Aide pour lire mon log hijacthis

Résolu
ricky0227 Messages postés 11 Statut Membre -  
 salwa -
Bonjour mon antivirus (avast) trouve toujours les même trojan, mais il est incaplabe de les supprimer et j'ai toujours des fenêtre qui s'ouvre lorsque je suis sur le net (winantispyware etc..)

Les tojan que avast touve sont : win32:Agent-CJJ et Win32:Dialer-759

Merci à l'avance !

voici mon log hijacthis :

Logfile of HijackThis v1.99.1
Scan saved at 13:17:22, on 2006-11-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\{344B236C-07D4-1033-0210-061019050002}\Update.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lapresse.ca
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe (file missing)
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

15 réponses

  1. salwa
     
    bonjour peu tu nous dire l'emplacement exacte des virus?

    pour les fenetre de pub passe un coup d'antispyware

    pense a les mettre a jour avant de les lancées
    (1) ad-aware version 1.06

    (ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
    voir demo
    http://pageperso.aol.fr/balltrap34/adwseflash.zip
    ***
    (2) spybot version 1.4

    (ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite

    voir demo d utilisation
    http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
    ***

    ps : un grand merci a balltrap pour les lien

    (3) Edwido
    http://download.ewido.net/ewido-setup.exe
    Pendant l'installation, sur la page "Additional Options", décoche les deux options "Install background guard" et "Install scan via context menu Ewido Security Suite. Clique sur mise à jour.

    Clique sur scanner puis sur scan complet du système.

    @++
    0
  2. ricky0227 Messages postés 11 Statut Membre
     
    Voici l'emplacement que avast me donne:

    c:\windows\temp\win9E.tmp
    c:\windows\temp\winBB.tmp
    c:\windows\temp\winC0.tmp

    Pour ce qui est de anti-spyware, j'ai déjà fait le ménage avec spy-bot search and destriy et ad-ware mais le problème ce poursuit...
    et maintenant, environ au 15 minute avast m'avertie qu'il a trouvé ces trojant et internet explorer me dit qu'il doit fermer car il s'est produit une erreur...

    merci de votre aide!
    0
    1. ricky0227 Messages postés 11 Statut Membre
       
      v oivi le log ccleaner :

      ANALYSIS COMPLETE - (24,655 secs)
      ------------------------------------------------------------------------------------------
      9,30MB to be removed. (Approximate size)
      ------------------------------------------------------------------------------------------

