[virus?] non reconnu par antivir spybot etc..

Résolu
vanessa -  
 Utilisateur anonyme -
Bonjour, j'ai un virus ou spyware ou himachin ou autre trucware, qui a pour effet de rajouter des liens hypertextes sur pleins de mots dans les pages web que je visite. Ces liens menent vers des sites pubicitaires (direct assurance par exemple).
Il n'est pas reconnu par antivir ni ad-aware ni spybot .
Ci dessous ma log,
Je vois que j'ai des trucs bizarres sur yahoo chat.
Merci d'avance pour vos reponses, là je vais au travail , je ne verrais pas vos messages avant 20heures ce soir.

Logfile of HijackThis v1.99.1
Scan saved at 08:02:24, on 04/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\carpserv.exe
C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\??anregw.exe
C:\Program Files\toud\cuwe.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\Nouveau dossier\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.my.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.tiscali.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [Desktop Zoom] C:\Program Files\HPQ\Desktop Zoom\hpwinadj.exe -s
O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [TV Now] C:\Program Files\HPQ\Notebook Utilities\TvNow.exe /RK
O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [MSN Service] amsnmsgrs.exe
O4 - HKLM\..\Run: [Microsoft uptime Service] sysuptime.exe
O4 - HKLM\..\Run: [Logitechs] Logitechs.exe
O4 - HKLM\..\Run: [SYSTRAY] C:\UNMT.EXE
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [Compaq32 Service Drivers] ms32.exe
O4 - HKLM\..\Run: [MS UniX] navupdate64.exe
O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunServices: [MSN Service] amsnmsgrs.exe
O4 - HKLM\..\RunServices: [Microsoft uptime Service] sysuptime.exe
O4 - HKLM\..\RunServices: [Logitechs] Logitechs.exe
O4 - HKLM\..\RunServices: [Compaq32 Service Drivers] ms32.exe
O4 - HKLM\..\RunServices: [MS UniX] navupdate64.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Microsoft uptime Service] sysuptime.exe
O4 - HKCU\..\Run: [MSN Service] amsnmsgrs.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Dxc] C:\WINDOWS\System32\??anregw.exe
O4 - HKCU\..\Run: [Compaq32 Service Drivers] ms32.exe
O4 - HKCU\..\Run: [MS UniX] navupdate64.exe
O4 - HKCU\..\Run: [Heth] "C:\Program Files\toud\cuwe.exe" -vt ndrv
O4 - HKCU\..\RunServices: [Compaq32 Service Drivers] ms32.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msvrl.dll
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAccessVerisign/ie/bridge-c11.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: {5054F860-748D-4840-B7B4-DDDB428421AF} - http://ip.sponsoradulto.com/cab/4/fr/phoneaccess.cab
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1131054718876
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005102501/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.gpcservices.com/scan/Msie/bitdefender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0A963721-6A80-479D-9520-B5FCDBA3D90C}: NameServer = 213.36.80.1 213.36.80.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0A963721-6A80-479D-9520-B5FCDBA3D90C}: NameServer = 213.36.80.1 213.36.80.1
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: Navigation étendue et définition (Connexion dictionnaire) - Unknown owner - C:\WINDOWS\System32\Weather.exe (file missing)
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: AntiVir Update Temp (TmpUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMP\_VWUPSRV.EXE
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Configuration: windows XP

7 réponses

  1. Utilisateur anonyme
     
    Bonjour,

    Méthode à suivre dans l'ordre...
    ----------------------------------------------------------------------------
    ¤Télécharge ces logiciels mais que tu n‘utilises pas tout de suite:

    1/

    Spybot S&D 1.4 <<nouvelle version.
    http://www.safer-networking.org/fr/index.html

    Démo d’utilisation (merci à Balltrap34 pour cette réalisation).
    http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

    2/

    Ad-Aware SE 1.06 <<nouvelle version.
    http://www.lavasoftusa.com/software/adaware/
    -Une aide:
    http://www.tutopat.com/viewtopic.php?t=1191
    - installe le patch français, tu pourras le trouver ici:
    http://download.lavasoft.de.edgesuite.net/public/pllangs.exe
    et une petite vidéo d'utilisation ici:(merci à Moe31 pour cette réalisation).
    http://pageperso.aol.fr/balltrap34/adawrevid.asf

    5/

    Pour LspFix :
    http://translate.google.com/translate?hl=fr&sl=en&u=http://www.cexx.org/lspfix.htm&prev=/search%3Fq%3Dlspfix%26num%3D100%26hl%3Dfr%26lr%3D%26ie%3DUTF-8
    http://www.cexx.org/LSPFix.exe

    Tu le lances.
    Tu coches "I know what I'm doing"
    Tu fais passer dans "remove" tout ce qui a trait à ‘msvrl.dll '
    Et surtout rien d'autre!
    Tu cliques « finish ».

