidc.VP50"= vp5vfw.dll
    "msacm.avis"= ff_acm.acm

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.exe.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.exe.lnk
    backup=C:\WINDOWS\pss\Adobe Gamma Loader.exe.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^DataViz Inc Messenger.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DataViz Inc Messenger.lnk
    backup=C:\WINDOWS\pss\DataViz Inc Messenger.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide du logiciel HP Image Zone.lnk
    backup=C:\WINDOWS\pss\Démarrage rapide du logiciel HP Image Zone.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HotSync Manager.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HotSync Manager.lnk
    backup=C:\WINDOWS\pss\HotSync Manager.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
    backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
    backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
    backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
    backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Desktop Search.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Desktop Search.lnk
    backup=C:\WINDOWS\pss\Windows Desktop Search.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^M@xime^Menu Démarrer^Programmes^Démarrage^LifeDrive™ Manager.lnk]
    path=C:\Documents and Settings\M@xime\Menu Démarrer\Programmes\Démarrage\LifeDrive™ Manager.lnk
    backup=C:\WINDOWS\pss\LifeDrive™ Manager.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^M@xime^Menu Démarrer^Programmes^Démarrage^palmOne Registration.lnk]
    path=C:\Documents and Settings\M@xime\Menu Démarrer\Programmes\Démarrage\palmOne Registration.lnk
    backup=C:\WINDOWS\pss\palmOne Registration.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
    --a------ 2005-03-08 21:05 339968 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autoconfigurateur WiFi Neuf]
    --a------ 2006-12-15 19:23 139264 C:\Program Files\Neuf\Kit\WiFi\9wifi.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cpqset]
    --a------ 2004-10-22 12:18 229438 C:\Program Files\HPQ\Default Settings\Cpqset.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
    --a------ 2008-04-14 04:33 15360 C:\WINDOWS\system32\ctfmon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eabconfg.cpl]
    --a------ 2004-12-03 13:24 290816 C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
    --a------ 2005-05-12 00:12 49152 C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
    --a------ 2005-05-04 11:59 794624 C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    --a------ 2006-10-30 10:36 256576 C:\Program Files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
    --a------ 2006-01-17 13:17 36864 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher]
    --a------ 2004-10-14 13:54 253952 c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    --a------ 2008-04-14 04:34 1695232 C:\Program Files\Messenger\msmsgs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    --a------ 2006-10-25 19:58 282624 C:\Program Files\QuickTime\qttask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    --a------ 2006-10-12 04:10 49263 C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
    --a------ 2005-02-02 14:11 692316 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
    --a------ 2005-02-02 14:12 102492 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Outlook Express\\msimn.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "C:\\Program Files\\Pack Securite\\backweb\\361343\\Program\\fspex.exe"=
    "C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqtra08.exe"=
    "C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqste08.exe"=
    "C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpofxm08.exe"=
    "C:\\Program Files\\Hp\\Digital Imaging\\bin\\hposfx08.exe"=
    "C:\\Program Files\\Hp\\Digital Imaging\\bin\\hposid01.exe"=
    "C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqCopy.exe"=
    "C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpfccopy.exe"=
    "C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "C:\\Program Files\\Hp\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "C:\\Program Files\\Hp\\Digital Imaging\\Unload\\HpqDIA.exe"=
    "C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpoews01.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\uTorrent\\uTorrent.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\MSN Messenger\\livecall.exe"=
    "C:\\Program Files\\@Last Software\\SketchUp 5\\SketchUp.exe"=
    "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
    "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
    "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

    R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2005-08-22 15:05]
    R2 BackWeb Plug-in - 361343;Pack Securite;C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE [2007-02-18 16:08]
    R2 F-Secure Filter;F-Secure File System Filter;C:\Program Files\Pack Securite\Anti-Virus\Win2K\FSfilter.sys [2004-09-10 17:14]
    R2 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\Pack Securite\Anti-Virus\Win2K\FSgk.sys [2008-03-17 13:19]
    R2 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\Pack Securite\Anti-Virus\Win2K\FSrec.sys [2004-12-17 11:34]
    R3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 03:13]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{517685aa-bda9-11db-b795-00c09fdc1a6e}]
    \Shell\AutoRun\command - E:\setupSNK.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{831f18bc-0952-11dc-b82e-00c09fdc1a6e}]
    \Shell\AutoRun\command - E:\InstallTomTomHOME.exe

    *Newly Created Service* - CATCHME
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-07-12 06:03:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-07-13 05:48:57 C:\WINDOWS\Tasks\Scheduled scanning task.job"
    - C:\PROGRA~1\PACKSE~1\ANTI-V~1\fsav.exeZ /HARD /ARCHIVE /DISINF /SCHED /NOBREAK /REPORT=C:\PROGRA~1\PACKSE~1\ANTI-V~1\report.txt
    .
    - - - - ORPHANS REMOVED - - - -

    MSConfigStartUp-swg - C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-07-13 11:53:47
    Windows 5.1.2600 Service Pack 3 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-07-13 11:56:07
    ComboFix-quarantined-files.txt 2008-07-13 09:55:23

    Pre-Run: 10,003,402,752 octets libres
    Post-Run: 10,047,770,624 octets libres

    280 --- E O F --- 2008-07-09 05:05:07
    0
  16. OHNON
     
    Cyril,

    à l'étape 4 , de restauration système, il est dit que je dois décocher la case "désactiver la restauration".
    Lorsque j'ouvre l'onglet, la case est déjà décochée : que dois-je faire ? je laisse la case décochée ?? Ou alors je la coche ??
    0
  17. Utilisateur anonyme
     
    Re ,
    Tu coches.

