Sujet Précédent Sujet Suivant

Aide pour lire mon log hijacthis

Résolu
ricky0227 Messages postés 11 Statut Membre -  
 salwa -
Bonjour mon antivirus (avast) trouve toujours les même trojan, mais il est incaplabe de les supprimer et j'ai toujours des fenêtre qui s'ouvre lorsque je suis sur le net (winantispyware etc..)

Les tojan que avast touve sont : win32:Agent-CJJ et Win32:Dialer-759

Merci à l'avance !

voici mon log hijacthis :

Logfile of HijackThis v1.99.1
Scan saved at 13:17:22, on 2006-11-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\{344B236C-07D4-1033-0210-061019050002}\Update.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lapresse.ca
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe (file missing)
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
A voir également:

15 réponses

Réponse 1 / 15
salwa
 
bonjour peu tu nous dire l'emplacement exacte des virus?

pour les fenetre de pub passe un coup d'antispyware

pense a les mettre a jour avant de les lancées
(1) ad-aware version 1.06

(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo
http://pageperso.aol.fr/balltrap34/adwseflash.zip
***
(2) spybot version 1.4

(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite

voir demo d utilisation
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
***

ps : un grand merci a balltrap pour les lien

(3) Edwido
http://download.ewido.net/ewido-setup.exe
Pendant l'installation, sur la page "Additional Options", décoche les deux options "Install background guard" et "Install scan via context menu Ewido Security Suite. Clique sur mise à jour.

Clique sur scanner puis sur scan complet du système.

@++
0
Réponse 2 / 15
ricky0227 Messages postés 11 Statut Membre
 
Voici l'emplacement que avast me donne:

c:\windows\temp\win9E.tmp
c:\windows\temp\winBB.tmp
c:\windows\temp\winC0.tmp

Pour ce qui est de anti-spyware, j'ai déjà fait le ménage avec spy-bot search and destriy et ad-ware mais le problème ce poursuit...
et maintenant, environ au 15 minute avast m'avertie qu'il a trouvé ces trojant et internet explorer me dit qu'il doit fermer car il s'est produit une erreur...

merci de votre aide!
0
salwa
 
ok telecharge et execute ccleaner ensuite colle le raport ici

https://www.malekal.com/tutoriel-ccleaner/

@++++
0
ricky0227 Messages postés 11 Statut Membre
 
v oivi le log ccleaner :

ANALYSIS COMPLETE - (24,655 secs)
------------------------------------------------------------------------------------------
9,30MB to be removed. (Approximate size)
------------------------------------------------------------------------------------------