    ----------------------------------------------------------------------------
    ¤Désactive ta restauration système (uniquement si tu es sous XP):
    Clic droit sur poste de travail puis,
    propriété, tu cliques sur onglet restauration système
    tu coches la case « désactiver la restauration » et applique.
    ----------------------------------------------------------------------------
    ¤Affiche tous les fichiers et dossiers :
    Clique sur démarrer/panneau de configuration/outil/option des dossiers/affichage

    Coche « afficher les fichiers et dossiers cachés »

    Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"

    Décoche « masquer les extensions dont le type est connu »
    Puis fais «Ok» pour valider les changements.

    Et appliquer !
    ----------------------------------------------------------------------------
    ¤Vide tes fichiers temps et temporary internet file:

    :: Supprimer les fichiers temporaires ::
    vider tout le contenu de ces dossiers.

    * C:\Documents and Settings\ton compte\Local Settings\Temp
    * C:\Documents and Settings\tous les autres comptes\Local Settings\Temp
    * C:\Windows\Temp

    :: Le contenu du dossier prefetch ::

    * C:\WINDOWS\Prefetch <= sauf le fichier layout.ini

    * Ne pas oublier de vider la corbeille !
    ----------------------------------------------------------------------------
    ¤Relance HijackThis, coche les cases devant ces lignes et ensuite clique sur fix checked :

    O4 - HKLM\..\Run: [MSN Service] amsnmsgrs.exe

    O4 - HKLM\..\Run: [Microsoft uptime Service] sysuptime.exe

    O4 - HKLM\..\Run: [Logitechs] Logitechs.exe

    O4 - HKLM\..\Run: [SYSTRAY] C:\UNMT.EXE

    O4 - HKLM\..\Run: [Compaq32 Service Drivers] ms32.exe

    O4 - HKLM\..\Run: [MS UniX] navupdate64.exe

    O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe

    O4 - HKLM\..\RunServices: [MSN Service] amsnmsgrs.exe

    O4 - HKLM\..\RunServices: [Microsoft uptime Service] sysuptime.exe

    O4 - HKLM\..\RunServices: [Logitechs] Logitechs.exe

    O4 - HKLM\..\RunServices: [Compaq32 Service Drivers] ms32.exe

    O4 - HKLM\..\RunServices: [MS UniX] navupdate64.exe

    O4 - HKCU\..\Run: [Microsoft uptime Service] sysuptime.exe

    O4 - HKCU\..\Run: [MSN Service] amsnmsgrs.exe

    O4 - HKCU\..\Run: [Dxc] C:\WINDOWS\System32\??anregw.exe

    O4 - HKCU\..\Run: [Compaq32 Service Drivers] ms32.exe

    O4 - HKCU\..\Run: [MS UniX] navupdate64.exe

    O4 - HKCU\..\Run: [Heth] "C:\Program Files\toud\cuwe.exe" -vt ndrv

    O4 - HKCU\..\RunServices: [Compaq32 Service Drivers] ms32.exe

    O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAccessVerisign/ie/bridge-c11.cab

    O16 - DPF: {5054F860-748D-4840-B7B4-DDDB428421AF} - http://ip.sponsoradulto.com/cab/4/fr/phoneaccess.cab

    O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.cab

    ----------------------------------------------------------------------------
    ¤Démarre en mode sans échec :
    Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
    Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
    Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
    (Si F8 ne marche pas utilise la touche F5).
    ----------------------------------------------------------------------------
    ¤Recherche et supprime ceci:
    attention seulement les fichiers (si présents).

    C:\UNMT.EXE
    C:\Program Files\Media Access\
    Logitechs.exe
    sysuptime.exe
    amsnmsgrs.exe
    C:\WINDOWS\System32\??anregw.exe
    navupdate64.exe
    C:\Program Files\toud\
    ms32.exe

    ----------------------------------------------------------------------------
    ¤ Passe Ad-Aware et supprime tout ce qu’il trouve + supprime les quarantaines…
    ----------------------------------------------------------------------------
    ¤ Passe Spybot et corrige tout ce qu’il trouve + vaccine + supprime les quarantaines…
    ----------------------------------------------------------------------------
    ¤ Vide ta Corbeille.
    ----------------------------------------------------------------------------
    ¤ Redémarre en mode normal, relance Hijackthis et copie/colle un nouveau rapport sur le forum.

    Précise tes soucis s’il en reste....