      Details of files to be deleted (Note: No files have been deleted yet)
      ------------------------------------------------------------------------------------------
      IE Temporary Internet Files (1381 files) 7,33MB
      C:\Documents and Settings\Owner\Cookies\owner@202.67.220[2].txt 235 bytes
      C:\Documents and Settings\Owner\Cookies\owner@202.67.220[3].txt 428 bytes
      C:\Documents and Settings\Owner\Cookies\owner@247realmedia[1].txt 453 bytes
      C:\Documents and Settings\Owner\Cookies\owner@62.4.84[1].txt 135 bytes
      C:\Documents and Settings\Owner\Cookies\owner@62.4.84[3].txt 430 bytes
      C:\Documents and Settings\Owner\Cookies\owner@82.98.235[1].txt 167 bytes
      C:\Documents and Settings\Owner\Cookies\owner@85.12.25[2].txt 160 bytes
      C:\Documents and Settings\Owner\Cookies\owner@89.188.16[1].txt 344 bytes
      C:\Documents and Settings\Owner\Cookies\owner@89.188.16[2].txt 103 bytes
      C:\Documents and Settings\Owner\Cookies\owner@adcentriconline[1].txt 176 bytes
      C:\Documents and Settings\Owner\Cookies\owner@cams[2].txt 219 bytes
      C:\Documents and Settings\Owner\Cookies\owner@canoe[1].txt 94 bytes
      C:\Documents and Settings\Owner\Cookies\owner@canoe[2].txt 69 bytes
      C:\Documents and Settings\Owner\Cookies\owner@cpvfeed[2].txt 563 bytes
      C:\Documents and Settings\Owner\Cookies\owner@cyberpresse[2].txt 343 bytes
      C:\Documents and Settings\Owner\Cookies\owner@drivecleaner[2].txt 806 bytes
      C:\Documents and Settings\Owner\Cookies\owner@edt02[2].txt 398 bytes
      C:\Documents and Settings\Owner\Cookies\owner@entraide.aceboard[1].txt 94 bytes
      C:\Documents and Settings\Owner\Cookies\owner@eyereturn[2].txt 187 bytes
      C:\Documents and Settings\Owner\Cookies\owner@fr.drivecleaner[1].txt 225 bytes
      C:\Documents and Settings\Owner\Cookies\owner@funny-serv[1].txt 280 bytes
      C:\Documents and Settings\Owner\Cookies\owner@google[1].txt 130 bytes
      C:\Documents and Settings\Owner\Cookies\owner@lycos[1].txt 109 bytes
      C:\Documents and Settings\Owner\Cookies\owner@m.webtrends[1].txt 180 bytes
      C:\Documents and Settings\Owner\Cookies\owner@microsoft[2].txt 267 bytes
      C:\Documents and Settings\Owner\Cookies\owner@mybloglog[1].txt 86 bytes
      C:\Documents and Settings\Owner\Cookies\owner@passion[2].txt 234 bytes
      C:\Documents and Settings\Owner\Cookies\owner@rad.microsoft[2].txt 750 bytes
      C:\Documents and Settings\Owner\Cookies\owner@realmedia[1].txt 93 bytes
      C:\Documents and Settings\Owner\Cookies\owner@redirect[2].txt 208 bytes
      C:\Documents and Settings\Owner\Cookies\owner@redirect[3].txt 230 bytes
      C:\Documents and Settings\Owner\Cookies\owner@stats.drivecleaner[2].txt 420 bytes
      C:\Documents and Settings\Owner\Cookies\owner@stats1.reliablestats[1].txt 608 bytes
      C:\Documents and Settings\Owner\Cookies\owner@sur-la-toile[1].txt 367 bytes
      C:\Documents and Settings\Owner\Cookies\owner@weborama[2].txt 177 bytes
      C:\Documents and Settings\Owner\Cookies\owner@www.amxtravel[1].txt 376 bytes
      C:\Documents and Settings\Owner\Cookies\owner@www.commentcamarche[1].txt 115 bytes
      C:\Documents and Settings\Owner\Cookies\owner@www.cyberpresse[1].txt 98 bytes
      C:\Documents and Settings\Owner\Cookies\owner@www.drivecleaner[2].txt 342 bytes
      C:\Documents and Settings\Owner\Cookies\owner@www.microsoft[1].txt 80 bytes
      C:\Documents and Settings\Owner\Cookies\owner@www.smartadserver[1].txt 389 bytes
      C:\Documents and Settings\Owner\Cookies\owner@www.sur-la-toile[2].txt 176 bytes
      C:\Documents and Settings\Owner\Cookies\owner@www.winantiviruspro[1].txt 337 bytes
      C:\Documents and Settings\Owner\Cookies\owner@www2.canoe[1].txt 346 bytes
      C:\Documents and Settings\Owner\Cookies\owner@xiti[1].txt 100 bytes
      C:\Documents and Settings\Owner\Local Settings\History\History.IE5\desktop.ini 113 bytes
      C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012006112320061124\index.dat 32,00KB
      C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012006112420061125\index.dat 48,00KB
      Marked for deletion: C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat
      Marked for deletion: C:\Documents and Settings\Owner\Cookies\index.dat
      Marked for deletion: C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat
      Emptied Recycle Bin (1 files) 6,51KB
      C:\WINDOWS\TEMP\Cookies\index.dat 16,00KB
      C:\WINDOWS\TEMP\History\History.IE5\desktop.ini 113 bytes
      C:\WINDOWS\TEMP\History\History.IE5\index.dat 16,00KB
      C:\WINDOWS\TEMP\MpCmdRun.log 4,78KB
      C:\WINDOWS\TEMP\MpSigStub.log 8,61KB
      C:\WINDOWS\TEMP\removalfile.bat 43 bytes
      C:\WINDOWS\TEMP\T30DebugLogFile.txt 0 bytes
      C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\1LDHRS10\desktop.ini 67 bytes
      C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\5ZK09DZ7\desktop.ini 67 bytes
      C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\CMECCR72\desktop.ini 67 bytes
      C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\desktop.ini 67 bytes
      C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\I17ZMPLU\desktop.ini 67 bytes
      C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\index.dat 32,00KB
      C:\WINDOWS\TEMP\WGAErrLog.txt 255 bytes
      C:\WINDOWS\TEMP\WGANotify.settings 409 bytes
      C:\WINDOWS\TEMP\win1.tmp 0 bytes
      C:\WINDOWS\TEMP\win10.tmp 0 bytes
      C:\WINDOWS\TEMP\win11.tmp 0 bytes
      C:\WINDOWS\TEMP\win12.tmp 0 bytes
      C:\WINDOWS\TEMP\win13.tmp 0 bytes
      C:\WINDOWS\TEMP\win14.tmp 0 bytes
      C:\WINDOWS\TEMP\win15.tmp 0 bytes
      C:\WINDOWS\TEMP\win16.tmp 0 bytes
      C:\WINDOWS\TEMP\win17.tmp 0 bytes
      C:\WINDOWS\TEMP\win18.tmp 0 bytes
      C:\WINDOWS\TEMP\win19.tmp 0 bytes
      C:\WINDOWS\TEMP\win1A.tmp 0 bytes
      C:\WINDOWS\TEMP\win1B.tmp 0 bytes
      C:\WINDOWS\TEMP\win1C.tmp 0 bytes
      C:\WINDOWS\TEMP\win1D.tmp 0 bytes
      C:\WINDOWS\TEMP\win1E.tmp 0 bytes
      C:\WINDOWS\TEMP\win1F.tmp 0 bytes
      C:\WINDOWS\TEMP\win2.tmp 0 bytes
      C:\WINDOWS\TEMP\win20.tmp 0 bytes
      C:\WINDOWS\TEMP\win21.tmp 0 bytes
      C:\WINDOWS\TEMP\win22.tmp 0 bytes
      C:\WINDOWS\TEMP\win23.tmp 0 bytes
      C:\WINDOWS\TEMP\win24.tmp 0 bytes
