booba

lu, vindofix n' arive pas a supprimer le fichier meme apres 2 reboots a la suite Beginning removal... Attempting to delete C:\WINDOWS\system32\__c00CD129.dat C:\WINDOWS\system32\__c00CD129.dat Could not be deleted. Performing Repairs to the registry. Done! Beginning removal... Attempting to delete C:\WINDOWS\system32\__c00CD129.dat C:\WINDOWS\system32\__c00CD129.dat Could not be deleted. Performing Repairs to the registry. Done! Beginning removal... --------------------------------------------------------------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:51:03, on 01/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\PROGRA~1\McAfee\MPS\mps.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\SiteAdvisor\6066\SAService.exe C:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\McAfee\MPS\mpsevh.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\McAfee\MSK\MskAgent.exe C:\Program Files\SiteAdvisor\6066\SiteAdv.exe C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - c:\program files\mcafee\mps\mcpopup.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O8 - Extra context menu item: &D&ownload &with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - E:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00CD129.dat O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe -- End of file - 8036 bytes

ok autan pour moi c' etai marquer voila le nouveau log hijackthis suite au manip faite: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:35:04, on 31/08/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\McAfee\MSK\MskAgent.exe C:\Program Files\SiteAdvisor\6066\SiteAdv.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\PROGRA~1\McAfee\MPS\mps.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\SiteAdvisor\6066\SAService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\McAfee\MPS\mpsevh.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - c:\program files\mcafee\mps\mcpopup.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O8 - Extra context menu item: &D&ownload &with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - E:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00CD129.dat O23 - Service: McAfee Application Installer Cleanup (0000961188570049) (0000961188570049mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP0096~1.EXE O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe -- End of file - 8735 bytes

le probleme a l' air resolu, ma page de demarage internet est revenu a la normal et plus d' ouverture de page publicitaire je te remerci une foi de plus pour ta patience et ton aide je te colle quand meme les rapport pour que tu me confirme que tout est normal. j' ai rencontrer quelque "probleme", je vais commencer par te les enumerer: 1) sur la serie de ligne que tu ma demander de cocher dans hijackthis je n' ai trouver que : O22 - SharedTaskScheduler: barbican - {e0f691d7-01bf-4fed-926c-7368034a45e3} - (no file) O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00CD129.dat O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZNxpt233YYFR O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O2 - BHO: (no name) - {47B83D78-F986-4E96-9769-2C55EF14DA0B} - C:\WINDOWS\system32\__c00EE882.dat (file missing) ensuite je devai suprimmer manuellement 2 fichiers pour le 2° voila la reponse que j' ai eu alors que rien d' autre que le systeme 32 n' etai ouvert impossible de supprimer __c00CD129.dat le fichier est utiliser par un autre progrmme ou une autre persone alors que rien d' autre que le systeme 32 n' etai ouvert pour le reste c ok --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 16:16:29 31/08/2007 + Résultat de l'analyse: :mozilla.169:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.170:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.42:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.43:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.44:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.45:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.46:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.53:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.54:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Adengage : Nettoyé. :mozilla.173:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.174:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.175:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé. :mozilla.125:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé. :mozilla.38:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé. :mozilla.178:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Clickzs : Nettoyé. :mozilla.179:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Clickzs : Nettoyé. :mozilla.198:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Com : Nettoyé. :mozilla.27:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé. :mozilla.29:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé. :mozilla.30:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé. :mozilla.31:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Nettoyé. :mozilla.120:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé. :mozilla.145:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Estat : Nettoyé. :mozilla.205:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé. :mozilla.206:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@goclick[2].txt -> TrackingCookie.Goclick : Nettoyé. :mozilla.212:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@ehg-pcsecurityshield.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé. :mozilla.36:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé. :mozilla.37:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé. :mozilla.144:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Overture : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@overture[1].txt -> TrackingCookie.Overture : Nettoyé. :mozilla.63:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Pstats : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@questionmarket[1].txt -> TrackingCookie.Questionmarket : Nettoyé. :mozilla.194:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé. :mozilla.195:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.184:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Skype : Nettoyé. :mozilla.10:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.11:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.12:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.9:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.67:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé. :mozilla.68:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé. :mozilla.69:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé. :mozilla.70:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé. :mozilla.160:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé. :mozilla.164:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé. :mozilla.165:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé. :mozilla.166:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Nettoyé. :mozilla.105:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.106:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.84:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé. :mozilla.6:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.7:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé. :mozilla.133:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.134:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.135:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.136:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\cv52a32r.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé. C:\Documents and Settings\Administrateur\Cookies\administrateur@zedo[2].txt -> TrackingCookie.Zedo : Nettoyé. Fin du rapport --------------------------------------------------------------------------------------------------------------------------------------------------------- SmitFraudFix v2.218 Rapport fait à 15:00:44,06, 31/08/2007 Executé à partir de C:\Documents and Settings\Administrateur\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{2016a466-91a2-43c6-97d8-2fd380f065ef}"="eitheror" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{e0f691d7-01bf-4fed-926c-7368034a45e3}"="barbican" »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\DOCUME~1\ALLUSE~1\MENUDM~1\Online Security Guide.url supprimé C:\DOCUME~1\ALLUSE~1\MENUDM~1\Security Troubleshooting.url supprimé C:\DOCUME~1\ADMINI~1\Favoris\Online Security Test.url supprimé C:\Program Files\Video ActiveX Access\ supprimé »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{9D7F0E64-8723-4103-B833-D11CFFFC09B6}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{3A752238-A61D-45DD-A2D4-753F994C76EB}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\..\{9D7F0E64-8723-4103-B833-D11CFFFC09B6}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{e0f691d7-01bf-4fed-926c-7368034a45e3}"="barbican" »»»»»»»»»»»»»»»»»»»»»»»» Fin par contre g du faire une mauvaise manip j' ai 2 foi le rapport smit et pas de hijackthis lol c' est grave ? dit moi si tu veut que je le relance et si tu le veut en sans echec ou en normale