    Tiens-moi au courant

    A+

    et Rend toi sur ce site :
    http://www.virustotal.com/xhtml/virustotal_en.html
    Clik sur parcourir
    Recherche ceci :
    C:\WINDOWS\System32\Weather.exe
    Clik send et colle le rapport stp
    A+
    0
  2. vanessa
     
    OHHH merci, ça a marché , tu es un dieu !!!

    le truc sur virus total ca n'a pas l'air d'avoir marché
    File size can't be more than 10 Megabytes.
    You can't try compressing it.
    Thanks you.

    << Go back
    mais weather.exe , c'est un pgm installé par un virus d'avant qui mettait plein de truc "friends" (une barre d'outil, des liens, une image moche derièrre les barres d'outil). Ca mettait une icone meteo.
    Un coup d'antivir, qui avait trouvé 2 trucs , j'ai supposé que l'un d'eux etait friend. Weather etait resté , je l'avais supprimé par l'outil de supression de programmes du panneau de configuration.

    Voici ma log (toute propre !!)
    Logfile of HijackThis v1.99.1
    Scan saved at 20:42:19, on 04/11/2005
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\AVPersonal\AVGUARD.EXE
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\Program Files\AVPersonal\AVWUPSRV.EXE
    C:\WINDOWS\system32\HPConfig.exe
    C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\System32\carpserv.exe
    C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
    C:\Program Files\AVPersonal\AVGNT.EXE
    C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Documents and Settings\Propriétaire\Bureau\Nouveau dossier\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.my.yahoo.com/
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [CARPService] carpserv.exe
    O4 - HKLM\..\Run: [Desktop Zoom] C:\Program Files\HPQ\Desktop Zoom\hpwinadj.exe -s
    O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
    O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
    O4 - HKLM\..\Run: [TV Now] C:\Program Files\HPQ\Notebook Utilities\TvNow.exe /RK
    O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
    O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
    O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1131054718876
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005102501/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.gpcservices.com/scan/Msie/bitdefender.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
    O23 - Service: Navigation étendue et définition (Connexion dictionnaire) - Unknown owner - C:\WINDOWS\System32\Weather.exe (file missing)
    O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
    O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: AntiVir Update Temp (TmpUpSrv) - Unknown owner - C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMP\_VWUPSRV.EXE (file missing)
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    0
  3. Utilisateur anonyme
     
    coucou
    un DIEU, oui oui je sais lol

    avec antivir, clik droit sur cela et scan et donne moi le rapport stp
    C:\WINDOWS\System32\Weather.exe

    a+
    0
  4. vanessa
     
    ce fichier n'existe pas

    J'ai fait un scan antivir complet, sur tout le disque, il n'a rien detecté.
    Ya quelques warning dans la log, Je vais pas te la coller ici entierement , c'est beaucoup plus gros qu'une log hijack. Sinon, je pourrais te l'envoyer par mail ?
    Ca va pas encombrer le site ici, a force de tous coller des logs ?
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    salut vanessa,
    oulalala le site tu peux coller n importe quel rapport, article, ou resumé...
    Il n y a aucuns soucis pour cela, tu peux le mettre ici

    a+
    0
    1. vanessa
       
      bon , ben j'envoie alors
      (en même temps, je crois que tout va bien maintenant)

      Creation date of the report file: samedi 5 novembre 2005 10:14

      AntiVir®/XP (2000 + NT) PersonalEdition Classic
      Build 1111 of 18.10.2005
      Mainprogram 6.32.00.50 of 13.10.2005
      VDF file 6.32.11.9 (0) of 31.10.2005


      This program is for PERSONAL USE only.
      Any other use is PROHIBITED.
      Informations regarding commercial versions of AntiVir may be obtained from:
      www.hbedv.com.


      Scanning for 239758 virus strains and unwanted programs.

      Licensed for: AntiVir Personal Edition
      Serial number: 0000149996-WURGE-0001

      Please enter the workstation and
      contact name with phone number in this form:

      Name ___________________________________________

      Street ___________________________________________

      Town ___________________________________________

      Phone/Fax ___________________________________________

      Email ___________________________________________

      Platform: Windows NT Workstation
      Windows version: 5.1 Build 2600 (Service Pack 1)
      Username: Propriétaire
      Computername: VANESSA
      Processor: Pentium
      Working memory: 195056 KB free