      C:\WINDOWS\TEMP\win25.tmp 0 bytes
      C:\WINDOWS\TEMP\win26.tmp 0 bytes
      C:\WINDOWS\TEMP\win27.tmp 0 bytes
      C:\WINDOWS\TEMP\win28.tmp 0 bytes
      C:\WINDOWS\TEMP\win29.tmp 0 bytes
      C:\WINDOWS\TEMP\win2A.tmp 0 bytes
      C:\WINDOWS\TEMP\win2B.tmp 0 bytes
      C:\WINDOWS\TEMP\win2C.tmp 0 bytes
      C:\WINDOWS\TEMP\win2D.tmp 0 bytes
      C:\WINDOWS\TEMP\win2E.tmp 0 bytes
      C:\WINDOWS\TEMP\win2F.tmp 0 bytes
      C:\WINDOWS\TEMP\win3.tmp 0 bytes
      C:\WINDOWS\TEMP\win30.tmp 0 bytes
      C:\WINDOWS\TEMP\win31.tmp 0 bytes
      C:\WINDOWS\TEMP\win32.tmp 0 bytes
      C:\WINDOWS\TEMP\win33.tmp 0 bytes
      C:\WINDOWS\TEMP\win34.tmp 0 bytes
      C:\WINDOWS\TEMP\win35.tmp 0 bytes
      C:\WINDOWS\TEMP\win36.tmp 0 bytes
      C:\WINDOWS\TEMP\win37.tmp 0 bytes
      C:\WINDOWS\TEMP\win38.tmp 0 bytes
      C:\WINDOWS\TEMP\win39.tmp 0 bytes
      C:\WINDOWS\TEMP\win3A.tmp 0 bytes
      C:\WINDOWS\TEMP\win3B.tmp 0 bytes
      C:\WINDOWS\TEMP\win3C.tmp 0 bytes
      C:\WINDOWS\TEMP\win3D.tmp 0 bytes
      C:\WINDOWS\TEMP\win3E.tmp 0 bytes
      C:\WINDOWS\TEMP\win3F.tmp 0 bytes
      C:\WINDOWS\TEMP\win4.tmp 0 bytes
      C:\WINDOWS\TEMP\win40.tmp 0 bytes
      C:\WINDOWS\TEMP\win41.tmp 0 bytes
      C:\WINDOWS\TEMP\win42.tmp 0 bytes
      C:\WINDOWS\TEMP\win43.tmp 0 bytes
      C:\WINDOWS\TEMP\win44.tmp 0 bytes
      C:\WINDOWS\TEMP\win45.tmp 0 bytes
      C:\WINDOWS\TEMP\win46.tmp 0 bytes
      C:\WINDOWS\TEMP\win47.tmp 0 bytes
      C:\WINDOWS\TEMP\win48.tmp 0 bytes
      C:\WINDOWS\TEMP\win49.tmp 0 bytes
      C:\WINDOWS\TEMP\win4A.tmp 0 bytes
      C:\WINDOWS\TEMP\win4B.tmp 0 bytes
      C:\WINDOWS\TEMP\win4C.tmp 0 bytes
      C:\WINDOWS\TEMP\win4D.tmp 0 bytes
      C:\WINDOWS\TEMP\win4E.tmp 0 bytes
      C:\WINDOWS\TEMP\win4F.tmp 0 bytes
      C:\WINDOWS\TEMP\win5.tmp 0 bytes
      C:\WINDOWS\TEMP\win50.tmp 0 bytes
      C:\WINDOWS\TEMP\win51.tmp 0 bytes
      C:\WINDOWS\TEMP\win52.tmp 0 bytes
      C:\WINDOWS\TEMP\win53.tmp 0 bytes
      C:\WINDOWS\TEMP\win54.tmp 0 bytes
      C:\WINDOWS\TEMP\win55.tmp 0 bytes
      C:\WINDOWS\TEMP\win56.tmp 0 bytes
      C:\WINDOWS\TEMP\win57.tmp 0 bytes
      C:\WINDOWS\TEMP\win58.tmp 0 bytes
      C:\WINDOWS\TEMP\win59.tmp 0 bytes
      C:\WINDOWS\TEMP\win5A.tmp 0 bytes
      C:\WINDOWS\TEMP\win5B.tmp 0 bytes
      C:\WINDOWS\TEMP\win5C.tmp 0 bytes
      C:\WINDOWS\TEMP\win5D.tmp 0 bytes
      C:\WINDOWS\TEMP\win5E.tmp 0 bytes
      C:\WINDOWS\TEMP\win5F.tmp 0 bytes
      C:\WINDOWS\TEMP\win6.tmp 0 bytes
      C:\WINDOWS\TEMP\win60.tmp 0 bytes
      C:\WINDOWS\TEMP\win61.tmp 0 bytes
      C:\WINDOWS\TEMP\win62.tmp 0 bytes
      C:\WINDOWS\TEMP\win63.tmp 0 bytes
      C:\WINDOWS\TEMP\win64.tmp 0 bytes
      C:\WINDOWS\TEMP\win65.tmp 0 bytes
      C:\WINDOWS\TEMP\win66.tmp 0 bytes
      C:\WINDOWS\TEMP\win67.tmp 0 bytes
      C:\WINDOWS\TEMP\win68.tmp 0 bytes
      C:\WINDOWS\TEMP\win69.tmp 0 bytes
      C:\WINDOWS\TEMP\win6A.tmp 0 bytes
      C:\WINDOWS\TEMP\win6B.tmp 0 bytes
      C:\WINDOWS\TEMP\win6C.tmp 0 bytes
      C:\WINDOWS\TEMP\win6D.tmp 0 bytes
      C:\WINDOWS\TEMP\win6E.tmp 0 bytes
      C:\WINDOWS\TEMP\win6F.tmp 0 bytes
      C:\WINDOWS\TEMP\win7.tmp 0 bytes
      C:\WINDOWS\TEMP\win70.tmp 0 bytes
      C:\WINDOWS\TEMP\win71.tmp 0 bytes
      C:\WINDOWS\TEMP\win72.tmp 0 bytes
      C:\WINDOWS\TEMP\win73.tmp 0 bytes
      C:\WINDOWS\TEMP\win74.tmp 0 bytes
      C:\WINDOWS\TEMP\win75.tmp 0 bytes
      C:\WINDOWS\TEMP\win76.tmp 0 bytes
      C:\WINDOWS\TEMP\win77.tmp 0 bytes
      C:\WINDOWS\TEMP\win78.tmp 0 bytes
      C:\WINDOWS\TEMP\win79.tmp 0 bytes
      C:\WINDOWS\TEMP\win7A.tmp 0 bytes
      C:\WINDOWS\TEMP\win7B.tmp 0 bytes
      C:\WINDOWS\TEMP\win7C.tmp 0 bytes
      C:\WINDOWS\TEMP\win7D.tmp 0 bytes
      C:\WINDOWS\TEMP\win7E.tmp 0 bytes
      C:\WINDOWS\TEMP\win7F.tmp 0 bytes
      C:\WINDOWS\TEMP\win8.tmp 0 bytes
      C:\WINDOWS\TEMP\win80.tmp 0 bytes
      C:\WINDOWS\TEMP\win81.tmp 0 bytes
      C:\WINDOWS\TEMP\win82.tmp 0 bytes
      C:\WINDOWS\TEMP\win83.tmp 0 bytes
      C:\WINDOWS\TEMP\win84.tmp 0 bytes
      C:\WINDOWS\TEMP\win85.tmp 0 bytes
      C:\WINDOWS\TEMP\win86.tmp 0 bytes
      C:\WINDOWS\TEMP\win87.tmp 0 bytes
      C:\WINDOWS\TEMP\win88.tmp 0 bytes
      C:\WINDOWS\TEMP\win89.tmp 0 bytes
      C:\WINDOWS\TEMP\win8A.tmp 0 bytes
      C:\WINDOWS\TEMP\win8B.tmp 0 bytes
      C:\WINDOWS\TEMP\win8C.tmp 0 bytes
      C:\WINDOWS\TEMP\win8D.tmp 0 bytes
      C:\WINDOWS\TEMP\win8E.tmp 0 bytes
      C:\WINDOWS\TEMP\win8F.tmp 0 bytes
      C:\WINDOWS\TEMP\win9.tmp 0 bytes
      C:\WINDOWS\TEMP\win90.tmp 0 bytes
      C:\WINDOWS\TEMP\win91.tmp 0 bytes
      C:\WINDOWS\TEMP\win92.tmp 0 bytes
      C:\WINDOWS\TEMP\win93.tmp 0 bytes
      C:\WINDOWS\TEMP\win94.tmp 0 bytes
      C:\WINDOWS\TEMP\win95.tmp 944 bytes
      C:\WINDOWS\TEMP\win96.tmp 0 bytes
      C:\WINDOWS\TEMP\win97.tmp 0 bytes
      C:\WINDOWS\TEMP\win98.tmp 0 bytes
      C:\WINDOWS\TEMP\win99.tmp 0 bytes
      C:\WINDOWS\TEMP\win99.tmp.exe 0,13MB
      C:\WINDOWS\TEMP\win9A.tmp 0 bytes
      C:\WINDOWS\TEMP\win9B.tmp 0 bytes
      C:\WINDOWS\TEMP\win9C.tmp 0 bytes
      C:\WINDOWS\TEMP\win9D.tmp 0 bytes
      C:\WINDOWS\TEMP\win9F.tmp 0 bytes
      C:\WINDOWS\TEMP\winA.tmp 0 bytes
      C:\WINDOWS\TEMP\winA0.tmp 0 bytes
      C:\WINDOWS\TEMP\winA1.tmp 0 bytes
      C:\WINDOWS\TEMP\winA2.tmp 0 bytes
      C:\WINDOWS\TEMP\winA3.tmp 0 bytes
      C:\WINDOWS\TEMP\winA4.tmp 0 bytes
      C:\WINDOWS\TEMP\winA5.tmp 0 bytes
      C:\WINDOWS\TEMP\winA6.tmp 0 bytes
      C:\WINDOWS\TEMP\winA7.tmp 0 bytes
      C:\WINDOWS\TEMP\winA8.tmp 0 bytes
      C:\WINDOWS\TEMP\winA9.tmp 0 bytes
      C:\WINDOWS\TEMP\winAA.tmp 0 bytes
      C:\WINDOWS\TEMP\winAB.tmp 0 bytes
      C:\WINDOWS\TEMP\winAC.tmp 0 bytes
      C:\WINDOWS\TEMP\winAD.tmp 0 bytes
      C:\WINDOWS\TEMP\winAE.tmp 0 bytes
      C:\WINDOWS\TEMP\winAF.tmp 0 bytes
      C:\WINDOWS\TEMP\winB.tmp 0 bytes
      C:\WINDOWS\TEMP\winB0.tmp 944 bytes
      C:\WINDOWS\TEMP\winB1.tmp 0 bytes
      C:\WINDOWS\TEMP\winB2.tmp 0 bytes
      C:\WINDOWS\TEMP\winB3.tmp 0 bytes
      C:\WINDOWS\TEMP\winB4.tmp 0 bytes
      C:\WINDOWS\TEMP\winB5.tmp 0 bytes
      C:\WINDOWS\TEMP\winB6.tmp 0 bytes
      C:\WINDOWS\TEMP\winB7.tmp 944 bytes
      C:\WINDOWS\TEMP\winB8.tmp 0 bytes
      C:\WINDOWS\TEMP\winB9.tmp 0 bytes