Details of files to be deleted (Note: No files have been deleted yet)
------------------------------------------------------------------------------------------
IE Temporary Internet Files (1381 files) 7,33MB
C:\Documents and Settings\Owner\Cookies\owner@202.67.220[2].txt 235 bytes
C:\Documents and Settings\Owner\Cookies\owner@202.67.220[3].txt 428 bytes
C:\Documents and Settings\Owner\Cookies\owner@247realmedia[1].txt 453 bytes
C:\Documents and Settings\Owner\Cookies\owner@62.4.84[1].txt 135 bytes
C:\Documents and Settings\Owner\Cookies\owner@62.4.84[3].txt 430 bytes
C:\Documents and Settings\Owner\Cookies\owner@82.98.235[1].txt 167 bytes
C:\Documents and Settings\Owner\Cookies\owner@85.12.25[2].txt 160 bytes
C:\Documents and Settings\Owner\Cookies\owner@89.188.16[1].txt 344 bytes
C:\Documents and Settings\Owner\Cookies\owner@89.188.16[2].txt 103 bytes
C:\Documents and Settings\Owner\Cookies\owner@adcentriconline[1].txt 176 bytes
C:\Documents and Settings\Owner\Cookies\owner@cams[2].txt 219 bytes
C:\Documents and Settings\Owner\Cookies\owner@canoe[1].txt 94 bytes
C:\Documents and Settings\Owner\Cookies\owner@canoe[2].txt 69 bytes
C:\Documents and Settings\Owner\Cookies\owner@cpvfeed[2].txt 563 bytes
C:\Documents and Settings\Owner\Cookies\owner@cyberpresse[2].txt 343 bytes
C:\Documents and Settings\Owner\Cookies\owner@drivecleaner[2].txt 806 bytes
C:\Documents and Settings\Owner\Cookies\owner@edt02[2].txt 398 bytes
C:\Documents and Settings\Owner\Cookies\owner@entraide.aceboard[1].txt 94 bytes
C:\Documents and Settings\Owner\Cookies\owner@eyereturn[2].txt 187 bytes
C:\Documents and Settings\Owner\Cookies\owner@fr.drivecleaner[1].txt 225 bytes
C:\Documents and Settings\Owner\Cookies\owner@funny-serv[1].txt 280 bytes
C:\Documents and Settings\Owner\Cookies\owner@google[1].txt 130 bytes
C:\Documents and Settings\Owner\Cookies\owner@lycos[1].txt 109 bytes
C:\Documents and Settings\Owner\Cookies\owner@m.webtrends[1].txt 180 bytes
C:\Documents and Settings\Owner\Cookies\owner@microsoft[2].txt 267 bytes
C:\Documents and Settings\Owner\Cookies\owner@mybloglog[1].txt 86 bytes
C:\Documents and Settings\Owner\Cookies\owner@passion[2].txt 234 bytes
C:\Documents and Settings\Owner\Cookies\owner@rad.microsoft[2].txt 750 bytes
C:\Documents and Settings\Owner\Cookies\owner@realmedia[1].txt 93 bytes
C:\Documents and Settings\Owner\Cookies\owner@redirect[2].txt 208 bytes
C:\Documents and Settings\Owner\Cookies\owner@redirect[3].txt 230 bytes
C:\Documents and Settings\Owner\Cookies\owner@stats.drivecleaner[2].txt 420 bytes
C:\Documents and Settings\Owner\Cookies\owner@stats1.reliablestats[1].txt 608 bytes
C:\Documents and Settings\Owner\Cookies\owner@sur-la-toile[1].txt 367 bytes
C:\Documents and Settings\Owner\Cookies\owner@weborama[2].txt 177 bytes
C:\Documents and Settings\Owner\Cookies\owner@www.amxtravel[1].txt 376 bytes
C:\Documents and Settings\Owner\Cookies\owner@www.commentcamarche[1].txt 115 bytes
C:\Documents and Settings\Owner\Cookies\owner@www.cyberpresse[1].txt 98 bytes
C:\Documents and Settings\Owner\Cookies\owner@www.drivecleaner[2].txt 342 bytes
C:\Documents and Settings\Owner\Cookies\owner@www.microsoft[1].txt 80 bytes
C:\Documents and Settings\Owner\Cookies\owner@www.smartadserver[1].txt 389 bytes
C:\Documents and Settings\Owner\Cookies\owner@www.sur-la-toile[2].txt 176 bytes
C:\Documents and Settings\Owner\Cookies\owner@www.winantiviruspro[1].txt 337 bytes
C:\Documents and Settings\Owner\Cookies\owner@www2.canoe[1].txt 346 bytes
C:\Documents and Settings\Owner\Cookies\owner@xiti[1].txt 100 bytes
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\desktop.ini 113 bytes
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012006112320061124\index.dat 32,00KB
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012006112420061125\index.dat 48,00KB
Marked for deletion: C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat
Marked for deletion: C:\Documents and Settings\Owner\Cookies\index.dat
Marked for deletion: C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat
Emptied Recycle Bin (1 files) 6,51KB
C:\WINDOWS\TEMP\Cookies\index.dat 16,00KB
C:\WINDOWS\TEMP\History\History.IE5\desktop.ini 113 bytes
C:\WINDOWS\TEMP\History\History.IE5\index.dat 16,00KB
C:\WINDOWS\TEMP\MpCmdRun.log 4,78KB
C:\WINDOWS\TEMP\MpSigStub.log 8,61KB
C:\WINDOWS\TEMP\removalfile.bat 43 bytes
C:\WINDOWS\TEMP\T30DebugLogFile.txt 0 bytes
C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\1LDHRS10\desktop.ini 67 bytes
C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\5ZK09DZ7\desktop.ini 67 bytes
C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\CMECCR72\desktop.ini 67 bytes
C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\desktop.ini 67 bytes
C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\I17ZMPLU\desktop.ini 67 bytes
C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\index.dat 32,00KB
C:\WINDOWS\TEMP\WGAErrLog.txt 255 bytes
C:\WINDOWS\TEMP\WGANotify.settings 409 bytes
C:\WINDOWS\TEMP\win1.tmp 0 bytes
C:\WINDOWS\TEMP\win10.tmp 0 bytes
C:\WINDOWS\TEMP\win11.tmp 0 bytes
C:\WINDOWS\TEMP\win12.tmp 0 bytes
C:\WINDOWS\TEMP\win13.tmp 0 bytes
C:\WINDOWS\TEMP\win14.tmp 0 bytes
C:\WINDOWS\TEMP\win15.tmp 0 bytes
C:\WINDOWS\TEMP\win16.tmp 0 bytes
C:\WINDOWS\TEMP\win17.tmp 0 bytes
C:\WINDOWS\TEMP\win18.tmp 0 bytes
C:\WINDOWS\TEMP\win19.tmp 0 bytes
C:\WINDOWS\TEMP\win1A.tmp 0 bytes
C:\WINDOWS\TEMP\win1B.tmp 0 bytes
C:\WINDOWS\TEMP\win1C.tmp 0 bytes
C:\WINDOWS\TEMP\win1D.tmp 0 bytes
C:\WINDOWS\TEMP\win1E.tmp 0 bytes
C:\WINDOWS\TEMP\win1F.tmp 0 bytes
C:\WINDOWS\TEMP\win2.tmp 0 bytes
C:\WINDOWS\TEMP\win20.tmp 0 bytes
C:\WINDOWS\TEMP\win21.tmp 0 bytes