      Version information:
      AVWIN.DLL : 6.32.00.50 561192 13.10.2005 16:32:14
      AVEWIN32.DLL : 6.32.0.57 954880 14.10.2005 15:08:24
      AVGNT.EXE : 6.32.00.02 180327 14.10.2005 12:32:02
      AVGUARD.EXE : 6.32.00.12 208424 17.10.2005 08:35:12
      GUARDMSG.DLL : 6.30.00.02 94248 01.02.2005 09:24:10
      AVGCMSG.DLL : 6.32.00.01 295029 13.10.2005 16:32:14
      AVGNTDW.SYS : 6.31.00.01 32896 07.06.2005 10:34:48
      AVPACK32.DLL : 6.32.00.02 319528 18.10.2005 11:57:30
      AVGETVER.DLL : 6.30.00.00 24576 28.01.2005 16:10:20
      AVSHLEXT.DLL : 6.30.00.01 40960 28.01.2005 16:10:22
      AVSched32.EXE : 6.32.00.01 110632 20.09.2005 14:16:24
      AVSched32.DLL : 6.30.00.00 122880 01.02.2005 09:24:10
      AVREG.DLL : 6.31.00.05 41000 07.09.2005 16:34:50
      AVRep.DLL : 6.32.00.120 1454120 01.11.2005 11:43:58
      INETUPD.EXE : 6.32.00.52 262203 17.10.2005 15:46:14
      INETUPD.DLL : 6.32.00.52 143360 17.10.2005 15:46:14
      CTL3D32.DLL : 2.31.000 27136 30.08.2002 03:00:00
      MFC42.DLL : 6.00.8665.0 995383 30.08.2002 03:00:00
      MSVCRT.DLL : 7.0.2600.1106 (xpsp1.020828-1920
      MSVCRT.DLL : 7.0.2600.1106 323072 30.08.2002 03:00:00
      CTL3DV2.DLL : No information

      Configuration file:

      Name of configuration file: C:\Program Files\AVPersonal\AVWIN.INI
      Name of report file: C:\Program Files\AVPersonal\LOGFILES\AVWIN.LOG
      Start path: C:\Program Files\AVPersonal
      Command line:
      Start mode: unknown

      Mode of report file:
      [ ] Do not create report
      [X] Overwrite report
      [ ] Append new report

      Data in report file:
      [X] Infected files
      [ ] Infected files with paths
      [ ] All scanned files
      [ ] Full information

      Abridge report file:
      [ ] Abridge report file

      Warnings in report:
      [X] Access denied/file locked
      [X] Wrong file size in directory
      [X] Wrong creation time in directory
      [ ] COM file is too large
      [X] Invalid start address
      [X] Invalid EXE header
      [X] Possibly damaged

      Summary report:
      [X] Create summary report
      Output file: AVWIN.ACT
      Maximum number of entries: 100

      Where to search:
      [X] Memory
      [X] Boot record of selected drives
      [ ] Report unknown boot sectors
      [ ] All files
      [X] Program files
      Extensions: .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP

      Response in case of a detection:
      [X] Repair with prompt
      [ ] Repair without prompt
      [ ] Delete with prompt
      [ ] Delete without prompt
      [ ] Write in report file only
      [X] Acoustic alarm

      Response in case of destroyed files:
      [X] Delete with prompt
      [ ] Delete without prompt
      [ ] Ignore

      Response in case of destroyed files:
      [X] No change
      [ ] Current system time
      [ ] Correct date

      Drag&drop settings:
      [X] Scan subdirectories

      Profile settings:
      [X] Scan subdirectories

      Archive options
      [X] Search archive
      [X] All archive types

      Miscellaneous options:
      Temporary path: %TEMP% -> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
      [X] Overwrite infected files
      [ ] Detect idle time
      [X] Allow interruptions of scan
      [X] Load AVWin®/NT Guard on System start

      General settings:
      [X] Save options on exiting AntiVir
      Priority: medium

      Drives:
      A: Floppy drive
      C: Hard disk
      D: CD-ROM

      Start of scan: samedi 5 novembre 2005 10:14

      Memory test OK
      Master boot record of hard disk HD0 OK
      Boot record of drive C: OK


      Access denied! Error during file opening!
      Error code: 0x0002
      C:\

      WARNING! Access error/file locked!
      Access denied! Error during file opening!
      Error code: 0x0002

