page internet qui s'ouvre

[bruce lee]

re,

 

je ne sais pa si vous avez besoin de tous sa mais bon dans le doute....

 

y a tout ce qu'il me faut dans le rapport

 

quel est l' etape suivante afinde ramner mon pc dans le droit chemin?

 

je te previens, la desinfection risque d'etre assez longue.

 

je regarde ton rapport, retour dans 20 minutes

[bruce lee]

re,

 

 

 

1/Télécharge http://www.ewido.net/en/download/ Ewido anti-spyware

 

Lance Ewido et clique sur le bouton Update (barre d'outils - au haut). Sous Manual Update clique Start update.

 

Tu verras ceci juste au bas, lorsque la mise à jour sera complétée : "Update successful"

 

Ferme Ewido. Ne pas le lancer tout de suite.

 

2/ telecharge Lspfix http://www.cexx.org/lspfix.htm

 

3/ telecharge http://securityresponse.symantec.com/avcen...ixWebHancer.exe

Quand tu vas enregistrer FixWebHancer.exe met le dans un répertoire dédié

(comme C:\Fixwebhancer)

 

 

4/demarre en mode sans echec http://www.sosordi.net/Faq/Faq.2.html

 

5/

demarrer/panneau de configuration/ajouts et suppresions de programmes et verifie la presence de:

 

webHancer

newdotnet

ToolBar888

 

si ces programmes sont presents desinstallent les.

 

 

6/fais:

demarer executer services.msc repere Command Service

 

Double clic dessus :dans le champs Statut du service met le sur arrêté

dans le champs Type de démarrage met le sur désactivé puis

Appliquer puis ok .

 

 

7/maintenant on supprimer le service:

 

demarrer/executer/ cmd

 

execute cette commande qui est en citation sans le mot citation:

 

sc delete cmdService

 

 

8/lance hijackthis en cliquant sur do a scan system only coche ces lignes:

 

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\fservice.exe

O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll

O2 - BHO: Internet Explorer Web Content Catcher - {FFF4E223-7019-4ce7-BE03-D7D3C8CCE884} - C:\Program Files\DNS\Catcher.dll

O4 - HKLM\..\Run: [winlog] winlog.exe

O4 - HKLM\..\Run: [p2p networking] p2pnetworking.exe

O4 - HKLM\..\Run: [webHancer Agent] "C:\Program Files\webHancer\Programs\whAgent.exe"

O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s

O4 - HKLM\..\RunServices: [winlog] winlog.exe

O4 - HKLM\..\RunServices: [p2p networking] p2pnetworking.exe

O4 - HKCU\..\Run: [DNS] C:\Program Files\Fichiers communs\mc-110-12-0000137.exe

O8 - Extra context menu item: &MyToolBar Search - res://C:\Program Files\ToolBar888\MyToolBar.dll/MENUSEARCH.HTM

O23 - Service: (cmdService) - Unknown owner - C:\WINDOWS\cGFyZW50\command.exe (file missing)

 

 

Ferme toutes les fenêtres ouvertes sauf Hijackthis et clique sur fix checked

 

 

9/pour supprimer les fichiers nefastes on va tous les afficher en faisant comme ceci:

 

Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :

Cocher la case : Afficher les fichiers et dossiers cachés

Décocher la case : Masquer les extensions des fichiers dont le type est connu

Décocher la case : Masquer les fichiers protégés du système d'exploitation

cliquer sur "Appliquer"

cliquer sur le bouton "Appliquer à tous les dossiers" / OK

 

10/supprime ce qui est en gras:

 

C:\WINDOWS\system32\ fservice.exe<== le fichier

C:\Program Files\Fichiers communs\ mc-110-12-0000137.exe<== le fichier

C:\Program Files\ webHancer<== tout le dossier

C:\Program Files\ newdotnet<== tout le dossier

C:\Program Files\ ToolBar888<== tout le dossier

C:\WINDOWS\ cGFyZW50<== tout le dossier

 

11/

demarrer,rechercher,clique sur tous les fichiers et tout les dossiers, clique sur les deux petites fleches a cotes de options avancées

et coche rechercher dans les fichiers et dossiers cachés.