    Resident AV is active 


    J'avais dit de désactiver ses protections résidentes ......

    /!\ Manip crée spécialement pour cet utilisateur , ne pas reproduire chez soi ... /!\

    Crée un nouveau document texte : clic droit de souris sur le bureau, "Nouveau"> "Document Texte". Ouvre-le et copie-colle dedans de ce qui est en citation en gras ci-dessous, (copie tout d'un trait) : ( y compris Regedit4, et la ligne vide en dessous )

    REGEDIT4

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=-
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]


    Puis "fichier" -> "enregistrer sous" :
    dans : sur le bureau
    Nom du fichier : fix.reg
    Type de fichier : "tous les fichiers"
    clique sur "enregistrer"

    Cela doit ressembler à ça

    Double clique sur fix.reg

    → tu dois OBLIGATOIREMENT* avoir un message "voulez-vous vraiment ajouter les informations contenues dans ce fichier .reg au registre ?"
    Si c'est bien le cas, clique sur "oui"

    *Prevenir si le message n'apparait pas.

    **************************************************************************************


    Re-poste un rapport Hijackthis s'il te plait.

    ( Relance hijackthis et choisi ' do a system scan and save a logfile ' )

    a++
    0
  18. OHNON
     
    Désolé de na pas avoir désactivé les protections résidentes (je ne sais même pas de quoi il s'agit... !) j'avais désactivé mon antivirus pensant qu'il n'y aavait que ça a faire.... Excuse moi...

    Ci dessous le rapport Hijackthis :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:23:30, on 13/07/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
    C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
    C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE
    C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
    C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe
    C:\Program Files\Pack Securite\Common\FSMA32.EXE
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Pack Securite\Common\FSMB32.EXE
    C:\Program Files\Pack Securite\Common\FCH32.EXE
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Pack Securite\Common\FAMEH32.EXE
    C:\Program Files\Pack Securite\FSPC\fspc.exe
    C:\Program Files\Pack Securite\Anti-Virus\fsrw.exe
    C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe
    C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\Pack Securite\Common\FSM32.EXE
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\PROGRA~1\PACKSE~1\ANTI-S~1\fsaw.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\PROGRA~1\MI3AA1~1\rapimgr.exe
    C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
    C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
    C:\Program Files\Pack Securite\FSGUI\fsguidll.exe
    C:\Program Files\HPQ\Shared\hpqwmi.exe
    C:\WINDOWS\system32\LVComsX.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Firepad FireConverter - {6427806D-3820-11D5-9939-00B0D0522EB5} - C:\Program Files\Palm\FireConverterBrowserHelperObject.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Securite\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Pack Securite\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
    O8 - Extra context menu item: &Search - ?p=ZNxdm414YYFR
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra 'Tools' menuitem: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
    O15 - Trusted Zone: *.registration.sonystyle-europe.com (HKLM)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: bw+0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {9DBD0161-9393-453A-97EF-4B387C52070C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Pack Securite (BackWeb Plug-in - 361343) - BackWeb Technologies Inc. - C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Pack Securite\FSPC\fshttps\fshttps.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    0
  19. Utilisateur anonyme
     
    Re ,
    Pas de mal.

    Fixe toutes les lignes 018 avec Hijackthis s'il te plait. [ manip donnée ici]

    *******************************************************************************

    ● Clique sur " Démarrer ( ou combine la touche Windows + R ) " ► " Executer " ► copie/colle cette ligne :

    ComboFix /u

    ( laisse l'espace entre Combofix et /u )

    ● Valide.

    _ Cela va Désinstaller Combofix , supprimer ses dossiers/fichiers associés , réinitialiser ton horloge , masquer les fichiers/dossiers cachés et réinitialiser la restauration système.

    *******************************************************************************

    Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

    → Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton Bureau.

    → A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.

    → Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.

    → Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.

    → MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue. La fenêtre principale de MBAM s'affiche :

    → Dans l'onglet analyse, vérifie que "Exécuter un examen complet" est coché et clique sur le bouton Rechercher pour démarrer l'analyse.

    → MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.

    → A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.

    → Si des malwares ont été détectés, leur liste s'affiche.
    En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine. ►► FAIT LE

    → MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)

    → Ferme MBAM en cliquant sur Quitter.

    Poste le rapport dans ta réponse

    Tutorial : https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm

    a ce soir.
    A++
    0
  20. OHNON
     
    Ci dessous le rapport MBAM :

    Malwarebytes' Anti-Malware 1.20
    Version de la base de données: 944
    Windows 5.1.2600 Service Pack 3

    13:42:41 13/07/2008
    mbam-log-7-13-2008 (13-42-41).txt

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 130846
    Temps écoulé: 57 minute(s), 30 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 3
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 1
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 1

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\asearchassist.adefaultsearch.1 (Adware.Accoona) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Documents and Settings\M@xime\results.txt (Malware.Trace) -> Quarantined and deleted successfully.
    0
  21. Utilisateur anonyme
     
    Re ,

    Vide la quarantaine de Malwarebyte's Anti-Malware:

    _ Clique sur le raccourci de "Malwarebytes' Anti-Malware" , puis sur "Quarantaine" .

    sélectionne les divers éléments en cliquant sur "Tout" puis clique sur "Supprime".

    Reposte un rapport Hijackthis.

    a+
    0
  • 1
  • 2