      C:\WINDOWS\TEMP\winBA.tmp 0 bytes
      C:\WINDOWS\TEMP\winBB.tmp 19,00KB
      C:\WINDOWS\TEMP\winBB.tmp.exe 0,13MB
      C:\WINDOWS\TEMP\winBC.tmp 0 bytes
      C:\WINDOWS\TEMP\winBD.tmp 0 bytes
      C:\WINDOWS\TEMP\winBE.tmp 0 bytes
      C:\WINDOWS\TEMP\winBF.tmp 0 bytes
      C:\WINDOWS\TEMP\winC.tmp 0 bytes
      C:\WINDOWS\TEMP\winC1.tmp 0 bytes
      C:\WINDOWS\TEMP\winC2.tmp 0 bytes
      C:\WINDOWS\TEMP\winC3.tmp 0 bytes
      C:\WINDOWS\TEMP\winC4.tmp 0 bytes
      C:\WINDOWS\TEMP\winC5.tmp 0 bytes
      C:\WINDOWS\TEMP\winC6.tmp 0 bytes
      C:\WINDOWS\TEMP\winC7.tmp 0 bytes
      C:\WINDOWS\TEMP\winC8.tmp 0 bytes
      C:\WINDOWS\TEMP\winC9.tmp 0 bytes
      C:\WINDOWS\TEMP\winCA.tmp 0 bytes
      C:\WINDOWS\TEMP\winCB.tmp 0 bytes
      C:\WINDOWS\TEMP\winCC.tmp 0 bytes
      C:\WINDOWS\TEMP\winCD.tmp 0 bytes
      C:\WINDOWS\TEMP\winCE.tmp 0 bytes
      C:\WINDOWS\TEMP\winCF.tmp 0 bytes
      C:\WINDOWS\TEMP\winD.tmp 0 bytes
      C:\WINDOWS\TEMP\winD0.tmp 0 bytes
      C:\WINDOWS\TEMP\winD1.tmp 0 bytes
      C:\WINDOWS\TEMP\winD2.tmp 0 bytes
      C:\WINDOWS\TEMP\winD3.tmp 0 bytes
      C:\WINDOWS\TEMP\winD4.tmp 944 bytes
      C:\WINDOWS\TEMP\winD6.tmp 0 bytes
      C:\WINDOWS\TEMP\winD7.tmp.exe 19,00KB
      C:\WINDOWS\TEMP\winDC.tmp 0 bytes
      C:\WINDOWS\TEMP\winE.tmp 0 bytes
      C:\WINDOWS\TEMP\winF.tmp 0 bytes
      C:\DOCUME~1\Owner\LOCALS~1\Temp\c1da_appcompat.txt 48,08KB
      C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF1D22.tmp 16,00KB
      C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF306B.tmp 48,00KB
      C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF463.tmp 48,00KB
      C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF6247.tmp 48,00KB
      C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF761F.tmp 16,00KB
      C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF8851.tmp 48,00KB
      C:\DOCUME~1\Owner\LOCALS~1\Temp\~DFC1CD.tmp 48,00KB
      C:\DOCUME~1\Owner\LOCALS~1\Temp\~DFD780.tmp 48,00KB
      C:\DOCUME~1\Owner\LOCALS~1\Temp\~DFDD9C.tmp 16,00KB
      C:\DOCUME~1\Owner\LOCALS~1\Temp\~DFF481.tmp 48,00KB
      C:\WINDOWS\system32\wbem\Logs\FrameWork.log 6,28KB
      C:\WINDOWS\system32\wbem\Logs\wbemess.log 35,77KB
      C:\WINDOWS\system32\wbem\Logs\wbemprox.log 1,33KB
      C:\WINDOWS\system32\wbem\Logs\wmiprov.log 536 bytes
      C:\WINDOWS\0.log 0 bytes
      C:\WINDOWS\setupact.log 120 bytes
      C:\WINDOWS\setuperr.log 0 bytes
      C:\WINDOWS\ntbtlog.txt 0,17MB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\drwtsn32.log 0,56MB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp 58,56KB
      C:\WINDOWS\Debug\UserMode\userenv.log 17,96KB
      C:\Documents and Settings\Owner\Application Data\Microsoft\Office\Recent\index.dat 28 bytes
      C:\Documents and Settings\Owner\Application Data\Microsoft\Office\Recent\Templates.LNK 766 bytes
      C:\Documents and Settings\Owner\Application Data\Microsoft\Office\Recent\index.dat 28 bytes
      C:\Documents and Settings\Owner\Application Data\Microsoft\Office\Recent\Templates.LNK 766 bytes
      C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol 348 bytes
      C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.061122-1243.log 368 bytes
      C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.061122-1244.txt 1,35KB
      C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.061123-1351.log 304 bytes
      C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.061123-1353.txt 1,22KB
      C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Fixes.061122-1245.txt 1,33KB
      C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Fixes.061123-1353.txt 1,21KB
      C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Statistics.ini 104 bytes
      C:\Documents and Settings\Owner\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2006-11-23 13-54-49.txt 29,36KB
      C:\WINDOWS\Internet Logs\ZALog.txt 8,11KB
      C:\WINDOWS\Internet Logs\ZALog2006.11.21.txt 10,40KB
      C:\WINDOWS\Internet Logs\ZALog2006.11.22.txt 43,48KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{0EBBF929-D6DE-4186-9153-4E79F4FE89AA} 5,84KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{1AC51617-CE8C-4231-B9C3-9B516258669E} 5,20KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{1FD6E602-DD18-455C-AEC0-C33A5232790D} 5,01KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{345B9A2B-D85B-4A66-92F5-AB6410921FD7} 7,67KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{4323608E-133A-4BFC-A183-887B7A64C3FC} 5,01KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{497C758D-F867-4F22-B843-616766E0A8C6} 5,20KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{4E596082-2D6D-4138-A96F-4B139E9AADA9} 5,01KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{50CBAEF1-3BB6-4F7F-8C48-4E54E5DDEC71} 5,20KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{51D6B610-5515-4657-AEFB-8A13BC5563B8} 5,25KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{852FAEB0-DA62-4B36-B6E5-4261BC23BDD0} 5,20KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{8A703FC4-2C62-4D60-9797-DEF3B22E149E} 6,04KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{90213A6D-F7DA-4F56-A69A-70BFDF0E99A8} 5,20KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{96944C8E-FF71-439A-8162-626C2D1530F3} 5,20KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{A1C4FA49-A35E-455B-986E-460D39B626A7} 5,20KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{ADDE406F-729C-4D8D-8712-CC029AFC2D5B} 9,56KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{B12A4EA1-2262-4F73-8F63-D65293846C03} 5,20KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{B74A14BC-6C17-4875-ABFF-793D2E9D4623} 10,26KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{D0CDC582-BDBF-4B5D-B500-09ECCF126365} 5,17KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{D5550AB9-DC08-49E9-A158-B0D1AB108FA8} 5,20KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{E03D3ADA-3A26-4122-B5D0-B64E69238DC9} 5,20KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{E145AE05-C720-4FB5-936C-D6EB60168E85} 5,94KB
      C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{F738F0CC-1117-4DD0-93BC-CA65BA7536D0} 5,30KB
      -------------------------------------------------------------------
      0
  3. ricky0227 Messages postés 11 Statut Membre
     