C:\WINDOWS\TEMP\win22.tmp 0 bytes
C:\WINDOWS\TEMP\win23.tmp 0 bytes
C:\WINDOWS\TEMP\win24.tmp 0 bytes
C:\WINDOWS\TEMP\win25.tmp 0 bytes
C:\WINDOWS\TEMP\win26.tmp 0 bytes
C:\WINDOWS\TEMP\win27.tmp 0 bytes
C:\WINDOWS\TEMP\win28.tmp 0 bytes
C:\WINDOWS\TEMP\win29.tmp 0 bytes
C:\WINDOWS\TEMP\win2A.tmp 0 bytes
C:\WINDOWS\TEMP\win2B.tmp 0 bytes
C:\WINDOWS\TEMP\win2C.tmp 0 bytes
C:\WINDOWS\TEMP\win2D.tmp 0 bytes
C:\WINDOWS\TEMP\win2E.tmp 0 bytes
C:\WINDOWS\TEMP\win2F.tmp 0 bytes
C:\WINDOWS\TEMP\win3.tmp 0 bytes
C:\WINDOWS\TEMP\win30.tmp 0 bytes
C:\WINDOWS\TEMP\win31.tmp 0 bytes
C:\WINDOWS\TEMP\win32.tmp 0 bytes
C:\WINDOWS\TEMP\win33.tmp 0 bytes
C:\WINDOWS\TEMP\win34.tmp 0 bytes
C:\WINDOWS\TEMP\win35.tmp 0 bytes
C:\WINDOWS\TEMP\win36.tmp 0 bytes
C:\WINDOWS\TEMP\win37.tmp 0 bytes
C:\WINDOWS\TEMP\win38.tmp 0 bytes
C:\WINDOWS\TEMP\win39.tmp 0 bytes
C:\WINDOWS\TEMP\win3A.tmp 0 bytes
C:\WINDOWS\TEMP\win3B.tmp 0 bytes
C:\WINDOWS\TEMP\win3C.tmp 0 bytes
C:\WINDOWS\TEMP\win3D.tmp 0 bytes
C:\WINDOWS\TEMP\win3E.tmp 0 bytes
C:\WINDOWS\TEMP\win3F.tmp 0 bytes
C:\WINDOWS\TEMP\win4.tmp 0 bytes
C:\WINDOWS\TEMP\win40.tmp 0 bytes
C:\WINDOWS\TEMP\win41.tmp 0 bytes
C:\WINDOWS\TEMP\win42.tmp 0 bytes
C:\WINDOWS\TEMP\win43.tmp 0 bytes
C:\WINDOWS\TEMP\win44.tmp 0 bytes
C:\WINDOWS\TEMP\win45.tmp 0 bytes
C:\WINDOWS\TEMP\win46.tmp 0 bytes
C:\WINDOWS\TEMP\win47.tmp 0 bytes
C:\WINDOWS\TEMP\win48.tmp 0 bytes
C:\WINDOWS\TEMP\win49.tmp 0 bytes
C:\WINDOWS\TEMP\win4A.tmp 0 bytes
C:\WINDOWS\TEMP\win4B.tmp 0 bytes
C:\WINDOWS\TEMP\win4C.tmp 0 bytes
C:\WINDOWS\TEMP\win4D.tmp 0 bytes
C:\WINDOWS\TEMP\win4E.tmp 0 bytes
C:\WINDOWS\TEMP\win4F.tmp 0 bytes
C:\WINDOWS\TEMP\win5.tmp 0 bytes
C:\WINDOWS\TEMP\win50.tmp 0 bytes
C:\WINDOWS\TEMP\win51.tmp 0 bytes
C:\WINDOWS\TEMP\win52.tmp 0 bytes
C:\WINDOWS\TEMP\win53.tmp 0 bytes
C:\WINDOWS\TEMP\win54.tmp 0 bytes
C:\WINDOWS\TEMP\win55.tmp 0 bytes
C:\WINDOWS\TEMP\win56.tmp 0 bytes
C:\WINDOWS\TEMP\win57.tmp 0 bytes
C:\WINDOWS\TEMP\win58.tmp 0 bytes
C:\WINDOWS\TEMP\win59.tmp 0 bytes
C:\WINDOWS\TEMP\win5A.tmp 0 bytes
C:\WINDOWS\TEMP\win5B.tmp 0 bytes
C:\WINDOWS\TEMP\win5C.tmp 0 bytes
C:\WINDOWS\TEMP\win5D.tmp 0 bytes
C:\WINDOWS\TEMP\win5E.tmp 0 bytes
C:\WINDOWS\TEMP\win5F.tmp 0 bytes
C:\WINDOWS\TEMP\win6.tmp 0 bytes
C:\WINDOWS\TEMP\win60.tmp 0 bytes
C:\WINDOWS\TEMP\win61.tmp 0 bytes
C:\WINDOWS\TEMP\win62.tmp 0 bytes
C:\WINDOWS\TEMP\win63.tmp 0 bytes
C:\WINDOWS\TEMP\win64.tmp 0 bytes
C:\WINDOWS\TEMP\win65.tmp 0 bytes
C:\WINDOWS\TEMP\win66.tmp 0 bytes
C:\WINDOWS\TEMP\win67.tmp 0 bytes
C:\WINDOWS\TEMP\win68.tmp 0 bytes
C:\WINDOWS\TEMP\win69.tmp 0 bytes
C:\WINDOWS\TEMP\win6A.tmp 0 bytes
C:\WINDOWS\TEMP\win6B.tmp 0 bytes
C:\WINDOWS\TEMP\win6C.tmp 0 bytes
C:\WINDOWS\TEMP\win6D.tmp 0 bytes
C:\WINDOWS\TEMP\win6E.tmp 0 bytes
C:\WINDOWS\TEMP\win6F.tmp 0 bytes
C:\WINDOWS\TEMP\win7.tmp 0 bytes
C:\WINDOWS\TEMP\win70.tmp 0 bytes
C:\WINDOWS\TEMP\win71.tmp 0 bytes
C:\WINDOWS\TEMP\win72.tmp 0 bytes
C:\WINDOWS\TEMP\win73.tmp 0 bytes
C:\WINDOWS\TEMP\win74.tmp 0 bytes
C:\WINDOWS\TEMP\win75.tmp 0 bytes
C:\WINDOWS\TEMP\win76.tmp 0 bytes
C:\WINDOWS\TEMP\win77.tmp 0 bytes
C:\WINDOWS\TEMP\win78.tmp 0 bytes
C:\WINDOWS\TEMP\win79.tmp 0 bytes
C:\WINDOWS\TEMP\win7A.tmp 0 bytes
C:\WINDOWS\TEMP\win7B.tmp 0 bytes
C:\WINDOWS\TEMP\win7C.tmp 0 bytes
C:\WINDOWS\TEMP\win7D.tmp 0 bytes
C:\WINDOWS\TEMP\win7E.tmp 0 bytes
C:\WINDOWS\TEMP\win7F.tmp 0 bytes
C:\WINDOWS\TEMP\win8.tmp 0 bytes
C:\WINDOWS\TEMP\win80.tmp 0 bytes
C:\WINDOWS\TEMP\win81.tmp 0 bytes
C:\WINDOWS\TEMP\win82.tmp 0 bytes
C:\WINDOWS\TEMP\win83.tmp 0 bytes
C:\WINDOWS\TEMP\win84.tmp 0 bytes
C:\WINDOWS\TEMP\win85.tmp 0 bytes
C:\WINDOWS\TEMP\win86.tmp 0 bytes
C:\WINDOWS\TEMP\win87.tmp 0 bytes
C:\WINDOWS\TEMP\win88.tmp 0 bytes
C:\WINDOWS\TEMP\win89.tmp 0 bytes
C:\WINDOWS\TEMP\win8A.tmp 0 bytes
C:\WINDOWS\TEMP\win8B.tmp 0 bytes
C:\WINDOWS\TEMP\win8C.tmp 0 bytes
C:\WINDOWS\TEMP\win8D.tmp 0 bytes
C:\WINDOWS\TEMP\win8E.tmp 0 bytes
C:\WINDOWS\TEMP\win8F.tmp 0 bytes
C:\WINDOWS\TEMP\win9.tmp 0 bytes
C:\WINDOWS\TEMP\win90.tmp 0 bytes
C:\WINDOWS\TEMP\win91.tmp 0 bytes
C:\WINDOWS\TEMP\win92.tmp 0 bytes
C:\WINDOWS\TEMP\win93.tmp 0 bytes
C:\WINDOWS\TEMP\win94.tmp 0 bytes
C:\WINDOWS\TEMP\win95.tmp 944 bytes
C:\WINDOWS\TEMP\win96.tmp 0 bytes
C:\WINDOWS\TEMP\win97.tmp 0 bytes
C:\WINDOWS\TEMP\win98.tmp 0 bytes
C:\WINDOWS\TEMP\win99.tmp 0 bytes
C:\WINDOWS\TEMP\win99.tmp.exe 0,13MB
C:\WINDOWS\TEMP\win9A.tmp 0 bytes
C:\WINDOWS\TEMP\win9B.tmp 0 bytes
C:\WINDOWS\TEMP\win9C.tmp 0 bytes
C:\WINDOWS\TEMP\win9D.tmp 0 bytes
C:\WINDOWS\TEMP\win9F.tmp 0 bytes
C:\WINDOWS\TEMP\winA.tmp 0 bytes
C:\WINDOWS\TEMP\winA0.tmp 0 bytes
C:\WINDOWS\TEMP\winA1.tmp 0 bytes
C:\WINDOWS\TEMP\winA2.tmp 0 bytes
C:\WINDOWS\TEMP\winA3.tmp 0 bytes
C:\WINDOWS\TEMP\winA4.tmp 0 bytes
C:\WINDOWS\TEMP\winA5.tmp 0 bytes
C:\WINDOWS\TEMP\winA6.tmp 0 bytes
C:\WINDOWS\TEMP\winA7.tmp 0 bytes
C:\WINDOWS\TEMP\winA8.tmp 0 bytes
C:\WINDOWS\TEMP\winA9.tmp 0 bytes
C:\WINDOWS\TEMP\winAA.tmp 0 bytes
C:\WINDOWS\TEMP\winAB.tmp 0 bytes
C:\WINDOWS\TEMP\winAC.tmp 0 bytes
C:\WINDOWS\TEMP\winAD.tmp 0 bytes
C:\WINDOWS\TEMP\winAE.tmp 0 bytes
C:\WINDOWS\TEMP\winAF.tmp 0 bytes
C:\WINDOWS\TEMP\winB.tmp 0 bytes
C:\WINDOWS\TEMP\winB0.tmp 944 bytes
C:\WINDOWS\TEMP\winB1.tmp 0 bytes
C:\WINDOWS\TEMP\winB2.tmp 0 bytes
C:\WINDOWS\TEMP\winB3.tmp 0 bytes
C:\WINDOWS\TEMP\winB4.tmp 0 bytes
C:\WINDOWS\TEMP\winB5.tmp 0 bytes
C:\WINDOWS\TEMP\winB6.tmp 0 bytes
C:\WINDOWS\TEMP\winB7.tmp 944 bytes
C:\WINDOWS\TEMP\winB8.tmp 0 bytes
C:\WINDOWS\TEMP\winB9.tmp 0 bytes
C:\WINDOWS\TEMP\winBA.tmp 0 bytes
C:\WINDOWS\TEMP\winBB.tmp 19,00KB
C:\WINDOWS\TEMP\winBB.tmp.exe 0,13MB
C:\WINDOWS\TEMP\winBC.tmp 0 bytes
C:\WINDOWS\TEMP\winBD.tmp 0 bytes
