chouchou01

merci les gars je n'avais pas dezippé @+

bonjours à tous, voilà mon probléme j'ai voulu mettre le fichier hosts proposé par tesgaz avec les 260000 entrées proposé, mais voilà maintenant quand je regarde le fichier hosts ça me met un charabia du style pourtant je pense bien avoir suivi la procédure. si vous pouviez m'aider cela serait sympa. merci ßÿŸüó‡íÍ!œÓA=&Õ?ÚôÿBý?ÿIÄyÁ?ø—ÖT²mÌ8}'B3“Tž–PÕ¶òàªývø/Õ«ANª>œ–ßÿ§NÁß¡îxø÷C\þ-JþGQvÇߣè÷ô¸ÕùÏ~–عŸ~?ˆ4IŠòð×C|¸ë©9Üï÷}—¢ðb}+ÓýB^ÿ σRðŸ=ŒêÜt5õ„<?Ì4?8¯u[›±ÿÐ'›¨2'yR$Ýôµ¼( ™K=ü6êInr?î—ZT ôN •ÚU©M'uO}ÆdÞû y|ñ ?…4M÷gC?ƒ~®•cüE-Õo[`RŠS 9vD%²Ç"ܘ¦e{SÃhzÙR¥jUëÊjh8™?k3;º‰î‰³œì¨ÄÃí8K?EžÅ †ÒH’ÝÍÊV?'- ¹f%Ɇ\žFÓΓ’õÜN8À e21°\¶íe031ÁrÙçæÁJÌ3È\•¬ÕLÙöƒÍyªÌ@LŠüÔÊêz2f¢šþöjÚ?UMÔ¨T«Nƒž4Ù5B/& ¡›¯ZŒ¿½Òïê$¬"êÁ¼¥du™å@u›¶C¹?å´"XƒåéI%pÆì… Ö"õuß&èÕ+zy›f^'‡‰àÑZ‚ _(Eû0è MЮ˜æÑ~z–'} @¯NcЀv)ÊÀWr$_M.¯Z?g‚u?lˆ†›Ÿ˜¦ûëEµ{Õõè„Nó#ìç_ÑÛ@˜æIM ?N=ŸøÌ#ùÌó®e ÖöþC<Ÿ·÷R„c#Á ÍkUh†Ë¯0˜µW´lDœ@c5iDŽÍ²(£ [¯°–|A˜Yë×­åƒ)`ÿ˜ÈÊ©ªØŒß8ÁÒHôŸÔ-átkÒÓ´r¸¨à4(

non pour l'instant ça roule et je te remercie pour ton aide mais tu ne pas dit si il fallait reactivé tout se que tu m'a fait desactivé ou arreté dans la procédure et encore merci à toi

je ne l'ai pas toucher et je voulais te demander faut'i que je reactive la restauration systeme et se que tu m'a fait arrete et desactive dans statut du service

salut je voudrais savoir votre avis sur ces rapport apres avoir suivi les conseils de bruce lee qui m'a super bien aider. pour freres des ours j'ai tout virer à j'oublier j'avais un cheval de troie horst.ax merci à vous --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 17:07:07, 11/05/2006 + Somme de contrôle: A64DEA3C + Résultats du scan: D:\frere des ours\setup\Bears\system\WinKeyHook.dll -> Not-A-Virus.PSWTool.Win32.Hooker.a : Nettoyer et sauvegarder ::Fin du rapport Logfile of HijackThis v1.99.1 Scan saved at 17:11:02, on 11/05/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\System32\BhoECart.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [mHotmon] mHotMon.exe O4 - HKLM\..\Run: [Aspire Schedule] C:\Program Files\Aspire\WFTVFM\WFWIZ.exe O4 - HKLM\..\Run: [KnobMonitor] C:\acer\KnobMonitor.exe O4 - HKLM\..\Run: [MPS] C:\ACER\MPS.EXE O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [DVD43] "C:\Program Files\DVD Region+CSS Free\DVDRegionFree.exe" /hidden O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [Popup Ad Filter] C:\Program Files\Meaya\Popup Ad Filter\PopFilter.exe O4 - HKCU\..\Run: [PaperNet] "C:\Program Files\PaperNet\PaperNet.exe" /quiet O4 - HKCU\..\Run: [startClock] C:\Program Files\StartClock\StartClock.EXE O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [E06FXLRD_2874484] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE" -m O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O4 - Global Startup: DSLMON.LNK = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Allow Popups - C:\Program Files\Meaya\Popup Ad Filter\WhiteGetUrl.js O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/ O16 - DPF: Interface Chat Wanadoo - http://chat14.x-echo.com/version6/Applet/wchatsign.cab O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: Knob Service (KNOBSERV) - Acer Inc. - c:\acer\KnobService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: O&O Defrag (OODefrag) - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe

bruce lee j'ai le rapport d'ewido et ensuite celui de hijackthis je te les postes et si tu pouvais me tenir au courrant tu serais sympa merci encore à toi. frere des ours je viens de le virer. --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 17:07:07, 11/05/2006 + Somme de contrôle: A64DEA3C + Résultats du scan: D:\frere des ours\setup\Bears\system\WinKeyHook.dll -> Not-A-Virus.PSWTool.Win32.Hooker.a : Nettoyer et sauvegarder ::Fin du rapport Logfile of HijackThis v1.99.1 Scan saved at 17:11:02, on 11/05/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\System32\BhoECart.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [mHotmon] mHotMon.exe O4 - HKLM\..\Run: [Aspire Schedule] C:\Program Files\Aspire\WFTVFM\WFWIZ.exe O4 - HKLM\..\Run: [KnobMonitor] C:\acer\KnobMonitor.exe O4 - HKLM\..\Run: [MPS] C:\ACER\MPS.EXE O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [DVD43] "C:\Program Files\DVD Region+CSS Free\DVDRegionFree.exe" /hidden O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [Popup Ad Filter] C:\Program Files\Meaya\Popup Ad Filter\PopFilter.exe O4 - HKCU\..\Run: [PaperNet] "C:\Program Files\PaperNet\PaperNet.exe" /quiet O4 - HKCU\..\Run: [startClock] C:\Program Files\StartClock\StartClock.EXE O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [E06FXLRD_2874484] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE" -m O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O4 - Global Startup: DSLMON.LNK = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Allow Popups - C:\Program Files\Meaya\Popup Ad Filter\WhiteGetUrl.js O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/ O16 - DPF: Interface Chat Wanadoo - http://chat14.x-echo.com/version6/Applet/wchatsign.cab O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: Knob Service (KNOBSERV) - Acer Inc. - c:\acer\KnobService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: O&O Defrag (OODefrag) - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe

salut bruce lee t'es tu renseigner pour le fichier merci

bruce lee je vais devoir partir au boulot car je bosse de nuit , alors si cela ne te derange pas de continuer demain tu serais sympa par contre si tu as autre chose a me faire tu peus me laisser la marche à suivre, je reviendrais sur sur super forum demain matin aprés le boulot. et encore merci à toi de m'aider a++++

voila le rapport que tu m'as demandé Jotti's malware scan 2.99-TRANSITION_TO_3.00-R1 File to upload & scan: Service Service load: 0% 100% File: SSer.exe Status: OK MD5 8e5c444db53d3c674401c20c0375f39f Packers detected: - Scanner results AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing Fortinet Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing UNA Found nothing VirusBuster Found nothing VBA32 Found nothing Powered by Disclaimer This service is by no means 100% safe. If this scanner says 'OK', it does not necessarily mean the file is clean. There could be a whole new virus on the loose. NEVER EVER rely on one single product only, not even this service, even though it utilizes several products. Therefore, We cannot and will not be held responsible for any damage caused by results presented by this non-profit online service. Also, we are aware of the implications of a setup like this. We are sure this whole thing is by no means scientifically correct, since this is a fully automated service (although manual correction is possible). We are aware, in spite of efforts to proactively counter these, false positives might occur, for example. We do not consider this a very big issue, so please do not e-mail us about it. This is a simple online scan service, not the university of Wichita. Scanning can take a while, since several scanners are being used, plus the fact some scanners use very high levels of (time consuming) heuristics. Scanners used are Linux versions, differences with Windows scanners may or may not occur. Another note: some scanners will only report one virus when scanning archives with multiple pieces of malware. Virus definitions are updated every hour. There is a 15Mb limit per file. Please refrain from uploading tons of hex-edited or repacked variants of the same sample. Please do not ask for viruses uploaded here, unless you work for an anti-virus vendor. They are not for trade. This is a legitimate service, not a VX site. Viruses uploaded here will be distributed to antivirus vendors without exception. Read more about this in our privacy policy. If you do not want your files to be distributed, please do not send them at all. Sponsored by donations (in random order) from: Stormbyte Technologies LLC, The ClamAV project, James Love, Gideon Pertzov, Malcolm Murray, Nigel Thomas, Wendy Dickerson, Anthony Midmore, "ethereal", Mark Rubins, Steve S., Eric Johansen, Eric Schechter, Paul Bokel, Wilders Security, Wilfried Lilie, Prevx, SonicWALL, Lance Mueller, Ewido networks, and some people who prefer to remain anonymous... many thanks to all! Statistics Last file scanned at least one scanner reported something about: crack.exe, detected by: Scanner Malware name AntiVir X ArcaVir X Avast X AVG Antivirus X BitDefender X ClamAV X Dr.Web Trojan.DownLoader.2568 F-Prot Antivirus X Fortinet W32/Dowins!tr Kaspersky Anti-Virus Trojan-Downloader.Win32.INService.gen NOD32 a variant of Win32/TrojanDownloader.INService Norman Virus Control X UNA X VirusBuster X VBA32 Trojan-Downloader.Win32.INService.gen You're free to (mis)interpret these automated, flawed statistics at your own discretion. For antivirus comparisons, visit AV comparatives We are not affiliated with any third parties that conduct tests using this service. Frequently asked questions - Feedback - Privacy policy Page generated by JTPL Copyright © 2004-2005 Jordi Bosveld <[email protected]>