oups desolé le voila : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:41:05, on 31/08/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Video ActiveX Access\imsmain.exe C:\Program Files\Video ActiveX Access\iesmn.exe C:\Program Files\McAfee\MSK\MskAgent.exe C:\Program Files\SiteAdvisor\6066\SiteAdv.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe C:\Program Files\Video ActiveX Access\imsmn.exe C:\Program Files\Video ActiveX Access\iesmin.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\PROGRA~1\McAfee\MPS\mps.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\SiteAdvisor\6066\SAService.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\McAfee\MPS\mpsevh.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll O2 - BHO: (no name) - {47B83D78-F986-4E96-9769-2C55EF14DA0B} - C:\WINDOWS\system32\__c00EE882.dat (file missing) O2 - BHO: (no name) - {5DDE5591-A8AB-4897-93EF-1E4E943F85A7} - C:\Program Files\Video ActiveX Access\iesplg.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - c:\program files\mcafee\mps\mcpopup.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: Protection Bar - {F06E2ABE-3A50-4079-BE25-FC100D9EAA25} - C:\Program Files\Video ActiveX Access\iesbpl.dll O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O4 - HKLM\..\Policies\Explorer\Run: [rare] C:\Program Files\Video ActiveX Access\imsmain.exe O4 - HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Program Files\Video ActiveX Access\iesmn.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZNxpt233YYFR O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - E:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00CD129.dat O22 - SharedTaskScheduler: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - (no file) O22 - SharedTaskScheduler: barbican - {e0f691d7-01bf-4fed-926c-7368034a45e3} - (no file) O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe -- End of file - 9742 bytes

voila le rapport suite a la manip Beginning removal... Attempting to delete C:\WINDOWS\system32\__c00EE882.dat C:\WINDOWS\system32\__c00EE882.dat Has been deleted! Performing Repairs to the registry. Done! merci encore pour ta reactivité

re vundo fix ne trouve rien meme apres un reboot manuel du pc. je te colle quand meme le rapport ainsi que le nouveau rapport hijackthis. merci encore --------------------------------------------------- VundoFix V6.5.7 Checking Java version... Scan started at 14:15:26 31/08/2007 Listing files found while scanning.... No infected files were found. ------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:17:04, on 31/08/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Video ActiveX Access\imsmain.exe C:\Program Files\Video ActiveX Access\iesmn.exe C:\Program Files\McAfee\MSK\MskAgent.exe C:\Program Files\SiteAdvisor\6066\SiteAdv.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Video ActiveX Access\imsmn.exe C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe C:\Program Files\Video ActiveX Access\iesmin.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\PROGRA~1\McAfee\MPS\mps.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\SiteAdvisor\6066\SAService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\McAfee\MPS\mpsevh.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe E:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll O2 - BHO: (no name) - {47B83D78-F986-4E96-9769-2C55EF14DA0B} - C:\WINDOWS\system32\__c00EE882.dat O2 - BHO: (no name) - {5DDE5591-A8AB-4897-93EF-1E4E943F85A7} - C:\Program Files\Video ActiveX Access\iesplg.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - c:\program files\mcafee\mps\mcpopup.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: Protection Bar - {F06E2ABE-3A50-4079-BE25-FC100D9EAA25} - C:\Program Files\Video ActiveX Access\iesbpl.dll O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O4 - HKLM\..\Policies\Explorer\Run: [rare] C:\Program Files\Video ActiveX Access\imsmain.exe O4 - HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Program Files\Video ActiveX Access\iesmn.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZNxpt233YYFR O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - E:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00CD129.dat O22 - SharedTaskScheduler: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - (no file) O22 - SharedTaskScheduler: barbican - {e0f691d7-01bf-4fed-926c-7368034a45e3} - (no file) O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe -- End of file - 9782 bytes