    Je dois partir pour le travail, je vais lire tes conseils en revenant.

    Merci beaucoup
    0
  4. salwa
     
    ok cclenear a detecter les virus maintenant il faut lancer le netoyage comme sur le tutorial ensuite colle le resultat ici

    @+++++
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. ricky0227 Messages postés 11 Statut Membre
     
    voici le log après avoir nettoyé avec ccleaner :

    CLEANING COMPLETE - (4,340 secs)
    ------------------------------------------------------------------------------------------
    9,84MB removed.
    ------------------------------------------------------------------------------------------

    Details of files deleted
    ------------------------------------------------------------------------------------------
    IE Temporary Internet Files (1477 files) 7,95MB
    Cookie:owner@sysprotect.com/(&H100001) 240 bytes
    Cookie:owner@adcentriconline.com/(&H100001) 176 bytes
    Cookie:owner@www.microsoft.com/(&H100001) 83 bytes
    Cookie:owner@www.amxtravel.com/(&H100001) 376 bytes
    Cookie:owner@microsoft.com/(&H100001) 267 bytes
    Cookie:owner@edt02.net/(&H100001) 296 bytes
    Cookie:owner@247realmedia.com/(&H100001) 344 bytes
    Cookie:owner@www2.canoe.com/(&H100001) 346 bytes
    Cookie:owner@www.smartadserver.com/(&H100001) 389 bytes
    Cookie:owner@scanner.sysprotect.com/(&H100001) 228 bytes
    Cookie:owner@funny-serv.com/(&H100001) 277 bytes
    Cookie:owner@85.12.25.85/(&H100001) 160 bytes
    Cookie:owner@stats.drivecleaner.com/(&H100001) 420 bytes
    Cookie:owner@stats1.reliablestats.com/(&H100001) 877 bytes
    Cookie:owner@eyereturn.com/(&H100001) 187 bytes
    Cookie:owner@62.4.84.172/(&H100001) 430 bytes
    Cookie:owner@89.188.16.13/(&H100001) 344 bytes
    Cookie:owner@realmedia.com/(&H100001) 93 bytes
    Cookie:owner@cyberpresse.ca/(&H100001) 341 bytes
    Cookie:owner@www.sur-la-toile.com/(&H100001) 176 bytes
    Cookie:owner@mybloglog.com/(&H100001) 86 bytes
    Cookie:owner@89.188.16.10/(&H100001) 431 bytes
    Cookie:owner@canoe.ca/(&H100001) 94 bytes
    Cookie:owner@google.ca/(&H100001) 130 bytes
    Cookie:owner@202.67.220.219/(&H100001) 234 bytes
    Cookie:owner@drivecleaner.com/(&H100001) 806 bytes
    Cookie:owner@cpvfeed.com/(&H100001) 563 bytes
    Cookie:owner@lycos.com/(&H100001) 109 bytes
    Cookie:owner@rad.microsoft.com/(&H100001) 750 bytes
    Cookie:owner@85.12.25.100/redirect/(&H100001) 230 bytes
    Cookie:owner@xiti.com/(&H100001) 100 bytes
    Cookie:owner@202.67.220.227/(&H100001) 428 bytes
    Cookie:owner@entraide.aceboard.fr/(&H100001) 94 bytes
    Cookie:owner@weborama.fr/(&H100001) 177 bytes
    Cookie:owner@canoe.com/(&H100001) 69 bytes
    Cookie:owner@sur-la-toile.com/(&H100001) 367 bytes
    Cookie:owner@www.drivecleaner.com/(&H100001) 342 bytes
    Cookie:owner@fr.drivecleaner.com/(&H100001) 225 bytes
    Cookie:owner@62.4.84.53/(&H100001) 135 bytes
    Cookie:owner@89.188.16.17/redirect/(&H100001) 208 bytes
    Cookie:owner@www.winantiviruspro.com/(&H100001) 337 bytes
    Cookie:owner@m.webtrends.com/(&H100001) 180 bytes
    Cookie:owner@www.commentcamarche.net/(&H100001) 114 bytes
    Cookie:owner@www.cyberpresse.ca/(&H100001) 98 bytes
    Cookie:owner@passion.com/(&H100001) 234 bytes
    Cookie:owner@82.98.235.58/(&H100001) 167 bytes
    Cookie:owner@cams.com/(&H100001) 219 bytes
    C:\Documents and Settings\Owner\Local Settings\History\History.IE5\desktop.ini 113 bytes
    Marked for deletion: C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    Marked for deletion: C:\Documents and Settings\Owner\Cookies\index.dat
    Marked for deletion: C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat
    Marked for deletion: C:\Documents and Settings\Owner\Local Settings\History\History.IE5\mshist012006112520061126\index.dat
    Emptied Recycle Bin (1 files) 6,51KB
    C:\WINDOWS\TEMP\Cookies\index.dat 16,00KB
    C:\WINDOWS\TEMP\History\History.IE5\desktop.ini 113 bytes
    C:\WINDOWS\TEMP\History\History.IE5\index.dat 16,00KB
    C:\WINDOWS\TEMP\MpCmdRun.log 5,58KB
    C:\WINDOWS\TEMP\MpSigStub.log 8,61KB
    C:\WINDOWS\TEMP\removalfile.bat 43 bytes
    C:\WINDOWS\TEMP\T30DebugLogFile.txt 0 bytes
    C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\1LDHRS10\desktop.ini 67 bytes
    C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\5ZK09DZ7\desktop.ini 67 bytes
    C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\CMECCR72\desktop.ini 67 bytes
    C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\desktop.ini 67 bytes
    C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\I17ZMPLU\desktop.ini 67 bytes
    C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\index.dat 32,00KB
    C:\WINDOWS\TEMP\WGAErrLog.txt 255 bytes
    C:\WINDOWS\TEMP\WGANotify.settings 409 bytes
    C:\WINDOWS\TEMP\win1.tmp 0 bytes
    C:\WINDOWS\TEMP\win10.tmp 0 bytes
    C:\WINDOWS\TEMP\win11.tmp 0 bytes
    C:\WINDOWS\TEMP\win12.tmp 0 bytes
    C:\WINDOWS\TEMP\win13.tmp 0 bytes
    C:\WINDOWS\TEMP\win14.tmp 0 bytes
    C:\WINDOWS\TEMP\win15.tmp 0 bytes
    C:\WINDOWS\TEMP\win16.tmp 0 bytes
    C:\WINDOWS\TEMP\win17.tmp 0 bytes
    C:\WINDOWS\TEMP\win18.tmp 0 bytes
    C:\WINDOWS\TEMP\win19.tmp 0 bytes
    C:\WINDOWS\TEMP\win1A.tmp 0 bytes
    C:\WINDOWS\TEMP\win1B.tmp 0 bytes
    C:\WINDOWS\TEMP\win1C.tmp 0 bytes
    C:\WINDOWS\TEMP\win1D.tmp 0 bytes
    C:\WINDOWS\TEMP\win1E.tmp 0 bytes
    C:\WINDOWS\TEMP\win1F.tmp 0 bytes
    C:\WINDOWS\TEMP\win2.tmp 0 bytes
    C:\WINDOWS\TEMP\win20.tmp 0 bytes
    C:\WINDOWS\TEMP\win21.tmp 0 bytes
    C:\WINDOWS\TEMP\win22.tmp 0 bytes
    C:\WINDOWS\TEMP\win23.tmp 0 bytes
    C:\WINDOWS\TEMP\win24.tmp 0 bytes
    C:\WINDOWS\TEMP\win25.tmp 0 bytes
    C:\WINDOWS\TEMP\win26.tmp 0 bytes
    C:\WINDOWS\TEMP\win27.tmp 0 bytes
    C:\WINDOWS\TEMP\win28.tmp 0 bytes
    C:\WINDOWS\TEMP\win29.tmp 0 bytes
    C:\WINDOWS\TEMP\win2A.tmp 0 bytes
    C:\WINDOWS\TEMP\win2B.tmp 0 bytes
    C:\WINDOWS\TEMP\win2C.tmp 0 bytes
    C:\WINDOWS\TEMP\win2D.tmp 0 bytes
    C:\WINDOWS\TEMP\win2E.tmp 0 bytes
    C:\WINDOWS\TEMP\win2F.tmp 0 bytes
    C:\WINDOWS\TEMP\win3.tmp 0 bytes
    C:\WINDOWS\TEMP\win30.tmp 0 bytes