C:\WINDOWS\TEMP\winBE.tmp 0 bytes
C:\WINDOWS\TEMP\winBF.tmp 0 bytes
C:\WINDOWS\TEMP\winC.tmp 0 bytes
C:\WINDOWS\TEMP\winC1.tmp 0 bytes
C:\WINDOWS\TEMP\winC2.tmp 0 bytes
C:\WINDOWS\TEMP\winC3.tmp 0 bytes
C:\WINDOWS\TEMP\winC4.tmp 0 bytes
C:\WINDOWS\TEMP\winC5.tmp 0 bytes
C:\WINDOWS\TEMP\winC6.tmp 0 bytes
C:\WINDOWS\TEMP\winC7.tmp 0 bytes
C:\WINDOWS\TEMP\winC8.tmp 0 bytes
C:\WINDOWS\TEMP\winC9.tmp 0 bytes
C:\WINDOWS\TEMP\winCA.tmp 0 bytes
C:\WINDOWS\TEMP\winCB.tmp 0 bytes
C:\WINDOWS\TEMP\winCC.tmp 0 bytes
C:\WINDOWS\TEMP\winCD.tmp 0 bytes
C:\WINDOWS\TEMP\winCE.tmp 0 bytes
C:\WINDOWS\TEMP\winCF.tmp 0 bytes
C:\WINDOWS\TEMP\winD.tmp 0 bytes
C:\WINDOWS\TEMP\winD0.tmp 0 bytes
C:\WINDOWS\TEMP\winD1.tmp 0 bytes
C:\WINDOWS\TEMP\winD2.tmp 0 bytes
C:\WINDOWS\TEMP\winD3.tmp 0 bytes
C:\WINDOWS\TEMP\winD4.tmp 944 bytes
C:\WINDOWS\TEMP\winD6.tmp 0 bytes
C:\WINDOWS\TEMP\winD7.tmp.exe 19,00KB
C:\WINDOWS\TEMP\winDC.tmp 0 bytes
C:\WINDOWS\TEMP\winE.tmp 0 bytes
C:\WINDOWS\TEMP\winF.tmp 0 bytes
C:\DOCUME~1\Owner\LOCALS~1\Temp\c1da_appcompat.txt 48,08KB
C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF1D22.tmp 16,00KB
C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF306B.tmp 48,00KB
C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF463.tmp 48,00KB
C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF6247.tmp 48,00KB
C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF761F.tmp 16,00KB
C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF8851.tmp 48,00KB
C:\DOCUME~1\Owner\LOCALS~1\Temp\~DFC1CD.tmp 48,00KB
C:\DOCUME~1\Owner\LOCALS~1\Temp\~DFD780.tmp 48,00KB
C:\DOCUME~1\Owner\LOCALS~1\Temp\~DFDD9C.tmp 16,00KB
C:\DOCUME~1\Owner\LOCALS~1\Temp\~DFF481.tmp 48,00KB
C:\WINDOWS\system32\wbem\Logs\FrameWork.log 6,28KB
C:\WINDOWS\system32\wbem\Logs\wbemess.log 35,77KB
C:\WINDOWS\system32\wbem\Logs\wbemprox.log 1,33KB
C:\WINDOWS\system32\wbem\Logs\wmiprov.log 536 bytes
C:\WINDOWS\0.log 0 bytes
C:\WINDOWS\setupact.log 120 bytes
C:\WINDOWS\setuperr.log 0 bytes
C:\WINDOWS\ntbtlog.txt 0,17MB
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\drwtsn32.log 0,56MB
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp 58,56KB
C:\WINDOWS\Debug\UserMode\userenv.log 17,96KB
C:\Documents and Settings\Owner\Application Data\Microsoft\Office\Recent\index.dat 28 bytes
C:\Documents and Settings\Owner\Application Data\Microsoft\Office\Recent\Templates.LNK 766 bytes
C:\Documents and Settings\Owner\Application Data\Microsoft\Office\Recent\index.dat 28 bytes
C:\Documents and Settings\Owner\Application Data\Microsoft\Office\Recent\Templates.LNK 766 bytes
C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol 348 bytes
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.061122-1243.log 368 bytes
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.061122-1244.txt 1,35KB
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.061123-1351.log 304 bytes
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.061123-1353.txt 1,22KB
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Fixes.061122-1245.txt 1,33KB
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Fixes.061123-1353.txt 1,21KB
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Statistics.ini 104 bytes
C:\Documents and Settings\Owner\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2006-11-23 13-54-49.txt 29,36KB
C:\WINDOWS\Internet Logs\ZALog.txt 8,11KB
C:\WINDOWS\Internet Logs\ZALog2006.11.21.txt 10,40KB
C:\WINDOWS\Internet Logs\ZALog2006.11.22.txt 43,48KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{0EBBF929-D6DE-4186-9153-4E79F4FE89AA} 5,84KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{1AC51617-CE8C-4231-B9C3-9B516258669E} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{1FD6E602-DD18-455C-AEC0-C33A5232790D} 5,01KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{345B9A2B-D85B-4A66-92F5-AB6410921FD7} 7,67KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{4323608E-133A-4BFC-A183-887B7A64C3FC} 5,01KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{497C758D-F867-4F22-B843-616766E0A8C6} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{4E596082-2D6D-4138-A96F-4B139E9AADA9} 5,01KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{50CBAEF1-3BB6-4F7F-8C48-4E54E5DDEC71} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{51D6B610-5515-4657-AEFB-8A13BC5563B8} 5,25KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{852FAEB0-DA62-4B36-B6E5-4261BC23BDD0} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{8A703FC4-2C62-4D60-9797-DEF3B22E149E} 6,04KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{90213A6D-F7DA-4F56-A69A-70BFDF0E99A8} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{96944C8E-FF71-439A-8162-626C2D1530F3} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{A1C4FA49-A35E-455B-986E-460D39B626A7} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{ADDE406F-729C-4D8D-8712-CC029AFC2D5B} 9,56KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{B12A4EA1-2262-4F73-8F63-D65293846C03} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{B74A14BC-6C17-4875-ABFF-793D2E9D4623} 10,26KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{D0CDC582-BDBF-4B5D-B500-09ECCF126365} 5,17KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{D5550AB9-DC08-49E9-A158-B0D1AB108FA8} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{E03D3ADA-3A26-4122-B5D0-B64E69238DC9} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{E145AE05-C720-4FB5-936C-D6EB60168E85} 5,94KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{F738F0CC-1117-4DD0-93BC-CA65BA7536D0} 5,30KB
-------------------------------------------------------------------
0
Réponse 3 / 15
ricky0227 Messages postés 11 Statut Membre
 