 

recherche (demarrer/rechercher) et supprime ces fichiers si tu les trouvent:

 

winlog.exe

p2pnetworking.exe

 

 

12/Lance Fixwebhancer.exe et clique sur "Start". Laisse le scan se terminer.

 

 

13/ Utilise LSPFix en mode sans echec

* coche la case devant I know what I'm doing

* Fais passer dans remove tout ce qui a trait a new.net et a WebHancer et

surtout rien d'autres.

* Clique sur finish

 

 

14/ Du mode Sans Échec, lance Ewido et clique sur le bouton Scanner (de la barre d'outils) et ensuite clique sur Complete System Scan. Le scan prendra un certain temps, donc sois patient.

 

Ewido affichera une liste des fichiers détectés, sur la gauche. En fin de scan, l'outil appliquera les "Actions" à appliquer automatiquement. Clique sur le bouton Apply all actions. Ewido affichera "All actions have been applied" du côté droit.

 

Clique sur "Save Report", puis "Save Report As". Ceci génère un rapport en fichier texte. Assure-toi de le sauvegarder dans un endroit sûr (sur ton Bureau, par exemple).

 

 

15/redemarre en mode normal

 

 

16/poste le rapport d'ewido, ensuite le rapport de post le rapport de Fixwebhancer (copie le contenu du fichier texte généré dans le dossier

C:\fixwebhancer) et enfin un nouveau log hijackthis.

 

bon courage, et si tu as la moindre question n'hesite surtout pas

 

@+

[antoiner]

j' ai fait a peu pres tous mais j'ai eu quelque probleme et je n' ai pas pu suprimer tous ce que vous me demander.

 

---------------------------------------------------------

ewido anti-spyware - Scan Report

---------------------------------------------------------

 

+ Created at: 22:40:00 30/06/2006

 

+ Scan result:

 

 

 

C:\Program Files\180SearchAssistant -> Adware.180Solutions : Cleaned with backup (quarantined).

C:\Program Files\180SearchAssistant\180SA -> Adware.180Solutions : Cleaned with backup (quarantined).

C:\Program Files\180SearchAssistant\180SA\saap.log -> Adware.180Solutions : Cleaned with backup (quarantined).

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\saap -> Adware.180Solutions : Cleaned with backup (quarantined).

HKLM\SOFTWARE\saap -> Adware.180Solutions : Cleaned with backup (quarantined).

HKU\S-1-5-21-2750245646-3870813415-3996515622-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{56F1D444-11BF-4879-A12B-79CF0177F038} -> Adware.180Solutions : Cleaned with backup (quarantined).

HKU\S-1-5-21-2750245646-3870813415-3996515622-1007\Software\saap -> Adware.180Solutions : Cleaned with backup (quarantined).

C:\Documents and Settings\antoine\Local Settings\Temporary Internet Files\Content.IE5\GA1R8O9Z\AppWrap[1].exe -> Adware.AdURL : Cleaned with backup (quarantined).

C:\Documents and Settings\antoine\Local Settings\Temporary Internet Files\Content.IE5\WNXEWZC7\AppWrap[1].exe -> Adware.AdURL : Cleaned with backup (quarantined).

C:\WINDOWS\icont.exe -> Adware.AdURL : Cleaned with backup (quarantined).

C:\Documents and Settings\antoine\Local Settings\Temporary Internet Files\Content.IE5\MSGSN3N0\119[1].avi -> Adware.Agent : Cleaned with backup (quarantined).

C:\RECYCLER\S-1-5-21-2750245646-3870813415-3996515622-1007\Dc3\asappsrv.dll -> Adware.CommAd : Cleaned with backup (quarantined).