    C:\WINDOWS\TEMP\win31.tmp 0 bytes
    C:\WINDOWS\TEMP\win32.tmp 0 bytes
    C:\WINDOWS\TEMP\win33.tmp 0 bytes
    C:\WINDOWS\TEMP\win34.tmp 0 bytes
    C:\WINDOWS\TEMP\win35.tmp 0 bytes
    C:\WINDOWS\TEMP\win36.tmp 0 bytes
    C:\WINDOWS\TEMP\win37.tmp 0 bytes
    C:\WINDOWS\TEMP\win38.tmp 0 bytes
    C:\WINDOWS\TEMP\win39.tmp 0 bytes
    C:\WINDOWS\TEMP\win3A.tmp 0 bytes
    C:\WINDOWS\TEMP\win3B.tmp 0 bytes
    C:\WINDOWS\TEMP\win3C.tmp 0 bytes
    C:\WINDOWS\TEMP\win3D.tmp 0 bytes
    C:\WINDOWS\TEMP\win3E.tmp 0 bytes
    C:\WINDOWS\TEMP\win3F.tmp 0 bytes
    C:\WINDOWS\TEMP\win4.tmp 0 bytes
    C:\WINDOWS\TEMP\win40.tmp 0 bytes
    C:\WINDOWS\TEMP\win41.tmp 0 bytes
    C:\WINDOWS\TEMP\win42.tmp 0 bytes
    C:\WINDOWS\TEMP\win43.tmp 0 bytes
    C:\WINDOWS\TEMP\win44.tmp 0 bytes
    C:\WINDOWS\TEMP\win45.tmp 0 bytes
    C:\WINDOWS\TEMP\win46.tmp 0 bytes
    C:\WINDOWS\TEMP\win47.tmp 0 bytes
    C:\WINDOWS\TEMP\win48.tmp 0 bytes
    C:\WINDOWS\TEMP\win49.tmp 0 bytes
    C:\WINDOWS\TEMP\win4A.tmp 0 bytes
    C:\WINDOWS\TEMP\win4B.tmp 0 bytes
    C:\WINDOWS\TEMP\win4C.tmp 0 bytes
    C:\WINDOWS\TEMP\win4D.tmp 0 bytes
    C:\WINDOWS\TEMP\win4E.tmp 0 bytes
    C:\WINDOWS\TEMP\win4F.tmp 0 bytes
    C:\WINDOWS\TEMP\win5.tmp 0 bytes
    C:\WINDOWS\TEMP\win50.tmp 0 bytes
    C:\WINDOWS\TEMP\win51.tmp 0 bytes
    C:\WINDOWS\TEMP\win52.tmp 0 bytes
    C:\WINDOWS\TEMP\win53.tmp 0 bytes
    C:\WINDOWS\TEMP\win54.tmp 0 bytes
    C:\WINDOWS\TEMP\win55.tmp 0 bytes
    C:\WINDOWS\TEMP\win56.tmp 0 bytes
    C:\WINDOWS\TEMP\win57.tmp 0 bytes
    C:\WINDOWS\TEMP\win58.tmp 0 bytes
    C:\WINDOWS\TEMP\win59.tmp 0 bytes
    C:\WINDOWS\TEMP\win5A.tmp 0 bytes
    C:\WINDOWS\TEMP\win5B.tmp 0 bytes
    C:\WINDOWS\TEMP\win5C.tmp 0 bytes
    C:\WINDOWS\TEMP\win5D.tmp 0 bytes
    C:\WINDOWS\TEMP\win5E.tmp 0 bytes
    C:\WINDOWS\TEMP\win5F.tmp 0 bytes
    C:\WINDOWS\TEMP\win6.tmp 0 bytes
    C:\WINDOWS\TEMP\win60.tmp 0 bytes
    C:\WINDOWS\TEMP\win61.tmp 0 bytes
    C:\WINDOWS\TEMP\win62.tmp 0 bytes
    C:\WINDOWS\TEMP\win63.tmp 0 bytes
    C:\WINDOWS\TEMP\win64.tmp 0 bytes
    C:\WINDOWS\TEMP\win65.tmp 0 bytes
    C:\WINDOWS\TEMP\win66.tmp 0 bytes
    C:\WINDOWS\TEMP\win67.tmp 0 bytes
    C:\WINDOWS\TEMP\win68.tmp 0 bytes
    C:\WINDOWS\TEMP\win69.tmp 0 bytes
    C:\WINDOWS\TEMP\win6A.tmp 0 bytes
    C:\WINDOWS\TEMP\win6B.tmp 0 bytes
    C:\WINDOWS\TEMP\win6C.tmp 0 bytes
    C:\WINDOWS\TEMP\win6D.tmp 0 bytes
    C:\WINDOWS\TEMP\win6E.tmp 0 bytes
    C:\WINDOWS\TEMP\win6F.tmp 0 bytes
    C:\WINDOWS\TEMP\win7.tmp 0 bytes
    C:\WINDOWS\TEMP\win70.tmp 0 bytes
    C:\WINDOWS\TEMP\win71.tmp 0 bytes
    C:\WINDOWS\TEMP\win72.tmp 0 bytes
    C:\WINDOWS\TEMP\win73.tmp 0 bytes
    C:\WINDOWS\TEMP\win74.tmp 0 bytes
    C:\WINDOWS\TEMP\win75.tmp 0 bytes
    C:\WINDOWS\TEMP\win76.tmp 0 bytes
    C:\WINDOWS\TEMP\win77.tmp 0 bytes
    C:\WINDOWS\TEMP\win78.tmp 0 bytes
    C:\WINDOWS\TEMP\win79.tmp 0 bytes
    C:\WINDOWS\TEMP\win7A.tmp 0 bytes
    C:\WINDOWS\TEMP\win7B.tmp 0 bytes
    C:\WINDOWS\TEMP\win7C.tmp 0 bytes
    C:\WINDOWS\TEMP\win7D.tmp 0 bytes
    C:\WINDOWS\TEMP\win7E.tmp 0 bytes
    C:\WINDOWS\TEMP\win7F.tmp 0 bytes
    C:\WINDOWS\TEMP\win8.tmp 0 bytes
    C:\WINDOWS\TEMP\win80.tmp 0 bytes
    C:\WINDOWS\TEMP\win81.tmp 0 bytes
    C:\WINDOWS\TEMP\win82.tmp 0 bytes
    C:\WINDOWS\TEMP\win83.tmp 0 bytes
    C:\WINDOWS\TEMP\win84.tmp 0 bytes
    C:\WINDOWS\TEMP\win85.tmp 0 bytes
    C:\WINDOWS\TEMP\win86.tmp 0 bytes
    C:\WINDOWS\TEMP\win87.tmp 0 bytes
    C:\WINDOWS\TEMP\win88.tmp 0 bytes
    C:\WINDOWS\TEMP\win89.tmp 0 bytes
    C:\WINDOWS\TEMP\win8A.tmp 0 bytes
    C:\WINDOWS\TEMP\win8B.tmp 0 bytes
    C:\WINDOWS\TEMP\win8C.tmp 0 bytes
    C:\WINDOWS\TEMP\win8D.tmp 0 bytes
    C:\WINDOWS\TEMP\win8E.tmp 0 bytes
    C:\WINDOWS\TEMP\win8F.tmp 0 bytes
    C:\WINDOWS\TEMP\win9.tmp 0 bytes
    C:\WINDOWS\TEMP\win90.tmp 0 bytes
    C:\WINDOWS\TEMP\win91.tmp 0 bytes
    C:\WINDOWS\TEMP\win92.tmp 0 bytes
    C:\WINDOWS\TEMP\win93.tmp 0 bytes
    C:\WINDOWS\TEMP\win94.tmp 0 bytes
    C:\WINDOWS\TEMP\win95.tmp 944 bytes
    C:\WINDOWS\TEMP\win96.tmp 0 bytes
    C:\WINDOWS\TEMP\win97.tmp 0 bytes
    C:\WINDOWS\TEMP\win98.tmp 0 bytes
    C:\WINDOWS\TEMP\win99.tmp 0 bytes
    C:\WINDOWS\TEMP\win99.tmp.exe 0,13MB
    C:\WINDOWS\TEMP\win9A.tmp 0 bytes
    C:\WINDOWS\TEMP\win9B.tmp 0 bytes
    C:\WINDOWS\TEMP\win9C.tmp 0 bytes
    C:\WINDOWS\TEMP\win9D.tmp 0 bytes
    C:\WINDOWS\TEMP\win9E.tmp 944 bytes
    C:\WINDOWS\TEMP\win9F.tmp 0 bytes
    C:\WINDOWS\TEMP\winA.tmp 0 bytes
    C:\WINDOWS\TEMP\winA0.tmp 0 bytes
    C:\WINDOWS\TEMP\winA1.tmp 0 bytes
    C:\WINDOWS\TEMP\winA2.tmp 0 bytes
    C:\WINDOWS\TEMP\winA3.tmp 0 bytes
    C:\WINDOWS\TEMP\winA4.tmp 0 bytes
    C:\WINDOWS\TEMP\winA5.tmp 0 bytes
    C:\WINDOWS\TEMP\winA6.tmp 0 bytes
    C:\WINDOWS\TEMP\winA7.tmp 0 bytes
    C:\WINDOWS\TEMP\winA8.tmp 0 bytes
    C:\WINDOWS\TEMP\winA9.tmp 0 bytes
    C:\WINDOWS\TEMP\winAA.tmp 0 bytes
    C:\WINDOWS\TEMP\winAB.tmp 0 bytes
    C:\WINDOWS\TEMP\winAC.tmp 0 bytes
    C:\WINDOWS\TEMP\winAD.tmp 0 bytes
    C:\WINDOWS\TEMP\winAE.tmp 0 bytes
    C:\WINDOWS\TEMP\winAF.tmp 0 bytes
    C:\WINDOWS\TEMP\winB.tmp 0 bytes
    C:\WINDOWS\TEMP\winB0.tmp 944 bytes
    C:\WINDOWS\TEMP\winB1.tmp 0 bytes
    C:\WINDOWS\TEMP\winB2.tmp 0 bytes
    C:\WINDOWS\TEMP\winB3.tmp 0 bytes
    C:\WINDOWS\TEMP\winB4.tmp 0 bytes
    C:\WINDOWS\TEMP\winB5.tmp 0 bytes
    C:\WINDOWS\TEMP\winB6.tmp 0 bytes
    C:\WINDOWS\TEMP\winB7.tmp 944 bytes
    C:\WINDOWS\TEMP\winB8.tmp 0 bytes
    C:\WINDOWS\TEMP\winB9.tmp 0 bytes
    C:\WINDOWS\TEMP\winBA.tmp 0 bytes
    C:\WINDOWS\TEMP\winBB.tmp 19,00KB
    C:\WINDOWS\TEMP\winBB.tmp.exe 0,13MB
    C:\WINDOWS\TEMP\winBC.tmp 0 bytes
    C:\WINDOWS\TEMP\winBD.tmp 0 bytes
    C:\WINDOWS\TEMP\winBE.tmp 0 bytes
    C:\WINDOWS\TEMP\winBF.tmp 0 bytes
    C:\WINDOWS\TEMP\winC.tmp 0 bytes
    C:\WINDOWS\TEMP\winC0.tmp 0 bytes
    C:\WINDOWS\TEMP\winC1.tmp 0 bytes
    C:\WINDOWS\TEMP\winC2.tmp 0 bytes
    C:\WINDOWS\TEMP\winC3.tmp 0 bytes
    C:\WINDOWS\TEMP\winC4.tmp 0 bytes
    C:\WINDOWS\TEMP\winC5.tmp 0 bytes
    C:\WINDOWS\TEMP\winC6.tmp 0 bytes
    C:\WINDOWS\TEMP\winC7.tmp 0 bytes