      WARNING! Access error/file locked!
      C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery
      AlexaRelated.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      CoolWWWSearch.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      CoolWWWSearch1.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      CoolWWWSearch2.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      CoolWWWSearchToolband.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      CoolWWWSearchToolband1.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      CoolWWWSearchToolband2.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      CoolWWWSearchToolband3.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      CoolWWWSearchToolband4.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      CoolWWWSearchToolband5.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      CoolWWWSearchToolband6.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit1.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit10.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit11.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit12.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit13.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit14.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit15.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit16.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit17.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit18.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit19.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit2.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit20.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit21.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit3.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit4.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit5.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit6.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit7.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit8.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DSOExploit9.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DyFuCA.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DyFuCAInternetOptimizer.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      DyFuCAInternetOptimizer1.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DyFuCAInternetOptimizer2.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DyFuCAInternetOptimizer3.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      DyFuCAInternetOptimizer4.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DyFuCAInternetOptimizer5.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DyFuCAInternetOptimizer6.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      DyFuCAInternetOptimizer7.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      EffectiveBandToolbar.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ExactAdvertisingBargainsBuddy.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ExactAdvertisingBargainsBuddy1.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ExactAdvertisingBargainsBuddy2.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ExactAdvertisingBargainsBuddy3.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ExactAdvertisingBargainsBuddy4.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ExactAdvertisingBargainsBuddy5.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ExactAdvertisingBargainsBuddy6.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ExactAdvertisingBargainsBuddy7.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ISearchTechISTactiveX.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ISearchTechISTactiveX1.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ISearchTechISTbar.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ISearchTechISTbar1.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ISearchTechISTbar2.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ISearchTechISTbar3.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ISearchTechISTbar4.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ISearchTechISTbar5.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ISearchTechPowerScan.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ISearchTechPowerScan1.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ISearchTechSideFind.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      ISearchTechSideFind1.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ISearchTechSideFind2.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ISearchTechSideFind3.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ISearchTechSideFind4.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      ISearchTechSideFind5.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ISearchTechSideFind6.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ISearchTechSideFind7.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ISearchTechSideFind8.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ISTbarSlotch.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      Laypros.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      LSA.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      LSA1.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      LSA10.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      LSA11.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      LSA12.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      LSA13.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      LSA14.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      LSA15.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      LSA16.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      LSA17.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      LSA2.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      LSA3.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      LSA4.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      LSA5.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      LSA6.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      LSA7.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      LSA8.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      LSA9.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      MediaTickets.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      MediaTickets1.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      MediaTickets2.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      nCase.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      nCase1.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ShopAtHome.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ShopAtHome1.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      ShopAtHome2.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      ShopAtHome3.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      SmitfraudC.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      SmitfraudC1.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      SYSWEBTELECOM.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      SYSWEBTELECOM1.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      SYSWEBTELECOM2.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      SYSWEBTELECOM3.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      SYSWEBTELECOM4.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      SYSWEBTELECOM5.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      SYSWEBTELECOM6.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      TIBS.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      WindowsAdTools.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      WinHwbot.zip
      ArchiveType: ZIP
      NOTE! The whole archive is password protected
      WinHwbot1.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      C:\Documents and Settings\Propriétaire\Mes documents
      Ma musique.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      Error! Could not change directory: System Volume Information
      C:\WINDOWS\Internet Logs
      vsmon_2nd_2005_09_26_21_42_17.dmp.zip
      ArchiveType: ZIP
      NOTE! No files to extract.
      C:\WINDOWS\SoftwareDistribution\EventCache
      {96C73B6A-D3AC-4A72-AA40-E00EB4DEA002}.bin
      Access denied! Error during file opening!
      Error code: 0x000D
      WARNING! Access error/file locked!
      C:\WINDOWS\system32\config
      default
      Access denied! Error during file opening!
      Error code: 0x000D
      WARNING! Access error/file locked!
      SAM
      Access denied! Error during file opening!
      Error code: 0x000D
      WARNING! Access error/file locked!
      SECURITY
      Access denied! Error during file opening!
      Error code: 0x000D
      WARNING! Access error/file locked!
      software
      Access denied! Error during file opening!
      Error code: 0x000D
      WARNING! Access error/file locked!
      system
      Access denied! Error during file opening!
      Error code: 0x000D
      WARNING! Access error/file locked!
      C:\WINDOWS\Temp
      ZLT05ee4.TMP
      Access denied! Error during file opening!
      Error code: 0x000D
      WARNING! Access error/file locked!

      End of scan: samedi 5 novembre 2005 11:03
      Time taken: 49:43 min


      3130 directories were scanned
      94036 files were scanned
      9 warning messages were issued
      0 files were deleted
      0 files were repaired
      0 detections
      0
  7. bernie61
     
    salut
    dans l'attente de notre bon Régis

    Répertoire à effacer C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery

    a+
    0
  8. Utilisateur anonyme
     
    salut bernie,
    ca va?
    Spybot - Search & Destroy\Recovery <--- c est pas les sauvegardes de spybot?

    Vanessa, peux tu lancer spybot, aller dans sauvegarde et me dire si tu as alexa qui s y trouve stp

    a+(merci bernie ^^)
    0