C:\WINDOWS\system32\MLSTDFMT.DLL -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\MVIMUSIC.DLL -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\cwnfmsp.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\dLtaclen.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\dawsockx.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\fpnu0359e.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\guard.tmp -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\hr8q05l5e.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\hrjq0515e.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\igign32.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\jtlq0735e.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\k2pm0c71ef.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\koddiv1.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\kvdmaori.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\l0p20a7oed.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\moiavi32.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\mol_qic.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\mqjetoledb40.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\mvltus40.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\mwxclu.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\ngrsfr.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\nhwdev.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\o2lu0c39ef.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\okbccp32.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\okethk32.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\p68q0gl5e6q.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\pyustab.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\rNsctrs.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\ryvpsp.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\sanscfg.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\shsinv.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\sincui.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\sodpsrv.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\soobject.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\svscrap.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\uenpui.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\xQctsrv.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\Documents and Settings\antoine\Mes documents\backups\backup-20060630-214131-452.dll -> Adware.Maxifiles : Cleaned with backup (quarantined).

C:\Program Files\DNS\cwebpage.dll -> Adware.Maxifiles : Cleaned with backup (quarantined).

C:\Program Files\Fichiers communs\services.exe -> Adware.Maxifiles : Cleaned with backup (quarantined).

C:\Program Files\NewDotNet -> Adware.NewDotNet : Cleaned with backup (quarantined).

C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Cleaned with backup (quarantined).

C:\Program Files\NewDotNet\readme.html -> Adware.NewDotNet : Cleaned with backup (quarantined).

C:\Program Files\NewDotNet\uninstall7_22.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).

C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).

HKU\S-1-5-21-2750245646-3870813415-3996515622-1007\Software\DNS -> Adware.Shorty : Cleaned with backup (quarantined).

HKU\S-1-5-21-2750245646-3870813415-3996515622-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFF4E223-7019-4CE7-BE03-D7D3C8CCE884} -> Adware.Shorty : Cleaned with backup (quarantined).

C:\Program Files\whInstall -> Adware.Webhancer : Cleaned with backup (quarantined).

C:\Program Files\whInstall\whAgent.inf -> Adware.Webhancer : Cleaned with backup (quarantined).

C:\Program Files\whInstall\whInstaller.ini -> Adware.Webhancer : Cleaned with backup (quarantined).

C:\RECYCLER\S-1-5-21-2750245646-3870813415-3996515622-1007\Dc2\Programs\webhdll.dll -> Adware.WebHancer : Cleaned with backup (quarantined).

C:\RECYCLER\S-1-5-21-2750245646-3870813415-3996515622-1007\Dc2\Programs\whinstaller.exe -> Adware.WebHancer : Cleaned with backup (quarantined).

HKLM\SOFTWARE\webHancer -> Adware.WebHancer : Cleaned with backup (quarantined).

HKLM\SOFTWARE\webHancer\CC -> Adware.WebHancer : Cleaned with backup (quarantined).

C:\Documents and Settings\antoine\Local Settings\Temporary Internet Files\Content.IE5\XO93WJHF\AppWrap[1].exe -> Adware.Zestyfind : Cleaned with backup (quarantined).

C:\Documents and Settings\parent\dr.0xe -> Downloader.Adload.bo : Cleaned with backup (quarantined).

C:\Documents and Settings\parent\Local Settings\Temporary Internet Files\Content.IE5\QROZAFYH\drsmartload[1].0xe -> Downloader.Adload.bv : Cleaned with backup (quarantined).

C:\Documents and Settings\parent\Local Settings\Temporary Internet Files\Content.IE5\IJCL690F\newname25[1].0xe -> Downloader.VB.abm : Cleaned with backup (quarantined).

C:\Documents and Settings\parent\Local Settings\Temporary Internet Files\Content.IE5\QROZAFYH\keyboard25[1].0xe -> Hijacker.StartPage.aju : Cleaned with backup (quarantined).

:mozilla.36:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.

:mozilla.37:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.

:mozilla.38:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.

:mozilla.39:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.