Je dois partir pour le travail, je vais lire tes conseils en revenant.

Merci beaucoup
0
Réponse 4 / 15
salwa
 
ok cclenear a detecter les virus maintenant il faut lancer le netoyage comme sur le tutorial ensuite colle le resultat ici

@+++++
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 15
ricky0227 Messages postés 11 Statut Membre
 
voici le log après avoir nettoyé avec ccleaner :

CLEANING COMPLETE - (4,340 secs)
------------------------------------------------------------------------------------------
9,84MB removed.
------------------------------------------------------------------------------------------

Details of files deleted
------------------------------------------------------------------------------------------
IE Temporary Internet Files (1477 files) 7,95MB
Cookie:owner@sysprotect.com/(&H100001) 240 bytes
Cookie:owner@adcentriconline.com/(&H100001) 176 bytes
Cookie:owner@www.microsoft.com/(&H100001) 83 bytes
Cookie:owner@www.amxtravel.com/(&H100001) 376 bytes
Cookie:owner@microsoft.com/(&H100001) 267 bytes
Cookie:owner@edt02.net/(&H100001) 296 bytes
Cookie:owner@247realmedia.com/(&H100001) 344 bytes
Cookie:owner@www2.canoe.com/(&H100001) 346 bytes
Cookie:owner@www.smartadserver.com/(&H100001) 389 bytes
Cookie:owner@scanner.sysprotect.com/(&H100001) 228 bytes
Cookie:owner@funny-serv.com/(&H100001) 277 bytes
Cookie:owner@85.12.25.85/(&H100001) 160 bytes
Cookie:owner@stats.drivecleaner.com/(&H100001) 420 bytes
Cookie:owner@stats1.reliablestats.com/(&H100001) 877 bytes
Cookie:owner@eyereturn.com/(&H100001) 187 bytes
Cookie:owner@62.4.84.172/(&H100001) 430 bytes
Cookie:owner@89.188.16.13/(&H100001) 344 bytes
Cookie:owner@realmedia.com/(&H100001) 93 bytes
Cookie:owner@cyberpresse.ca/(&H100001) 341 bytes
Cookie:owner@www.sur-la-toile.com/(&H100001) 176 bytes
Cookie:owner@mybloglog.com/(&H100001) 86 bytes
Cookie:owner@89.188.16.10/(&H100001) 431 bytes
Cookie:owner@canoe.ca/(&H100001) 94 bytes
Cookie:owner@google.ca/(&H100001) 130 bytes
Cookie:owner@202.67.220.219/(&H100001) 234 bytes
Cookie:owner@drivecleaner.com/(&H100001) 806 bytes
Cookie:owner@cpvfeed.com/(&H100001) 563 bytes
Cookie:owner@lycos.com/(&H100001) 109 bytes
Cookie:owner@rad.microsoft.com/(&H100001) 750 bytes
Cookie:owner@85.12.25.100/redirect/(&H100001) 230 bytes
Cookie:owner@xiti.com/(&H100001) 100 bytes
Cookie:owner@202.67.220.227/(&H100001) 428 bytes
Cookie:owner@entraide.aceboard.fr/(&H100001) 94 bytes
Cookie:owner@weborama.fr/(&H100001) 177 bytes
Cookie:owner@canoe.com/(&H100001) 69 bytes
Cookie:owner@sur-la-toile.com/(&H100001) 367 bytes
Cookie:owner@www.drivecleaner.com/(&H100001) 342 bytes
Cookie:owner@fr.drivecleaner.com/(&H100001) 225 bytes
Cookie:owner@62.4.84.53/(&H100001) 135 bytes
Cookie:owner@89.188.16.17/redirect/(&H100001) 208 bytes
Cookie:owner@www.winantiviruspro.com/(&H100001) 337 bytes
Cookie:owner@m.webtrends.com/(&H100001) 180 bytes
Cookie:owner@www.commentcamarche.net/(&H100001) 114 bytes
Cookie:owner@www.cyberpresse.ca/(&H100001) 98 bytes
Cookie:owner@passion.com/(&H100001) 234 bytes
Cookie:owner@82.98.235.58/(&H100001) 167 bytes
Cookie:owner@cams.com/(&H100001) 219 bytes
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\desktop.ini 113 bytes
Marked for deletion: C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat
Marked for deletion: C:\Documents and Settings\Owner\Cookies\index.dat
Marked for deletion: C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat
Marked for deletion: C:\Documents and Settings\Owner\Local Settings\History\History.IE5\mshist012006112520061126\index.dat
Emptied Recycle Bin (1 files) 6,51KB
C:\WINDOWS\TEMP\Cookies\index.dat 16,00KB
C:\WINDOWS\TEMP\History\History.IE5\desktop.ini 113 bytes
C:\WINDOWS\TEMP\History\History.IE5\index.dat 16,00KB
C:\WINDOWS\TEMP\MpCmdRun.log 5,58KB
C:\WINDOWS\TEMP\MpSigStub.log 8,61KB
C:\WINDOWS\TEMP\removalfile.bat 43 bytes
C:\WINDOWS\TEMP\T30DebugLogFile.txt 0 bytes
C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\1LDHRS10\desktop.ini 67 bytes
C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\5ZK09DZ7\desktop.ini 67 bytes
C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\CMECCR72\desktop.ini 67 bytes
C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\desktop.ini 67 bytes
C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\I17ZMPLU\desktop.ini 67 bytes
C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\index.dat 32,00KB
C:\WINDOWS\TEMP\WGAErrLog.txt 255 bytes
C:\WINDOWS\TEMP\WGANotify.settings 409 bytes
C:\WINDOWS\TEMP\win1.tmp 0 bytes
C:\WINDOWS\TEMP\win10.tmp 0 bytes
C:\WINDOWS\TEMP\win11.tmp 0 bytes
C:\WINDOWS\TEMP\win12.tmp 0 bytes
C:\WINDOWS\TEMP\win13.tmp 0 bytes
C:\WINDOWS\TEMP\win14.tmp 0 bytes
C:\WINDOWS\TEMP\win15.tmp 0 bytes
C:\WINDOWS\TEMP\win16.tmp 0 bytes
C:\WINDOWS\TEMP\win17.tmp 0 bytes
C:\WINDOWS\TEMP\win18.tmp 0 bytes
C:\WINDOWS\TEMP\win19.tmp 0 bytes
C:\WINDOWS\TEMP\win1A.tmp 0 bytes
C:\WINDOWS\TEMP\win1B.tmp 0 bytes
C:\WINDOWS\TEMP\win1C.tmp 0 bytes
C:\WINDOWS\TEMP\win1D.tmp 0 bytes
C:\WINDOWS\TEMP\win1E.tmp 0 bytes
C:\WINDOWS\TEMP\win1F.tmp 0 bytes
C:\WINDOWS\TEMP\win2.tmp 0 bytes
C:\WINDOWS\TEMP\win20.tmp 0 bytes
C:\WINDOWS\TEMP\win21.tmp 0 bytes
C:\WINDOWS\TEMP\win22.tmp 0 bytes
C:\WINDOWS\TEMP\win23.tmp 0 bytes
C:\WINDOWS\TEMP\win24.tmp 0 bytes
C:\WINDOWS\TEMP\win25.tmp 0 bytes
C:\WINDOWS\TEMP\win26.tmp 0 bytes
C:\WINDOWS\TEMP\win27.tmp 0 bytes
C:\WINDOWS\TEMP\win28.tmp 0 bytes
C:\WINDOWS\TEMP\win29.tmp 0 bytes
C:\WINDOWS\TEMP\win2A.tmp 0 bytes
C:\WINDOWS\TEMP\win2B.tmp 0 bytes
C:\WINDOWS\TEMP\win2C.tmp 0 bytes
C:\WINDOWS\TEMP\win2D.tmp 0 bytes
C:\WINDOWS\TEMP\win2E.tmp 0 bytes
C:\WINDOWS\TEMP\win2F.tmp 0 bytes
C:\WINDOWS\TEMP\win3.tmp 0 bytes