    C:\WINDOWS\TEMP\winC8.tmp 0 bytes
    C:\WINDOWS\TEMP\winC9.tmp 0 bytes
    C:\WINDOWS\TEMP\winCA.tmp 0 bytes
    C:\WINDOWS\TEMP\winCB.tmp 0 bytes
    C:\WINDOWS\TEMP\winCC.tmp 0 bytes
    C:\WINDOWS\TEMP\winCD.tmp 0 bytes
    C:\WINDOWS\TEMP\winCE.tmp 0 bytes
    C:\WINDOWS\TEMP\winCF.tmp 0 bytes
    C:\WINDOWS\TEMP\winD.tmp 0 bytes
    C:\WINDOWS\TEMP\winD0.tmp 0 bytes
    C:\WINDOWS\TEMP\winD1.tmp 0 bytes
    C:\WINDOWS\TEMP\winD2.tmp 0 bytes
    C:\WINDOWS\TEMP\winD3.tmp 0 bytes
    C:\WINDOWS\TEMP\winD4.tmp 944 bytes
    C:\WINDOWS\TEMP\winD5.tmp 0 bytes
    C:\WINDOWS\TEMP\winD6.tmp 0 bytes
    C:\WINDOWS\TEMP\winD7.tmp 0 bytes
    C:\WINDOWS\TEMP\winD9.tmp 0 bytes
    C:\WINDOWS\TEMP\winDA.tmp 0 bytes
    C:\WINDOWS\TEMP\winDB.tmp 0 bytes
    C:\WINDOWS\TEMP\winDC.tmp 0 bytes
    C:\WINDOWS\TEMP\winDD.tmp 0 bytes
    C:\WINDOWS\TEMP\winDE.tmp 0 bytes
    C:\WINDOWS\TEMP\winDF.tmp 0 bytes
    C:\WINDOWS\TEMP\winE.tmp 0 bytes
    C:\WINDOWS\TEMP\winE0.tmp 0 bytes
    C:\WINDOWS\TEMP\winE1.tmp 0 bytes
    C:\WINDOWS\TEMP\winE2.tmp 0 bytes
    C:\WINDOWS\TEMP\winE3.tmp 0 bytes
    C:\WINDOWS\TEMP\winE4.tmp 0 bytes
    C:\WINDOWS\TEMP\winE7.tmp 944 bytes
    C:\WINDOWS\TEMP\winF.tmp 0 bytes
    C:\DOCUME~1\Owner\LOCALS~1\Temp\c1da_appcompat.txt 48,08KB
    C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF1D22.tmp 16,00KB
    C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF306B.tmp 48,00KB
    C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF463.tmp 48,00KB
    C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF6247.tmp 48,00KB
    C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF761F.tmp 16,00KB
    C:\DOCUME~1\Owner\LOCALS~1\Temp\~DF8851.tmp 48,00KB
    C:\DOCUME~1\Owner\LOCALS~1\Temp\~DFC1CD.tmp 48,00KB
    C:\DOCUME~1\Owner\LOCALS~1\Temp\~DFD780.tmp 48,00KB
    C:\DOCUME~1\Owner\LOCALS~1\Temp\~DFDD9C.tmp 16,00KB
    C:\DOCUME~1\Owner\LOCALS~1\Temp\~DFF481.tmp 48,00KB
    C:\WINDOWS\system32\wbem\Logs\FrameWork.log 6,79KB
    C:\WINDOWS\system32\wbem\Logs\wbemess.log 37,15KB
    C:\WINDOWS\system32\wbem\Logs\wbemprox.log 1,62KB
    C:\WINDOWS\system32\wbem\Logs\wmiprov.log 670 bytes
    C:\WINDOWS\0.log 0 bytes
    C:\WINDOWS\setupact.log 120 bytes
    C:\WINDOWS\setuperr.log 0 bytes
    C:\WINDOWS\ntbtlog.txt 0,17MB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\drwtsn32.log 0,56MB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp 58,56KB
    C:\WINDOWS\Debug\UserMode\userenv.log 19,02KB
    C:\Documents and Settings\Owner\Application Data\Microsoft\Office\Recent\index.dat 28 bytes
    C:\Documents and Settings\Owner\Application Data\Microsoft\Office\Recent\Templates.LNK 766 bytes
    C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol 348 bytes
    C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.061122-1243.log 368 bytes
    C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.061122-1244.txt 1,35KB
    C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.061123-1351.log 304 bytes
    C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.061123-1353.txt 1,22KB
    C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Fixes.061122-1245.txt 1,33KB
    C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Fixes.061123-1353.txt 1,21KB
    C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Statistics.ini 104 bytes
    C:\Documents and Settings\Owner\Application Data\Lavasoft\Ad-Aware\Logs\Ad-Aware log2006-11-23 13-54-49.txt 29,36KB
    C:\WINDOWS\Internet Logs\ZALog2006.11.21.txt 10,40KB
    C:\WINDOWS\Internet Logs\ZALog2006.11.22.txt 43,48KB
    C:\WINDOWS\Internet Logs\ZALog2006.11.24.txt 8,34KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{0EBBF929-D6DE-4186-9153-4E79F4FE89AA} 5,84KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{1AC51617-CE8C-4231-B9C3-9B516258669E} 5,20KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{1FD6E602-DD18-455C-AEC0-C33A5232790D} 5,01KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{345B9A2B-D85B-4A66-92F5-AB6410921FD7} 7,67KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{4323608E-133A-4BFC-A183-887B7A64C3FC} 5,01KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{439A4599-B3D0-489C-A0CB-52CFA2D8CD5C} 5,20KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{497C758D-F867-4F22-B843-616766E0A8C6} 5,20KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{4E596082-2D6D-4138-A96F-4B139E9AADA9} 5,01KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{50CBAEF1-3BB6-4F7F-8C48-4E54E5DDEC71} 5,20KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{51D6B610-5515-4657-AEFB-8A13BC5563B8} 5,25KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{852FAEB0-DA62-4B36-B6E5-4261BC23BDD0} 5,20KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{86EBBBC7-5F33-4FF1-9DB8-DF8E8EDA55CC} 5,20KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{8A703FC4-2C62-4D60-9797-DEF3B22E149E} 6,04KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{90213A6D-F7DA-4F56-A69A-70BFDF0E99A8} 5,20KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{96944C8E-FF71-439A-8162-626C2D1530F3} 5,20KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{A106393D-E12E-4A79-AA55-7107008A49C2} 5,20KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{A1C4FA49-A35E-455B-986E-460D39B626A7} 5,20KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{ADDE406F-729C-4D8D-8712-CC029AFC2D5B} 9,56KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{B12A4EA1-2262-4F73-8F63-D65293846C03} 5,20KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{B74A14BC-6C17-4875-ABFF-793D2E9D4623} 10,26KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{D0CDC582-BDBF-4B5D-B500-09ECCF126365} 5,17KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{D5550AB9-DC08-49E9-A158-B0D1AB108FA8} 5,20KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{E03D3ADA-3A26-4122-B5D0-B64E69238DC9} 5,20KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{E145AE05-C720-4FB5-936C-D6EB60168E85} 5,94KB
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{F738F0CC-1117-4DD0-93BC-CA65BA7536D0} 5,30KB
    ------------------------------------------------------------------------------------------
    0
    1. salwa
       