:mozilla.40:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.

:mozilla.271:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.41:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.42:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.43:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.64:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.

:mozilla.65:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.

C:\Documents and Settings\parent\Cookies\parent@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.

C:\Documents and Settings\antoine\Cookies\antoine@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned.

C:\Documents and Settings\parent\Cookies\parent@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.

C:\Documents and Settings\parent\Local Settings\Temp\Cookies\parent@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.

C:\Documents and Settings\antoine\Cookies\antoine@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.

C:\Documents and Settings\parent\Cookies\parent@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.

C:\Documents and Settings\parent\Local Settings\Temp\Cookies\parent@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.

:mozilla.295:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned.

:mozilla.125:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned.

:mozilla.48:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.

:mozilla.131:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Com : Cleaned.

:mozilla.132:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Com : Cleaned.

:mozilla.173:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.

:mozilla.174:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.

:mozilla.175:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.

C:\Documents and Settings\antoine\Cookies\antoine@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned.

C:\Documents and Settings\parent\Cookies\parent@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned.

:mozilla.18:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.

C:\Documents and Settings\antoine\Cookies\antoine@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.

C:\Documents and Settings\parent\Cookies\parent@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.

C:\Documents and Settings\parent\Local Settings\Temp\Cookies\parent@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.

:mozilla.165:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Estat : Cleaned.

C:\Documents and Settings\antoine\Cookies\antoine@estat[1].txt -> TrackingCookie.Estat : Cleaned.

:mozilla.50:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.

C:\Documents and Settings\antoine\Cookies\antoine@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.

C:\Documents and Settings\parent\Cookies\parent@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.

:mozilla.170:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Findwhat : Cleaned.

C:\Documents and Settings\parent\Cookies\parent@ivwbox[2].txt -> TrackingCookie.Ivwbox : Cleaned.

:mozilla.316:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.

:mozilla.317:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.

:mozilla.318:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.

:mozilla.319:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.

C:\Documents and Settings\parent\Cookies\parent@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.

:mozilla.341:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.

:mozilla.342:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.

:mozilla.290:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Overture : Cleaned.

:mozilla.30:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Overture : Cleaned.

:mozilla.31:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Overture : Cleaned.

:mozilla.57:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.

:mozilla.58:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.

:mozilla.59:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.

:mozilla.60:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.

C:\Documents and Settings\antoine\Cookies\antoine@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.

C:\Documents and Settings\parent\Cookies\parent@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.

C:\Documents and Settings\parent\Local Settings\Temp\Cookies\parent@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.

C:\Documents and Settings\parent\Cookies\parent@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned.

C:\Documents and Settings\parent\Local Settings\Temp\Cookies\parent@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.

:mozilla.306:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.

:mozilla.22:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.23:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.24:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.25:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.26:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

C:\Documents and Settings\antoine\Cookies\antoine@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.

C:\Documents and Settings\parent\Cookies\parent@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.

C:\Documents and Settings\parent\Cookies\parent@www.sidefind[2].txt -> TrackingCookie.Sidefind : Cleaned.

:mozilla.103:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.

:mozilla.197:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.

:mozilla.198:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.

:mozilla.234:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.

:mozilla.235:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.

:mozilla.11:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.

:mozilla.12:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.

:mozilla.13:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.

:mozilla.14:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.

C:\Documents and Settings\antoine\Cookies\antoine@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned.

C:\Documents and Settings\parent\Cookies\parent@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.

C:\Documents and Settings\parent\Local Settings\Temp\Cookies\parent@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.

:mozilla.343:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.

:mozilla.344:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.

:mozilla.345:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.

C:\Documents and Settings\antoine\Cookies\antoine@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.

:mozilla.360:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.

:mozilla.361:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.

:mozilla.362:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.

:mozilla.363:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.

C:\Documents and Settings\antoine\Cookies\antoine@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.

C:\Documents and Settings\parent\Local Settings\Temp\Cookies\parent@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.

:mozilla.364:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.

:mozilla.365:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.

:mozilla.366:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.

:mozilla.370:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.

:mozilla.397:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.

:mozilla.398:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.

:mozilla.399:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.

:mozilla.10:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.

:mozilla.15:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.

:mozilla.16:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.

:mozilla.9:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.

C:\Documents and Settings\antoine\Cookies\antoine@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.

C:\Documents and Settings\parent\Cookies\parent@weborama[1].txt -> TrackingCookie.Weborama : Cleaned.

C:\Documents and Settings\parent\Local Settings\Temp\Cookies\parent@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.

:mozilla.19:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.

:mozilla.20:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.

:mozilla.21:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.

C:\Documents and Settings\parent\Cookies\parent@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.

C:\Documents and Settings\parent\Local Settings\Temp\Cookies\parent@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.

:mozilla.490:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.

:mozilla.491:C:\Documents and Settings\antoine\Application Data\Mozilla\Firefox\Profiles\vvl9y64f.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.

C:\Documents and Settings\antoine\Cookies\antoine@zedo[1].txt -> TrackingCookie.Zedo : Cleaned.

 

 

::Report end

 

 

voila le fixwebhancer:

 

Symantec Spyware.WebHancer Removal Tool 1.0.2

 

Spyware.WebHancer has not been found on your computer.

 

 

 

 

 

 

et le hijackthis:

 

 

Logfile of HijackThis v1.99.1

Scan saved at 22:50:16, on 30/06/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\brsvc01a.exe

C:\WINDOWS\system32\brss01a.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\acer\Acer eConsole\MediaServerService.exe

C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe

C:\Program Files\Acer\eRecovery\Monitor.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\Acer\Acer eMode Management\AspireService.exe

C:\Program Files\Acer\Acer eConsole\MediaSync.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\MessengerPlus! 3\MsgPlus.exe

C:\Program Files\Scansoft\PaperPort\pptd40nt.exe

C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE

C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\ewido anti-spyware 4.0\ewido.exe

C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE

C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe

C:\WINDOWS\system32\Brmfrmps.exe

C:\Program Files\Securitoo\Av_Fw\backweb\8520111\Program\fspex.exe

C:\WINDOWS\system32\CTsvcCDA.EXE

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\ewido anti-spyware 4.0\guard.exe

C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe

C:\Program Files\Securitoo\Av_Fw\Anti-Virus\FSGK32.EXE

C:\Program Files\Securitoo\Av_Fw\backweb\8520111\program\fsbwsys.exe

C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE

C:\Program Files\Securitoo\Av_Fw\Common\FSMB32.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe

C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fssm32.exe

C:\Program Files\Securitoo\Av_Fw\Common\FCH32.EXE

C:\Program Files\Securitoo\Av_Fw\Common\FAMEH32.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Inventel\Gateway\wlancfg.exe

C:\PROGRA~1\INCRED~1\bin\IMApp.exe

C:\WINDOWS\system32\BRMFRSMG.EXE

C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe

C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsav32.exe

C:\Program Files\Securitoo\Av_Fw\FSGUI\fsguiexe.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Microsoft Office\Office\WINWORD.EXE

C:\Documents and Settings\antoine\Mes documents\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [LaunchApp] Alaunch

O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"

O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe

O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe

O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe

O4 - HKLM\..\Run: [indexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe

O4 - HKLM\..\Run: [setDefPrt] C:\Program Files\Brother\Brmfl03a\BrStDvPt.exe

O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\Av_Fw\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW

O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Securitoo\Av_Fw\FSGUI\FSSW.EXE" /reboot

O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI

O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c

O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe

O4 - Startup: RegFreeze.lnk = C:\Program Files\RegFreeze\regfreeze.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: SmartUI.lnk = ?

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab

O18 - Protocol: marge - {4FEC9AA5-E7A9-42BB-B715-B26161FEEE39} - C:\Isamgwp\IsaMgwIE.ocx

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Securitoo Antivirus Firewall (BackWeb Plug-in - 8520111) - Unknown owner - C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE

O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE

O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe

O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe

O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\Av_Fw\backweb\8520111\program\fsbwsys.exe

O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe

O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

 

 

 

voila merci de me dire quoi faire sachant que je n' ai pas pu suprimer

 

C:\WINDOWS\system32\ fservice.exe<== le fichier

C:\Program Files\ ToolBar888<== tout le dossier

winlog.exe

p2pnetworking.exe

[bruce lee]

Bonjour,

 

ton rapport est propre, beau travail

 

voila merci de me dire quoi faire sachant que je n' ai pas pu suprimer

 

C:\WINDOWS\system32\ fservice.exe<== le fichier

C:\Program Files\ ToolBar888<== tout le dossier

winlog.exe

p2pnetworking.exe

 

Que veux tu dire? tu as trouvé les dossiers/fichiers mais tu n'as pas pu les supprimer? ou tu n'

as pas trouver les dossiers/fichers?

 

@+

[antoiner]

pour C:\Program Files\ ToolBar888<== tout le dossier

je ne peut pas le suprimer et je n'avias pas trouvé O8 - Extra context menu item: &MyToolBar Search - res://C:\Program Files\ToolBar888\MyToolBar.dll/MENUSEARCH.HTM dans le rapport hijackthis.

Et pour les autres je ne les trouve pas!!!

 

Mon pc est donc clean maintenant?

Merci bcp de votre aide efficace.

[antoiner]

???????????????????????????????????????????????????????????????????????????????????

[bruce lee]

Bonjour,

 

-Télécharge la dernière version de Killbox ici=>

 

http://www.downloads.subratam.org/KillBox.zip

 

-Redémarre en mode sans échec pour ne pas être gêné par un résident.

 

-Lance Pocketkillbox,choisis l'option Delete on reboot

 

Copie le chemin de fichier entier, en gras ci-bas, et colle le dans la boîte Full Path of File to Delete :

 

C:\Program Files\ToolBar888

 

-Cliquer sur la croix blanche sur fond rouge:

 

« File will be Deleted on Next Reboot » répondre OUI

« File will be Removed on Reboot, Do you want to reboot now ? » répondre OUI

 

rend toi ensuite ici:

 

C:\ !KillBox

 

ouvre le dossier !KillBox dedans il y a un fichier texte, copie tout son contenu.

 

@+

[antoiner]

voila:

 

 

Pocket Killbox version 2.0.0.648

Running on Windows XP as antoine(Administrator)

was started @ dimanche, juillet 02, 2006, 2:25 PM

 

# 1 [Delete on Reboot]

Path = C:\Program Files\ToolBar888

 

 

PendingFileRenameOperations Registry Data has been Removed by External Process! @ 2:25:53 PM

# 2 [Delete on Reboot]

Path = C:\Program Files\ToolBar888

 

 

Killbox Closed(Exit) @ 2:26:39 PM

__________________________________________________

[bruce lee]

re,

 

apparemment killbox l'a supprimé, verifie quand meme que le dossier n'y est plus

 

Fais un scan en ligne avec http://webscanner.kaspersky.fr/

 

Sous Démonstration en ligne , on t'explique la marche à suivre , et pour lancer le scan il faut sélectionner Exécuter l'analyse en ligne .Le scan ne marche que sous Internet Explorer.

On va te demander de télécharger un contôle active x, accepte .

Dans le menu Choisissez la cible de l'analyse , sélectionne Poste de travail .

Le scan va commencer.Poste le rapport qui sera généré stp.

 

Si il y a un problème, assure toi que les contrôles active x sont bien configurés dans les options internet comme

 

décrit sur ce lien=> http://www.inoculer.com/activex.php3

[antoiner]

Il n ya plus le dossier dans program file mais je n' arive pas a lancer le scan pourtant j' ai fais exactement comme vous l' avez dit!!!!!