C:\WINDOWS\TEMP\win30.tmp 0 bytes
C:\WINDOWS\TEMP\win31.tmp 0 bytes
C:\WINDOWS\TEMP\win32.tmp 0 bytes
C:\WINDOWS\TEMP\win33.tmp 0 bytes
C:\WINDOWS\TEMP\win34.tmp 0 bytes
C:\WINDOWS\TEMP\win35.tmp 0 bytes
C:\WINDOWS\TEMP\win36.tmp 0 bytes
C:\WINDOWS\TEMP\win37.tmp 0 bytes
C:\WINDOWS\TEMP\win38.tmp 0 bytes
C:\WINDOWS\TEMP\win39.tmp 0 bytes
C:\WINDOWS\TEMP\win3A.tmp 0 bytes
C:\WINDOWS\TEMP\win3B.tmp 0 bytes
C:\WINDOWS\TEMP\win3C.tmp 0 bytes
C:\WINDOWS\TEMP\win3D.tmp 0 bytes
C:\WINDOWS\TEMP\win3E.tmp 0 bytes
C:\WINDOWS\TEMP\win3F.tmp 0 bytes
C:\WINDOWS\TEMP\win4.tmp 0 bytes
C:\WINDOWS\TEMP\win40.tmp 0 bytes
C:\WINDOWS\TEMP\win41.tmp 0 bytes
C:\WINDOWS\TEMP\win42.tmp 0 bytes
C:\WINDOWS\TEMP\win43.tmp 0 bytes
C:\WINDOWS\TEMP\win44.tmp 0 bytes
C:\WINDOWS\TEMP\win45.tmp 0 bytes
C:\WINDOWS\TEMP\win46.tmp 0 bytes
C:\WINDOWS\TEMP\win47.tmp 0 bytes
C:\WINDOWS\TEMP\win48.tmp 0 bytes
C:\WINDOWS\TEMP\win49.tmp 0 bytes
C:\WINDOWS\TEMP\win4A.tmp 0 bytes
C:\WINDOWS\TEMP\win4B.tmp 0 bytes
C:\WINDOWS\TEMP\win4C.tmp 0 bytes
C:\WINDOWS\TEMP\win4D.tmp 0 bytes
C:\WINDOWS\TEMP\win4E.tmp 0 bytes
C:\WINDOWS\TEMP\win4F.tmp 0 bytes
C:\WINDOWS\TEMP\win5.tmp 0 bytes
C:\WINDOWS\TEMP\win50.tmp 0 bytes
C:\WINDOWS\TEMP\win51.tmp 0 bytes
C:\WINDOWS\TEMP\win52.tmp 0 bytes
C:\WINDOWS\TEMP\win53.tmp 0 bytes
C:\WINDOWS\TEMP\win54.tmp 0 bytes
C:\WINDOWS\TEMP\win55.tmp 0 bytes
C:\WINDOWS\TEMP\win56.tmp 0 bytes
C:\WINDOWS\TEMP\win57.tmp 0 bytes
C:\WINDOWS\TEMP\win58.tmp 0 bytes
C:\WINDOWS\TEMP\win59.tmp 0 bytes
C:\WINDOWS\TEMP\win5A.tmp 0 bytes
C:\WINDOWS\TEMP\win5B.tmp 0 bytes
C:\WINDOWS\TEMP\win5C.tmp 0 bytes
C:\WINDOWS\TEMP\win5D.tmp 0 bytes
C:\WINDOWS\TEMP\win5E.tmp 0 bytes
C:\WINDOWS\TEMP\win5F.tmp 0 bytes
C:\WINDOWS\TEMP\win6.tmp 0 bytes
C:\WINDOWS\TEMP\win60.tmp 0 bytes
C:\WINDOWS\TEMP\win61.tmp 0 bytes
C:\WINDOWS\TEMP\win62.tmp 0 bytes
C:\WINDOWS\TEMP\win63.tmp 0 bytes
C:\WINDOWS\TEMP\win64.tmp 0 bytes
C:\WINDOWS\TEMP\win65.tmp 0 bytes
C:\WINDOWS\TEMP\win66.tmp 0 bytes
C:\WINDOWS\TEMP\win67.tmp 0 bytes
C:\WINDOWS\TEMP\win68.tmp 0 bytes
C:\WINDOWS\TEMP\win69.tmp 0 bytes
C:\WINDOWS\TEMP\win6A.tmp 0 bytes
C:\WINDOWS\TEMP\win6B.tmp 0 bytes
C:\WINDOWS\TEMP\win6C.tmp 0 bytes
C:\WINDOWS\TEMP\win6D.tmp 0 bytes
C:\WINDOWS\TEMP\win6E.tmp 0 bytes
C:\WINDOWS\TEMP\win6F.tmp 0 bytes
C:\WINDOWS\TEMP\win7.tmp 0 bytes
C:\WINDOWS\TEMP\win70.tmp 0 bytes
C:\WINDOWS\TEMP\win71.tmp 0 bytes
C:\WINDOWS\TEMP\win72.tmp 0 bytes
C:\WINDOWS\TEMP\win73.tmp 0 bytes
C:\WINDOWS\TEMP\win74.tmp 0 bytes
C:\WINDOWS\TEMP\win75.tmp 0 bytes
C:\WINDOWS\TEMP\win76.tmp 0 bytes
C:\WINDOWS\TEMP\win77.tmp 0 bytes
C:\WINDOWS\TEMP\win78.tmp 0 bytes
C:\WINDOWS\TEMP\win79.tmp 0 bytes
C:\WINDOWS\TEMP\win7A.tmp 0 bytes
C:\WINDOWS\TEMP\win7B.tmp 0 bytes
C:\WINDOWS\TEMP\win7C.tmp 0 bytes
C:\WINDOWS\TEMP\win7D.tmp 0 bytes
C:\WINDOWS\TEMP\win7E.tmp 0 bytes
C:\WINDOWS\TEMP\win7F.tmp 0 bytes
C:\WINDOWS\TEMP\win8.tmp 0 bytes
C:\WINDOWS\TEMP\win80.tmp 0 bytes
C:\WINDOWS\TEMP\win81.tmp 0 bytes
C:\WINDOWS\TEMP\win82.tmp 0 bytes
C:\WINDOWS\TEMP\win83.tmp 0 bytes
C:\WINDOWS\TEMP\win84.tmp 0 bytes
C:\WINDOWS\TEMP\win85.tmp 0 bytes
C:\WINDOWS\TEMP\win86.tmp 0 bytes
C:\WINDOWS\TEMP\win87.tmp 0 bytes
C:\WINDOWS\TEMP\win88.tmp 0 bytes
C:\WINDOWS\TEMP\win89.tmp 0 bytes
C:\WINDOWS\TEMP\win8A.tmp 0 bytes
C:\WINDOWS\TEMP\win8B.tmp 0 bytes
C:\WINDOWS\TEMP\win8C.tmp 0 bytes
C:\WINDOWS\TEMP\win8D.tmp 0 bytes
C:\WINDOWS\TEMP\win8E.tmp 0 bytes
C:\WINDOWS\TEMP\win8F.tmp 0 bytes
C:\WINDOWS\TEMP\win9.tmp 0 bytes
C:\WINDOWS\TEMP\win90.tmp 0 bytes
C:\WINDOWS\TEMP\win91.tmp 0 bytes
C:\WINDOWS\TEMP\win92.tmp 0 bytes
C:\WINDOWS\TEMP\win93.tmp 0 bytes
C:\WINDOWS\TEMP\win94.tmp 0 bytes
C:\WINDOWS\TEMP\win95.tmp 944 bytes
C:\WINDOWS\TEMP\win96.tmp 0 bytes
C:\WINDOWS\TEMP\win97.tmp 0 bytes
C:\WINDOWS\TEMP\win98.tmp 0 bytes
C:\WINDOWS\TEMP\win99.tmp 0 bytes
C:\WINDOWS\TEMP\win99.tmp.exe 0,13MB
C:\WINDOWS\TEMP\win9A.tmp 0 bytes
C:\WINDOWS\TEMP\win9B.tmp 0 bytes
C:\WINDOWS\TEMP\win9C.tmp 0 bytes
C:\WINDOWS\TEMP\win9D.tmp 0 bytes
C:\WINDOWS\TEMP\win9E.tmp 944 bytes
C:\WINDOWS\TEMP\win9F.tmp 0 bytes
C:\WINDOWS\TEMP\winA.tmp 0 bytes
C:\WINDOWS\TEMP\winA0.tmp 0 bytes
C:\WINDOWS\TEMP\winA1.tmp 0 bytes
C:\WINDOWS\TEMP\winA2.tmp 0 bytes
C:\WINDOWS\TEMP\winA3.tmp 0 bytes
C:\WINDOWS\TEMP\winA4.tmp 0 bytes
C:\WINDOWS\TEMP\winA5.tmp 0 bytes
C:\WINDOWS\TEMP\winA6.tmp 0 bytes
C:\WINDOWS\TEMP\winA7.tmp 0 bytes
C:\WINDOWS\TEMP\winA8.tmp 0 bytes
C:\WINDOWS\TEMP\winA9.tmp 0 bytes
C:\WINDOWS\TEMP\winAA.tmp 0 bytes
C:\WINDOWS\TEMP\winAB.tmp 0 bytes
C:\WINDOWS\TEMP\winAC.tmp 0 bytes
C:\WINDOWS\TEMP\winAD.tmp 0 bytes
C:\WINDOWS\TEMP\winAE.tmp 0 bytes
C:\WINDOWS\TEMP\winAF.tmp 0 bytes
C:\WINDOWS\TEMP\winB.tmp 0 bytes
C:\WINDOWS\TEMP\winB0.tmp 944 bytes
C:\WINDOWS\TEMP\winB1.tmp 0 bytes
C:\WINDOWS\TEMP\winB2.tmp 0 bytes
C:\WINDOWS\TEMP\winB3.tmp 0 bytes
C:\WINDOWS\TEMP\winB4.tmp 0 bytes
C:\WINDOWS\TEMP\winB5.tmp 0 bytes
C:\WINDOWS\TEMP\winB6.tmp 0 bytes
C:\WINDOWS\TEMP\winB7.tmp 944 bytes
C:\WINDOWS\TEMP\winB8.tmp 0 bytes
C:\WINDOWS\TEMP\winB9.tmp 0 bytes
C:\WINDOWS\TEMP\winBA.tmp 0 bytes
C:\WINDOWS\TEMP\winBB.tmp 19,00KB
C:\WINDOWS\TEMP\winBB.tmp.exe 0,13MB
C:\WINDOWS\TEMP\winBC.tmp 0 bytes
C:\WINDOWS\TEMP\winBD.tmp 0 bytes
C:\WINDOWS\TEMP\winBE.tmp 0 bytes
C:\WINDOWS\TEMP\winBF.tmp 0 bytes
C:\WINDOWS\TEMP\winC.tmp 0 bytes
C:\WINDOWS\TEMP\winC0.tmp 0 bytes
C:\WINDOWS\TEMP\winC1.tmp 0 bytes
C:\WINDOWS\TEMP\winC2.tmp 0 bytes
C:\WINDOWS\TEMP\winC3.tmp 0 bytes
C:\WINDOWS\TEMP\winC4.tmp 0 bytes
C:\WINDOWS\TEMP\winC5.tmp 0 bytes
C:\WINDOWS\TEMP\winC6.tmp 0 bytes
C:\WINDOWS\TEMP\winC7.tmp 0 bytes
C:\WINDOWS\TEMP\winC8.tmp 0 bytes
C:\WINDOWS\TEMP\winC9.tmp 0 bytes
C:\WINDOWS\TEMP\winCA.tmp 0 bytes
C:\WINDOWS\TEMP\winCB.tmp 0 bytes