      refait un scan avec avast et dit moi si il trouve tjr des virus

      precise aussi si tes probleme sont resolu :)

      @+++++
      0
  7. ricky0227 Messages postés 11 Statut Membre
     
    Le problème n'est pas résolu. Avast trouve toujours les virus.
    0
  8. salwa
     
    Télécharger sur le Bureau.
    VundoFix http://www.atribune.org/ccount/click.php?id=4

    = Double-clic VundoFix.exe.
    = Clic OK
    =Attendre le redemarrage de Vundofix ( 1 à plusieurs minutes)
    =Clic Scan for Vundo

    =Puis clic Remove Vundo
    = Puis yes
    = Le Bureau disparaît un moment lors de la suppression des fichiers.
    =Message shutdown
    =clic OK
    =Redémarrage auto
    =copier le rapport qui est dans C:\vundofix.txt

    suivi d'un log hijackthis :)

    @++++
    0
  9. ricky0227 Messages postés 11 Statut Membre
     
    voici le log vundofix :

    VundoFix V6.2.11

    Checking Java version...

    Java version is 1.5.0.2

    Scan started at 16:42:35 2006-11-25

    Listing files found while scanning....

    C:\WINDOWS\system32\xycdd.ini
    C:\WINDOWS\system32\xycdd.bak1
    C:\WINDOWS\system32\xycdd.bak2

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\ddcyx.dll
    C:\WINDOWS\system32\ddcyx.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\xycdd.ini
    C:\WINDOWS\system32\xycdd.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\xycdd.bak1
    C:\WINDOWS\system32\xycdd.bak1 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\xycdd.bak2
    C:\WINDOWS\system32\xycdd.bak2 Has been deleted!

    Performing Repairs to the registry.
    Done!
    0
  10. ricky0227 Messages postés 11 Statut Membre
     
    log hijacthis :

    Logfile of HijackThis v1.99.1
    Scan saved at 16:48:36, on 2006-11-25
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Digital Media Reader\readericon45G.exe
    C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Common Files\{344B236C-07D4-1033-0210-061019050002}\Update.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Hijackthis\Scanner.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lapresse.ca
    O2 - BHO: (no name) - {013A653B-49A6-4f76-8B68-E4875EA6BA54} - C:\WINDOWS\system32\vsdxrjpy.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
    O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
    O2 - BHO: (no name) - {CFE9E8A8-38C0-4EF8-AEC2-5035EFE81030} - C:\WINDOWS\system32\ssqrppn.dll
    O2 - BHO: (no name) - {D9B0D0F8-D212-410A-B03C-EF2FC0FF27BB} - C:\WINDOWS\system32\ddcyx.dll (file missing)
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
    O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
    O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
    O20 - Winlogon Notify: ssqrppn - C:\WINDOWS\SYSTEM32\ssqrppn.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: wingdm32 - C:\WINDOWS\SYSTEM32\wingdm32.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe (file missing)
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    0
  11. salwa
     
    telecharge et execute ceci ensuite colle le raport qui te genere

    Edwido
    http://download.ewido.net/ewido-setup.exe
    Pendant l'installation, sur la page "Additional Options", décoche les deux options "Install background guard" et "Install scan via context menu Ewido Security Suite. Clique sur mise à jour.

    Clique sur scanner puis sur scan complet du système.

    et precise ou ont sont tes problem

    @+++
    0
  12. ricky0227 Messages postés 11 Statut Membre
     
    voici une nouvelle localisation du trojan que avast me donne :

    :\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\9693EEWJ\srvsvq[1].exe
    0
  13. salwa
     
    j'attend le raport d'edwido pour voir plus claire .... :)

    @++
    0
  14. salwa
     
    ree je ne peu pas attendre ton rapport d'edwido alors on continue

    lance hijack coche et fix ces lignes

    O20 - Winlogon Notify: ssqrppn - C:\WINDOWS\SYSTEM32\ssqrppn.dll
    O20 - Winlogon Notify: wingdm32 - C:\WINDOWS\SYSTEM32\wingdm32.dll

    telecharge the killbox https://www.bleepingcomputer.com/download/linux/

    Double clic sur killbox.exe (Pocket Killbox)

    - coche: delete on reboot
    - Dans "Full Path of File to Delete"
    copie et colle:

    C:\WINDOWS\SYSTEM32\wingdm32.dll

    - clique sur la croix rouge
    - une fenêtre va apparaître pour confirmation clique sur YES
    - une seconde fenêtre te demande si tu veux redémarrer clique sur YES

    Si ce message s’affiche ignore le :
    http://tinypic.com/images/goodbye.jpg
    Laisse le pc redémarrer ou redemarre manuellement s il le fait pas.

    telecharge SmitfraudFix

    http://siri.urz.free.fr/Fix/SmitfraudFix.zip
    Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1, il va générer un rapport Copie/colle le sur le poste stp. suivi d'un log hijack

    @++++
    0
    1. lal'
       
      salut salwa moi je suis super nulle en info et g chopé ce satané virus espagnol sur msn da uma olhada nos fotos ...
      voilà ce ke j'ai hijackthis : virus_msn_da_uma_olhada_nas_fotos_dessa_festa_muito_legal
      Logfile of HijackThis v1.99.1
      Scan saved at 10:10:56, on 26/11/2006
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
      C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
      C:\WINDOWS\system32\LEXBCES.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\system32\LEXPPS.EXE
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Acer\Empowering Technology\admServ.exe
      C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
      C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
      C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
      C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
      C:\Program Files\CyberLink\Shared Files\RichVideo.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
      C:\WINDOWS\system32\wscntfy.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\RTHDCPL.EXE
      C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\Acer\Acer Arcade\PCMService.exe
      C:\WINDOWS\system32\igfxtray.exe
      C:\WINDOWS\system32\hkcmd.exe
      C:\WINDOWS\system32\igfxpers.exe
      C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
      C:\acer\Empowering Technology\ePower\epm-dm.exe
      C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
      C:\Acer\Empowering Technology\eRecovery\Monitor.exe
      C:\Acer\Empowering Technology\admtray.exe
      C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
      C:\WINDOWS\system32\igfxsrvc.exe
      C:\Program Files\Logitech\ImageStudio\LogiTray.exe
      C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
      C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
      C:\Program Files\Athan\Athan.exe
      C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\MSN Messenger\MsnMsgr.Exe
      C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      C:\Program Files\BitTorrent\bittorrent.exe
      C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
      C:\WINDOWS\system32\igfxext.exe
      C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\icpldrvx.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Documents and Settings\LALLIA\Bureau\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer.com/worldwide/selection.html
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
      O3 - Toolbar: Acer eDataSecurity Management - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\WINDOWS\system32\ToolBand.dll
      O4 - HKLM\..\Run: [LaunchApp] Alaunch
      O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
      O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
      O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
      O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
      O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
      O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
      O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
      O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
      O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
      O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
      O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
      O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe
      O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
      O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
      O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
      O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
      O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
      O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
      O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
      O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
      O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [Avg Antivirus] C:\WINDOWS\system32\icpldrvx.exe
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
      O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{D1751178-31A0-4BB9-B2E8-97C8DEF6795A}: NameServer = 192.168.1.1
      O18 - Protocol: bw+0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw+0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O18 - Protocol: bwg0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwg0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0s - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: offline-8876480 - {4407F5F4-4074-4644-A6AB-207A58A5F8C0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
      O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
      O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
      O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
      O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
      O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
      O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
      O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
      O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
      O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
      O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
      O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
      O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

      tu peux me dire ce que je dois faire à present car je suis perdue et ce virus me pourrit tout c galère merci
      0
      1. afideg Messages postés 10466 Date d'inscription   Statut Contributeur sécurité Dernière intervention   602 > lal'
         
        Bonjour lal

        Tu t'inscris, et tu fais ceci dans le bon ordre

        ccmforum = guide forum CCM

        à+..
        0
      2. salwa > lal'
         
        bonjour lal' je ne peu pas te repondre ici car c'est le post de ricky :/ creer ton propre sujet et je verai ce que je peu faire :)

        @toute
        0
  15. ricky0227 Messages postés 11 Statut Membre
     
    désolé, j'ai essayé d'avoir le log edwido, mais il m'en donne pas. Mais il a trouvé pour de merde qu'il a supprimé et depuis ce temps, je ne veux pas me prononcé trop vite, mais ça semble mieux. J'ai tout de même supprimé les deux ligne que tu m'avais dit dans hijacthis et voilè à le log : (dis moi si tu vois encore quelque chose de louche...) Merci

    Logfile of HijackThis v1.99.1
    Scan saved at 20:04:13, on 2006-11-25
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Digital Media Reader\readericon45G.exe
    C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Hijackthis\Scanner.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lapresse.ca
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
    O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
    O2 - BHO: (no name) - {D9B0D0F8-D212-410A-B03C-EF2FC0FF27BB} - C:\WINDOWS\system32\ddcyx.dll (file missing)
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
    O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
    O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe (file missing)
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    0
  16. ricky0227 Messages postés 11 Statut Membre
     
    Le problème semble réglé... Avast ne trouve plus de trojan et je n'ai plus de pop up de message d'erreur lorsque je suis sur le net.

    Merci beaucoup salwa de ton aide !

    Est-ce que je dois utiliser killbox et smitfraudfix quand même ?
    0
    1. salwa
       
      bonjour ton log est propre :p fait quand meme les manips de smithfraudfix et killbox on sais jamais ...

      passe regulierement un coup d'antispywares (adaware/spybot/edwido.. ect) et vide regilerement les dossier temporaire a l'aide du programe ccleaner

      @+++
      0