re c ok j' ai telecharger la dll je l' ai mise dans systeme 32 merci . voici le rapport Hijackthis suivi de celui de smitfraud : --------------------------------------------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:51:31, on 31/08/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Video ActiveX Access\imsmain.exe C:\Program Files\Video ActiveX Access\iesmn.exe C:\Program Files\McAfee\MSK\MskAgent.exe C:\Program Files\SiteAdvisor\6066\SiteAdv.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Video ActiveX Access\imsmn.exe C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe C:\Program Files\Video ActiveX Access\iesmin.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\PROGRA~1\McAfee\MPS\mps.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\SiteAdvisor\6066\SAService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\McAfee\MPS\mpsevh.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll O2 - BHO: (no name) - {47B83D78-F986-4E96-9769-2C55EF14DA0B} - C:\WINDOWS\system32\__c00EE882.dat O2 - BHO: (no name) - {5DDE5591-A8AB-4897-93EF-1E4E943F85A7} - C:\Program Files\Video ActiveX Access\iesplg.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - c:\program files\mcafee\mps\mcpopup.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: Protection Bar - {F06E2ABE-3A50-4079-BE25-FC100D9EAA25} - C:\Program Files\Video ActiveX Access\iesbpl.dll O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKLM\..\Policies\Explorer\Run: [rare] C:\Program Files\Video ActiveX Access\imsmain.exe O4 - HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Program Files\Video ActiveX Access\iesmn.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZNxpt233YYFR O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - E:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00CD129.dat O22 - SharedTaskScheduler: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - (no file) O22 - SharedTaskScheduler: barbican - {e0f691d7-01bf-4fed-926c-7368034a45e3} - (no file) O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe -- End of file - 9700 bytes ------------------------------------------------------------------------------------------------------------------------------------------------------------- SmitFraudFix v2.218 Rapport fait à 13:53:39,29, 31/08/2007 Executé à partir de C:\Documents and Settings\Administrateur\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Video ActiveX Access\imsmain.exe C:\Program Files\Video ActiveX Access\iesmn.exe C:\Program Files\McAfee\MSK\MskAgent.exe C:\Program Files\SiteAdvisor\6066\SiteAdv.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Video ActiveX Access\imsmn.exe C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe C:\Program Files\Video ActiveX Access\iesmin.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\PROGRA~1\McAfee\MPS\mps.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\SiteAdvisor\6066\SAService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\McAfee\MPS\mpsevh.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe C:\WINDOWS\system32\cmd.exe C:\Program Files\Video ActiveX Access\iesmin.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer C:\DOCUME~1\ALLUSE~1\MENUDM~1\Online Security Guide.url PRESENT ! C:\DOCUME~1\ALLUSE~1\MENUDM~1\Security Troubleshooting.url PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1\Favoris C:\DOCUME~1\ADMINI~1\Favoris\Online Security Test.url PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files C:\Program Files\Video ActiveX Access\ PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{2016a466-91a2-43c6-97d8-2fd380f065ef}"="eitheror" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{e0f691d7-01bf-4fed-926c-7368034a45e3}"="barbican" »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\WINDOWS\\system32\\__c00CD129.dat" "LoadAppInit_DLLs"=dword:00000001 »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: 802.11g PCI Wireless Network Adapter #2 - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{9D7F0E64-8723-4103-B833-D11CFFFC09B6}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{3A752238-A61D-45DD-A2D4-753F994C76EB}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\..\{9D7F0E64-8723-4103-B833-D11CFFFC09B6}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin merci d' avance .

merci pour ta reponse et ton accueil !! malheureusement j' ai suivi ta demarche: Fais un clique droit sur ce lien: http://www.flyingmike32.freesurf.fr/fichiers/msvbvm60.dll puis choisis "enregistrer la cible sous". Enregistre ce fichier dans C:\Windows\system32\ et le probleme reste le meme, je suis toujours dans l' impossibilité d' installer hijackthis. ya t' il d' aprés toi une autre façon de proceder pour reinstaller cette dll ?

j' ai fait une detection ad-aware puis une detection avec mon antivirus mac afee qui ne m'a trouver, suite a la lecture du topic "pré nettoyage d' un pc infecté" j' ai tenter d' installer HIJACKTHIS mais quand je click sur l' icone un message d' erreur apparait: "cette application n' a pas pu démarrer car MSVBV60.DLL est introuvable; La reinstallation de cette application peut corriger ce problème". si quelqu' un a une idée !! merci d' avance

bonjour a tous, Voila depuis hier, j' ai des fenetres publicitaire intempestive qui s' ouvre quand je suis sur internet, au demarrage d' internet je me retrouve sur une page avec un message qui me dit : W32.Myzor.FK@YF is a virus that infect files with .exe extention. Et on me propose bien sur de telecharger des intivirus pour desinfecter le pc. Quelqu' un peut il m' aider !!!!!!!!