C:\WINDOWS\TEMP\winCC.tmp 0 bytes
C:\WINDOWS\TEMP\winCD.tmp 0 bytes
C:\WINDOWS\TEMP\winCE.tmp 0 bytes
C:\WINDOWS\TEMP\winCF.tmp 0 bytes
C:\WINDOWS\TEMP\winD.tmp 0 bytes
C:\WINDOWS\TEMP\winD0.tmp 0 bytes
C:\WINDOWS\TEMP\winD1.tmp 0 bytes
C:\WINDOWS\TEMP\winD2.tmp 0 bytes
C:\WINDOWS\TEMP\winD3.tmp 0 bytes
C:\WINDOWS\TEMP\winD4.tmp 944 bytes
C:\WINDOWS\TEMP\winD5.tmp 0 bytes
C:\WINDOWS\TEMP\winD6.tmp 0 bytes
C:\WINDOWS\TEMP\winD7.tmp 0 bytes
C:\WINDOWS\TEMP\winD9.tmp 0 bytes
C:\WINDOWS\TEMP\winDA.tmp 0 bytes
C:\WINDOWS\TEMP\winDB.tmp 0 bytes
C:\WINDOWS\TEMP\winDC.tmp 0 bytes
C:\WINDOWS\TEMP\winDD.tmp 0 bytes
C:\WINDOWS\TEMP\winDE.tmp 0 bytes
C:\WINDOWS\TEMP\winDF.tmp 0 bytes
C:\WINDOWS\TEMP\winE.tmp 0 bytes
C:\WINDOWS\TEMP\winE0.tmp 0 bytes
C:\WINDOWS\TEMP\winE1.tmp 0 bytes
C:\WINDOWS\TEMP\winE2.tmp 0 bytes
C:\WINDOWS\TEMP\winE3.tmp 0 bytes
C:\WINDOWS\TEMP\winE4.tmp 0 bytes
C:\WINDOWS\TEMP\winE7.tmp 944 bytes
C:\WINDOWS\TEMP\winF.tmp 0 bytes
C:\DOCUME~1\Owner\LOCALS~1\Temp\c1da_appcompat.txt 48,08KB
C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF1D22.tmp 16,00KB
C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF306B.tmp 48,00KB
C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF463.tmp 48,00KB
C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF6247.tmp 48,00KB
C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF761F.tmp 16,00KB
C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF8851.tmp 48,00KB
C:\DOCUME~1\Owner\LOCALS~1\Temp\~DFC1CD.tmp 48,00KB
C:\DOCUME~1\Owner\LOCALS~1\Temp\~DFD780.tmp 48,00KB
C:\DOCUME~1\Owner\LOCALS~1\Temp\~DFDD9C.tmp 16,00KB
C:\DOCUME~1\Owner\LOCALS~1\Temp\~DFF481.tmp 48,00KB
C:\WINDOWS\system32\wbem\Logs\FrameWork.log 6,79KB
C:\WINDOWS\system32\wbem\Logs\wbemess.log 37,15KB
C:\WINDOWS\system32\wbem\Logs\wbemprox.log 1,62KB
C:\WINDOWS\system32\wbem\Logs\wmiprov.log 670 bytes
C:\WINDOWS\0.log 0 bytes
C:\WINDOWS\setupact.log 120 bytes
C:\WINDOWS\setuperr.log 0 bytes
C:\WINDOWS\ntbtlog.txt 0,17MB
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\drwtsn32.log 0,56MB
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp 58,56KB
C:\WINDOWS\Debug\UserMode\userenv.log 19,02KB
C:\Documents and Settings\Owner\Application Data\Microsoft\Office\Recent\index.dat 28 bytes
C:\Documents and Settings\Owner\Application Data\Microsoft\Office\Recent\Templates.LNK 766 bytes
C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol 348 bytes
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.061122-1243.log 368 bytes
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.061122-1244.txt 1,35KB
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.061123-1351.log 304 bytes
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.061123-1353.txt 1,22KB
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Fixes.061122-1245.txt 1,33KB
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Fixes.061123-1353.txt 1,21KB
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Statistics.ini 104 bytes
C:\Documents and Settings\Owner\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2006-11-23 13-54-49.txt 29,36KB
C:\WINDOWS\Internet Logs\ZALog2006.11.21.txt 10,40KB
C:\WINDOWS\Internet Logs\ZALog2006.11.22.txt 43,48KB
C:\WINDOWS\Internet Logs\ZALog2006.11.24.txt 8,34KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{0EBBF929-D6DE-4186-9153-4E79F4FE89AA} 5,84KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{1AC51617-CE8C-4231-B9C3-9B516258669E} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{1FD6E602-DD18-455C-AEC0-C33A5232790D} 5,01KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{345B9A2B-D85B-4A66-92F5-AB6410921FD7} 7,67KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{4323608E-133A-4BFC-A183-887B7A64C3FC} 5,01KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{439A4599-B3D0-489C-A0CB-52CFA2D8CD5C} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{497C758D-F867-4F22-B843-616766E0A8C6} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{4E596082-2D6D-4138-A96F-4B139E9AADA9} 5,01KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{50CBAEF1-3BB6-4F7F-8C48-4E54E5DDEC71} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{51D6B610-5515-4657-AEFB-8A13BC5563B8} 5,25KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{852FAEB0-DA62-4B36-B6E5-4261BC23BDD0} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{86EBBBC7-5F33-4FF1-9DB8-DF8E8EDA55CC} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{8A703FC4-2C62-4D60-9797-DEF3B22E149E} 6,04KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{90213A6D-F7DA-4F56-A69A-70BFDF0E99A8} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{96944C8E-FF71-439A-8162-626C2D1530F3} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{A106393D-E12E-4A79-AA55-7107008A49C2} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{A1C4FA49-A35E-455B-986E-460D39B626A7} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{ADDE406F-729C-4D8D-8712-CC029AFC2D5B} 9,56KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{B12A4EA1-2262-4F73-8F63-D65293846C03} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{B74A14BC-6C17-4875-ABFF-793D2E9D4623} 10,26KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{D0CDC582-BDBF-4B5D-B500-09ECCF126365} 5,17KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{D5550AB9-DC08-49E9-A158-B0D1AB108FA8} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{E03D3ADA-3A26-4122-B5D0-B64E69238DC9} 5,20KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{E145AE05-C720-4FB5-936C-D6EB60168E85} 5,94KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{F738F0CC-1117-4DD0-93BC-CA65BA7536D0} 5,30KB
------------------------------------------------------------------------------------------
0
salwa
 
refait un scan avec avast et dit moi si il trouve tjr des virus

precise aussi si tes probleme sont resolu :)

@+++++
0
Réponse 6 / 15
ricky0227 Messages postés 11 Statut Membre
 
Le problème n'est pas résolu. Avast trouve toujours les virus.
0
Réponse 7 / 15
salwa
 
Télécharger sur le Bureau.
VundoFix http://www.atribune.org/ccount/click.php?id=4

= Double-clic VundoFix.exe.
= Clic OK
=Attendre le redemarrage de Vundofix ( 1 à plusieurs minutes)
=Clic Scan for Vundo

=Puis clic Remove Vundo
= Puis yes
= Le Bureau disparaît un moment lors de la suppression des fichiers.
=Message shutdown
=clic OK
=Redémarrage auto
=copier le rapport qui est dans C:\vundofix.txt

suivi d'un log hijackthis :)

@++++
0
Réponse 8 / 15
ricky0227 Messages postés 11 Statut Membre
 
voici le log vundofix :

VundoFix V6.2.11

Checking Java version...

Java version is 1.5.0.2

Scan started at 16:42:35 2006-11-25

Listing files found while scanning....

C:\WINDOWS\system32\xycdd.ini
C:\WINDOWS\system32\xycdd.bak1
C:\WINDOWS\system32\xycdd.bak2

Beginning removal...

Attempting to delete C:\WINDOWS\system32\ddcyx.dll
C:\WINDOWS\system32\ddcyx.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\xycdd.ini
C:\WINDOWS\system32\xycdd.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\xycdd.bak1
C:\WINDOWS\system32\xycdd.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\xycdd.bak2
C:\WINDOWS\system32\xycdd.bak2 Has been deleted!

Performing Repairs to the registry.
Done!
0
Réponse 9 / 15
ricky0227 Messages postés 11 Statut Membre
 
log hijacthis :

Logfile of HijackThis v1.99.1
Scan saved at 16:48:36, on 2006-11-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\{344B236C-07D4-1033-0210-061019050002}\Update.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Hijackthis\Scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lapresse.ca
O2 - BHO: (no name) - {013A653B-49A6-4f76-8B68-E4875EA6BA54} - C:\WINDOWS\system32\vsdxrjpy.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O2 - BHO: (no name) - {CFE9E8A8-38C0-4EF8-AEC2-5035EFE81030} - C:\WINDOWS\system32\ssqrppn.dll
O2 - BHO: (no name) - {D9B0D0F8-D212-410A-B03C-EF2FC0FF27BB} - C:\WINDOWS\system32\ddcyx.dll (file missing)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O20 - Winlogon Notify: ssqrppn - C:\WINDOWS\SYSTEM32\ssqrppn.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: wingdm32 - C:\WINDOWS\SYSTEM32\wingdm32.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe (file missing)
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 10 / 15
salwa
 
telecharge et execute ceci ensuite colle le raport qui te genere

Edwido
http://download.ewido.net/ewido-setup.exe
Pendant l'installation, sur la page "Additional Options", décoche les deux options "Install background guard" et "Install scan via context menu Ewido Security Suite. Clique sur mise à jour.

Clique sur scanner puis sur scan complet du système.

et precise ou ont sont tes problem

@+++
0
Réponse 11 / 15
ricky0227 Messages postés 11 Statut Membre
 
voici une nouvelle localisation du trojan que avast me donne :

:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\9693EEWJ\srvsvq[1].exe
0
Réponse 12 / 15
salwa
 
j'attend le raport d'edwido pour voir plus claire .... :)

@++
0
Réponse 13 / 15
salwa
 
ree je ne peu pas attendre ton rapport d'edwido alors on continue

lance hijack coche et fix ces lignes

O20 - Winlogon Notify: ssqrppn - C:\WINDOWS\SYSTEM32\ssqrppn.dll
O20 - Winlogon Notify: wingdm32 - C:\WINDOWS\SYSTEM32\wingdm32.dll

telecharge the killbox https://www.bleepingcomputer.com/download/linux/

Double clic sur killbox.exe (Pocket Killbox)

- coche: delete on reboot
- Dans "Full Path of File to Delete"
copie et colle:

C:\WINDOWS\SYSTEM32\wingdm32.dll

- clique sur la croix rouge
- une fenêtre va apparaître pour confirmation clique sur YES
- une seconde fenêtre te demande si tu veux redémarrer clique sur YES

Si ce message s’affiche ignore le :
http://tinypic.com/images/goodbye.jpg
Laisse le pc redémarrer ou redemarre manuellement s il le fait pas.

telecharge SmitfraudFix

http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1, il va générer un rapport Copie/colle le sur le poste stp. suivi d'un log hijack

@++++
0
lal'
 
salut salwa moi je suis super nulle en info et g chopé ce satané virus espagnol sur msn da uma olhada nos fotos ...
voilà ce ke j'ai hijackthis : virus_msn_da_uma_olhada_nas_fotos_dessa_festa_muito_legal
Logfile of HijackThis v1.99.1
Scan saved at 10:10:56, on 26/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\acer\Empowering Technology\ePower\epm-dm.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\icpldrvx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\LALLIA\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer.com/worldwide/selection.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\WINDOWS\system32\ToolBand.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Avg Antivirus] C:\WINDOWS\system32\icpldrvx.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D1751178-31A0-4BB9-B2E8-97C8DEF6795A}: NameServer = 192.168.1.1
O18 - Protocol: bw+0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

tu peux me dire ce que je dois faire à present car je suis perdue et ce virus me pourrit tout c galère merci
0
afideg Messages postés 10970 Statut Contributeur sécurité 602 > lal'
 
Bonjour lal

Tu t'inscris, et tu fais ceci dans le bon ordre

ccmforum = guide forum CCM

à+..
0
salwa > lal'
 
bonjour lal' je ne peu pas te repondre ici car c'est le post de ricky :/ creer ton propre sujet et je verai ce que je peu faire :)

@toute
0
Réponse 14 / 15
ricky0227 Messages postés 11 Statut Membre
 
désolé, j'ai essayé d'avoir le log edwido, mais il m'en donne pas. Mais il a trouvé pour de merde qu'il a supprimé et depuis ce temps, je ne veux pas me prononcé trop vite, mais ça semble mieux. J'ai tout de même supprimé les deux ligne que tu m'avais dit dans hijacthis et voilè à le log : (dis moi si tu vois encore quelque chose de louche...) Merci

Logfile of HijackThis v1.99.1
Scan saved at 20:04:13, on 2006-11-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Hijackthis\Scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lapresse.ca
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O2 - BHO: (no name) - {D9B0D0F8-D212-410A-B03C-EF2FC0FF27BB} - C:\WINDOWS\system32\ddcyx.dll (file missing)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe (file missing)
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 15 / 15
ricky0227 Messages postés 11 Statut Membre
 
Le problème semble réglé... Avast ne trouve plus de trojan et je n'ai plus de pop up de message d'erreur lorsque je suis sur le net.

Merci beaucoup salwa de ton aide !

Est-ce que je dois utiliser killbox et smitfraudfix quand même ?
0
salwa
 
bonjour ton log est propre :p fait quand meme les manips de smithfraudfix et killbox on sais jamais ...

passe regulierement un coup d'antispywares (adaware/spybot/edwido.. ect) et vide regilerement les dossier temporaire a l'aide du programe ccleaner

@+++
0

Discussions similaires

TI college plus (calculatrice probleme)
help39 -
Utilisateur anonyme -

3 réponses