salut bruce lee j'ai fait se que tu m'as demandé mais je me suis arreter a sser.ex dans la recherche car je l'ais trouvé mais dans c:/windows taille 36ko car ily avait la case rechercher dans dossier systeme de cocher au dessus de celle fichier et dossier cache et je n'ais pas oser le supprimer alors peus tu me renseigner et faut'il que je recommence toute la procedure merci a toi de me donner de ton temps tu es sympa

merci a toi bruce lee je fais tout ça et je te tien au courrant c'est sympa de m'aider a+++

bonjours à tous votre forum et super surtout pour les novices comme moi, voici mon probleme avp me detecte un cheval de troie horst.ax et je n'arrive pas à le virer de mon pc je le supprime mais il revient a chaque fois,j'ai suivi la procedure bien je l'espére et je vous poste le rapport. merci pour votre aide car je n'en peus plus. Logfile of HijackThis v1.99.1 Scan saved at 15:24:19, on 10/05/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe c:\acer\KnobService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\UStorSrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\mHotkey.exe C:\WINDOWS\CNYHKey.exe C:\WINDOWS\mHotMon.exe C:\Program Files\Aspire\WFTVFM\WFWIZ.exe C:\acer\KnobMonitor.exe C:\ACER\MPS.EXE C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\System32\LVCOMSX.EXE C:\Program Files\Logitech\ImageStudio\LogiTray.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\PROGRA~1\WANADOO\TaskBarIcon.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Logitech\ImageStudio\LowLight.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\WINDOWS\System32\RUNDLL32.EXE C:\Program Files\Meaya\Popup Ad Filter\PopFilter.exe C:\Program Files\Wallpaper\Wallpaper.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\Logitech\SetPoint\KEM.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\System32\BhoECart.dll O2 - BHO: Microsoft Configuration - {40205287-E793-41AC-B95C-D8D064BA33CA} - C:\WINDOWS\system32\mscfg.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [sSER] sser.exe O4 - HKLM\..\Run: [mHotmon] mHotMon.exe O4 - HKLM\..\Run: [Aspire Schedule] C:\Program Files\Aspire\WFTVFM\WFWIZ.exe O4 - HKLM\..\Run: [KnobMonitor] C:\acer\KnobMonitor.exe O4 - HKLM\..\Run: [MPS] C:\ACER\MPS.EXE O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [DVD43] "C:\Program Files\DVD Region+CSS Free\DVDRegionFree.exe" /hidden O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [Popup Ad Filter] C:\Program Files\Meaya\Popup Ad Filter\PopFilter.exe O4 - HKCU\..\Run: [PaperNet] "C:\Program Files\PaperNet\PaperNet.exe" /quiet O4 - HKCU\..\Run: [startClock] C:\Program Files\StartClock\StartClock.EXE O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [E06FXLRD_2874484] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE" -m O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O4 - Global Startup: DSLMON.LNK = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Allow Popups - C:\Program Files\Meaya\Popup Ad Filter\WhiteGetUrl.js O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/ O16 - DPF: Interface Chat Wanadoo - http://chat14.x-echo.com/version6/Applet/wchatsign.cab O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O16 - DPF: {0585238B-9CA6-4CCB-A9B2-FE4BA495E880} (AXWebMon Control) - http://www.smilecam.com/home/ezwebcam/eng5...WebMonProj1.cab O16 - DPF: {24311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab O16 - DPF: {F5078F32-C551-11D3-89B9-0000F81FE221} (XML DOM Document 3.0) - file://C:\Documents and Settings\chouchou\Local Settings\Temp\SFX9.tmp\msxml3.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll O20 - Winlogon Notify: ldr64 - ldr64.dll (file missing) O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Knob Service (KNOBSERV) - Acer Inc. - c:\acer\KnobService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: O&O Defrag (OODefrag) - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe