moi nagy

personne pour m'aider

voilà j'ai fait toutes les opérations: Logfile of HijackThis v1.99.1 Scan saved at 17:40:44, on 26/10/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\service32.exe C:\WINDOWS\System32\Smtray.exe C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\DAP\DAP.EXE C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\WINDOWS\System32\BtUsrBdg.exe C:\WINDOWS\System32\BTSetBootKey.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe C:\COMPAQ\CPQINET\CPQInet.exe C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\cisvc.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Inventel\Gateway\WLANCFG.EXE C:\WINDOWS\System32\cidaemon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\boudjakdji ilham\Bureau\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.presario.net/scripts/redire...;lc=080c&ac R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.presario.net/scripts/redirec...rch&ap=b204 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirec...rch&ap=b204 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirec...rch&ap=b204 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://desktop.presario.net/scripts/redire...;lc=080c&ac R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\COMPAQ\Coloreal\coloreal.exe" O4 - HKLM\..\Run: [smapp] Smtray.exe O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [bTUSRBDG] BtUsrBdg.exe O4 - HKLM\..\Run: [bTSETBOOTKEY] BTSetBootKey.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ? O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: MsgPlusLoader.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe maintenant le rapportAVG: AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 17:35:10 26/10/2006 + Résultat de l'analyse: C:\WINDOWS\Downloaded Program Files\ClientAX.dll -> Adware.180Solutions : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ClientAX.ClientInstaller -> Adware.180Solutions : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ClientAX.ClientInstaller.1 -> Adware.180Solutions : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ClientAX.ClientInstaller\CLSID -> Adware.180Solutions : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ClientAX.ClientInstaller\CurVer -> Adware.180Solutions : Nettoyé et sauvegardé (mise en quarantaine). C:\Program Files\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : Nettoyé et sauvegardé (mise en quarantaine). C:\Program Files\Mozilla Firefox\plugins\npclntax.dll -> Adware.Zango : Nettoyé et sauvegardé (mise en quarantaine). C:\RECYCLER\S-1-5-21-2915903831-3485136118-1726409691-1006\Dc3\zangohook.dll -> Adware.Zango : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ClientAX.RequiredComponent -> Adware.Zango : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ClientAX.RequiredComponent.1 -> Adware.Zango : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ClientAX.RequiredComponent\CLSID -> Adware.Zango : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ClientAX.RequiredComponent\CurVer -> Adware.Zango : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\zango -> Adware.Zango : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-2915903831-3485136118-1726409691-1006\Software\zango -> Adware.Zango : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\boudjakdji ilham\Bureau\WinAntiVirusPro2006FreeInstall_fr.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Nettoyé et sauvegardé (mise en quarantaine). :mozilla.119:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.111:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.135:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.141:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\adil\Cookies\adil@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.156:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé. :mozilla.157:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé. C:\Documents and Settings\adil\Cookies\adil@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé. C:\Documents and Settings\boudjakdji ilham\Cookies\boudjakdji ilham@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.55:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé. C:\Documents and Settings\adil\Cookies\adil@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé. C:\Documents and Settings\boudjakdji ilham\Cookies\boudjakdji ilham@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé. :mozilla.120:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé. C:\Documents and Settings\boudjakdji ilham\Cookies\boudjakdji ilham@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé. :mozilla.138:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.139:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.140:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.66:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé. C:\Documents and Settings\adil\Cookies\adil@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé. :mozilla.80:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Estat : Nettoyé. C:\Documents and Settings\boudjakdji ilham\Cookies\boudjakdji ilham@estat[1].txt -> TrackingCookie.Estat : Nettoyé. :mozilla.47:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé. C:\Documents and Settings\adil\Cookies\adil@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé. C:\Documents and Settings\adil\Cookies\adil@media.fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé. :mozilla.65:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé. :mozilla.130:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.131:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.132:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.133:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.134:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.110:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.76:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.77:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.78:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.79:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.121:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé. :mozilla.122:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé. :mozilla.123:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé. :mozilla.22:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.44:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.45:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. C:\Documents and Settings\boudjakdji ilham\Cookies\boudjakdji ilham@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.145:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé. :mozilla.30:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.31:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.10:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.11:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.12:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.13:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. C:\Documents and Settings\boudjakdji ilham\Cookies\boudjakdji ilham@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.56:C:\Documents and Settings\boudjakdji ilham\Application Data\Mozilla\Firefox\Profiles\w3y3sfv0.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé. C:\Documents and Settings\boudjakdji ilham\Cookies\boudjakdji ilham@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé. Fin du rapport voilà

euh je suis pas trés fort en informatique mais : en mode sans échec je peux pas aller sur une page internet(étape2) j'ai supprimé macroming et zango mais bearshare et homekeylogger n'y sont pas. quand tu me dis de faire cmd et mettre sc delete BOONTY il me dit : le service spécifié n'existe pas en tant que service installé. je ne trouve pas quand j'execute services.msc et aprés netnhf je le trouve pas.

personne pour m'aider?

bonjour tout le monde voilà c'est mon premier post : j'ai un probleme avec le virus hacktool.rootkit j'ai norton et mon ordi est vraiment trés lent j'ai copié le rapport hijackthis en mode sans échec : Logfile of HijackThis v1.99.1 Scan saved at 11:25:30, on 26/10/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\boudjakdji ilham\Bureau\hijackthis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.presario.net/scripts/redire...;lc=080c&ac R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.presario.net/scripts/redirec...rch&ap=b204 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirec...rch&ap=b204 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirec...rch&ap=b204 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://desktop.presario.net/scripts/redire...;lc=080c&ac R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\COMPAQ\Coloreal\coloreal.exe" O4 - HKLM\..\Run: [smapp] Smtray.exe O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [zango] "c:\program files\zango\zango.exe" O4 - HKLM\..\Run: [bearShare] "C:\Program Files\BearShare\BearShare.exe" /pause O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP O4 - HKLM\..\Run: [HomeKeyLogger] C:\Program Files\HomeKeyLogger\KeyLogger.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [bTUSRBDG] BtUsrBdg.exe O4 - HKLM\..\Run: [bTSETBOOTKEY] BTSetBootKey.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ? O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: MsgPlusLoader.dll O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NetNhf - Unknown owner - \\?\C:\Program Files\Windows NT\lpt5.exe (file missing) O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe