A voir également:
- [Trojan] Infecté par Win32:Trojan-gen
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Puabundler win32 - Forum Virus
- Trojan al11 ✓ - Forum Virus
- Trojan wacatac ✓ - Forum Virus
- Puadimanager win32 ✓ - Forum Virus
7 réponses
Utilisateur anonyme
24 févr. 2007 à 07:16
24 févr. 2007 à 07:16
Salut
Où Avast te trouve t-il le virus ?
¤ Télécharge VundoFix
http://www.atribune.org/ccount/click.php?id=4
double clic dessus choisis "start for vundo"
attends quelques minutes, quand le scan est terminé clic sur "remove vundo"
un message te demandera si tu veux supprimes les fichiers sur "yes"
Quand il a terminé, clic sur "yes" ton ordinateur devrait redemarrer sinon, fais le par toit même
Une fois qu'il a redemarré colle le rapport C:\vundofix.txt
¤ Clic sur "démarrer", "exécuter", tape: services.msc
Cherche dans la liste les lignes ci-dessous, tu fais un clic droit dessus choisis "propriétés" et régle les sur "désactivé"
- Google Updater Service
- McAfee.com McShield
- McAfee SecurityCenter Update Manager
- McAfee.com VirusScan Online Realtime Engine
- NVIDIA Driver Helper Service
- Remote Packet Capture Protocol v.0
Où Avast te trouve t-il le virus ?
¤ Télécharge VundoFix
http://www.atribune.org/ccount/click.php?id=4
double clic dessus choisis "start for vundo"
attends quelques minutes, quand le scan est terminé clic sur "remove vundo"
un message te demandera si tu veux supprimes les fichiers sur "yes"
Quand il a terminé, clic sur "yes" ton ordinateur devrait redemarrer sinon, fais le par toit même
Une fois qu'il a redemarré colle le rapport C:\vundofix.txt
¤ Clic sur "démarrer", "exécuter", tape: services.msc
Cherche dans la liste les lignes ci-dessous, tu fais un clic droit dessus choisis "propriétés" et régle les sur "désactivé"
- Google Updater Service
- McAfee.com McShield
- McAfee SecurityCenter Update Manager
- McAfee.com VirusScan Online Realtime Engine
- NVIDIA Driver Helper Service
- Remote Packet Capture Protocol v.0
Merci beaucoup boulepate62 pour ta réponse.
Avast me trouvait ces petites bestioles dans C:\DOCUME~1\CODINA\LOCALS~1\Temp
Quand j'y repense, il les trouvait lorsque je cliquais sur "recommencer" dans la boîte de dialogue qui permet de se connecter à internet... si je ne cliquais sur rien, il ne trouvait rien.
J'ai donc suivi tes recommandation, et voici le rapport de VundoFix:
VundoFix V6.3.9
Checking Java version...
Java version is 1.5.0.7
Java version is 1.5.0.9
Scan started at 12:13:21 24/02/2007
Listing files found while scanning....
C:\WINDOWS\System32\rqstv.bak1
C:\WINDOWS\System32\rqstv.bak2
C:\WINDOWS\System32\rqstv.ini
C:\WINDOWS\System32\rqstv.ini2
C:\WINDOWS\System32\rqstv.tmp
C:\WINDOWS\System32\vtsqr.dll
Beginning removal...
Attempting to delete C:\WINDOWS\System32\rqstv.bak1
C:\WINDOWS\System32\rqstv.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\System32\rqstv.bak2
C:\WINDOWS\System32\rqstv.bak2 Has been deleted!
Attempting to delete C:\WINDOWS\System32\rqstv.ini
C:\WINDOWS\System32\rqstv.ini Has been deleted!
Attempting to delete C:\WINDOWS\System32\rqstv.ini2
C:\WINDOWS\System32\rqstv.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\System32\rqstv.tmp
C:\WINDOWS\System32\rqstv.tmp Has been deleted!
Attempting to delete C:\WINDOWS\System32\vtsqr.dll
C:\WINDOWS\System32\vtsqr.dll Has been deleted!
Performing Repairs to the registry.
Done!
J'ai bien tout desactivé ce que tu m'a dit, et je n'ai pas réapparition de la boîte de dialogue pour la connexion à internet donc plus d'alerte Avast. Je referai des scans pour vérifier que tout est OK.
Merci pour ton aide !!
Avast me trouvait ces petites bestioles dans C:\DOCUME~1\CODINA\LOCALS~1\Temp
Quand j'y repense, il les trouvait lorsque je cliquais sur "recommencer" dans la boîte de dialogue qui permet de se connecter à internet... si je ne cliquais sur rien, il ne trouvait rien.
J'ai donc suivi tes recommandation, et voici le rapport de VundoFix:
VundoFix V6.3.9
Checking Java version...
Java version is 1.5.0.7
Java version is 1.5.0.9
Scan started at 12:13:21 24/02/2007
Listing files found while scanning....
C:\WINDOWS\System32\rqstv.bak1
C:\WINDOWS\System32\rqstv.bak2
C:\WINDOWS\System32\rqstv.ini
C:\WINDOWS\System32\rqstv.ini2
C:\WINDOWS\System32\rqstv.tmp
C:\WINDOWS\System32\vtsqr.dll
Beginning removal...
Attempting to delete C:\WINDOWS\System32\rqstv.bak1
C:\WINDOWS\System32\rqstv.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\System32\rqstv.bak2
C:\WINDOWS\System32\rqstv.bak2 Has been deleted!
Attempting to delete C:\WINDOWS\System32\rqstv.ini
C:\WINDOWS\System32\rqstv.ini Has been deleted!
Attempting to delete C:\WINDOWS\System32\rqstv.ini2
C:\WINDOWS\System32\rqstv.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\System32\rqstv.tmp
C:\WINDOWS\System32\rqstv.tmp Has been deleted!
Attempting to delete C:\WINDOWS\System32\vtsqr.dll
C:\WINDOWS\System32\vtsqr.dll Has been deleted!
Performing Repairs to the registry.
Done!
J'ai bien tout desactivé ce que tu m'a dit, et je n'ai pas réapparition de la boîte de dialogue pour la connexion à internet donc plus d'alerte Avast. Je referai des scans pour vérifier que tout est OK.
Merci pour ton aide !!
Utilisateur anonyme
25 févr. 2007 à 01:04
25 févr. 2007 à 01:04
Que veux tu dire par boîte de dialogue ?
¤ N'hésite pas à remettre un rapport Hijackthis
¤ Puis fait ceci :
Fait ce nettoyage: à faire réguliérement
¤ Télécharge et installe CCleaner (n'installe pas la barre d'outil Yahoo)
---> http://www.infos-du-net.com/telecharger/CCleaner,0301-1039.html
- Dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, clic sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites, tu pourra les supprimer si ton ordinateur n'a plus de problémes.
- Relance Ccleaner, vas dans l'onglet "nettoyeur" présent sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"
Si tu as besoin d'aide avec Ccleaner, regarde ce tutoriel :
https://kerio.probb.fr/t242-tuto-ccleaner-v-2
¤ N'hésite pas à remettre un rapport Hijackthis
¤ Puis fait ceci :
Fait ce nettoyage: à faire réguliérement
¤ Télécharge et installe CCleaner (n'installe pas la barre d'outil Yahoo)
---> http://www.infos-du-net.com/telecharger/CCleaner,0301-1039.html
- Dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, clic sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites, tu pourra les supprimer si ton ordinateur n'a plus de problémes.
- Relance Ccleaner, vas dans l'onglet "nettoyeur" présent sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"
Si tu as besoin d'aide avec Ccleaner, regarde ce tutoriel :
https://kerio.probb.fr/t242-tuto-ccleaner-v-2
Merci encore pour ton aide!!!!
J'ai effectué tout ce que tu as dis, notamment avec CCleaner.
Concernant la boîte de dialogue, elle apparaissait lorsque je voulais lancer internet explorer. Apparemment il ne trouvait pas la connexion (alors que j'avais belle et bien la connexion) et me demandait de choisir entre "travailler hors connexion" ou "recommencer".
A présent cette boite de dialogue n'apparait plus.
Voici le nouveau rapport d'HijackThis:
Logfile of HijackThis v1.99.1
Scan saved at 17:26:40, on 25/02/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\qttask.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Avast\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\RunDLL32.exe
C:\Program Files\X-Lite\X-Lite.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avast\Avast4\aswUpdSv.exe
C:\Program Files\Avast\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Avast\Avast4\ashWebSv.exe
C:\Program Files\Avast\Avast4\ashMaiSv.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Hijack\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {26379168-EB2F-4FFE-882D-80450328D62A} - (no file)
O2 - BHO: DgnWebIE - {2843DAC1-05EF-11D2-95BA-0060083493D6} - C:\Program Files\Dragon Systems\NaturallySpeaking\Program\web_ie.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {66A432DF-220D-4C21-8F9E-13F1DF8844A4} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\System32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [XSC SIP Client] "C:\Program Files\X-Lite\X-Lite.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mut: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .pdb: C:\Program Files\Internet Explorer\PLUGINS\npchime.dll
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 - Plugin for .spt: C:\Program Files\Internet Explorer\PLUGINS\npchime.dll
O20 - Winlogon Notify: rqrrsrp - rqrrsrp.dll (file missing)
O20 - Winlogon Notify: winhab32 - winhab32.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Avast\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Avast\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Avast\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Avast\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing)
O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
J'ai effectué tout ce que tu as dis, notamment avec CCleaner.
Concernant la boîte de dialogue, elle apparaissait lorsque je voulais lancer internet explorer. Apparemment il ne trouvait pas la connexion (alors que j'avais belle et bien la connexion) et me demandait de choisir entre "travailler hors connexion" ou "recommencer".
A présent cette boite de dialogue n'apparait plus.
Voici le nouveau rapport d'HijackThis:
Logfile of HijackThis v1.99.1
Scan saved at 17:26:40, on 25/02/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\qttask.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Avast\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\RunDLL32.exe
C:\Program Files\X-Lite\X-Lite.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avast\Avast4\aswUpdSv.exe
C:\Program Files\Avast\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Avast\Avast4\ashWebSv.exe
C:\Program Files\Avast\Avast4\ashMaiSv.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Hijack\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {26379168-EB2F-4FFE-882D-80450328D62A} - (no file)
O2 - BHO: DgnWebIE - {2843DAC1-05EF-11D2-95BA-0060083493D6} - C:\Program Files\Dragon Systems\NaturallySpeaking\Program\web_ie.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {66A432DF-220D-4C21-8F9E-13F1DF8844A4} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\System32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [XSC SIP Client] "C:\Program Files\X-Lite\X-Lite.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mut: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .pdb: C:\Program Files\Internet Explorer\PLUGINS\npchime.dll
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 - Plugin for .spt: C:\Program Files\Internet Explorer\PLUGINS\npchime.dll
O20 - Winlogon Notify: rqrrsrp - rqrrsrp.dll (file missing)
O20 - Winlogon Notify: winhab32 - winhab32.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Avast\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Avast\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Avast\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Avast\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing)
O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
26 févr. 2007 à 01:23
26 févr. 2007 à 01:23
Salut
¤ Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"
O2 - BHO: (no name) - {26379168-EB2F-4FFE-882D-80450328D62A} - (no file)
O2 - BHO: DgnWebIE - {2843DAC1-05EF-11D2-95BA-
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - (no file)
O2 - BHO: (no name) - {66A432DF-220D-4C21-8F9E-13F1DF8844A4} - (no file)
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O20 - Winlogon Notify: rqrrsrp - rqrrsrp.dll (file missing)
O20 - Winlogon Notify: winhab32 - winhab32.dll (file missing)
¤ Clic sur "démarrer", "exécuter", tape: services.msc
Cherche dans la liste les lignes ci-dessous, tu fais un clic droit dessus choisis "propriétés" et régle les sur "désactivé"
- McAfee SecurityCenter Update Manager
- MSSQL$PINNACLESYS (sauf si encore utilisé)
- SQLAgent$PINNACLESYS(sauf si encore utilisé)
¤ Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2(en haut) va se mettre à clignoter, clique dessus et choisit "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp
---> https://www.kaspersky.fr/downloads
- Kaspersky Online Scanner
- Accept
¤ Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"
O2 - BHO: (no name) - {26379168-EB2F-4FFE-882D-80450328D62A} - (no file)
O2 - BHO: DgnWebIE - {2843DAC1-05EF-11D2-95BA-
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - (no file)
O2 - BHO: (no name) - {66A432DF-220D-4C21-8F9E-13F1DF8844A4} - (no file)
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O20 - Winlogon Notify: rqrrsrp - rqrrsrp.dll (file missing)
O20 - Winlogon Notify: winhab32 - winhab32.dll (file missing)
¤ Clic sur "démarrer", "exécuter", tape: services.msc
Cherche dans la liste les lignes ci-dessous, tu fais un clic droit dessus choisis "propriétés" et régle les sur "désactivé"
- McAfee SecurityCenter Update Manager
- MSSQL$PINNACLESYS (sauf si encore utilisé)
- SQLAgent$PINNACLESYS(sauf si encore utilisé)
¤ Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2(en haut) va se mettre à clignoter, clique dessus et choisit "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp
---> https://www.kaspersky.fr/downloads
- Kaspersky Online Scanner
- Accept
Bonsoir,
Voici le rapport de Kaspersky:
KASPERSKY ONLINE SCANNER REPORT
Wednesday, February 28, 2007 7:17:21 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 28/02/2007
Kaspersky Anti-Virus database records: 274812
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
Scan Statistics
Total number of scanned objects 91625
Number of viruses found 1
Number of infected objects 0 / 0
Number of suspicious objects 7
Duration of the scan process 01:22:26
Infected Object Name Virus Name Last Action
C:\WINDOWS\SYSTEM32\h323log.txt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\system.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\software.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\default.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped
C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped
C:\WINDOWS\Internet Logs\T8G6Y5.ldb Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\TEMP\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\TEMP\Perflib_Perfdata_14c.dat Object is locked skipped
C:\WINDOWS\TEMP\Perflib_Perfdata_7f8.dat Object is locked skipped
C:\WINDOWS\TEMP\ZLT06f00.TMP Object is locked skipped
C:\WINDOWS\TEMP\CS3741.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3742.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3743.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3744.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3745.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3746.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3747.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3748.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3749.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS374A.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS374B.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS374C.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS374D.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS374E.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS374F.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37410.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37411.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37412.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37413.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37414.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37415.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37416.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37417.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37418.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37419.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3741A.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3741B.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3741C.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3741D.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3741E.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3741F.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37420.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37421.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37422.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37423.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37424.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37425.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37426.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37427.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37428.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37429.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3742A.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3742B.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3742C.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3742D.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3742E.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3742F.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37430.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37431.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37432.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37433.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37434.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37435.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37436.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37437.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37438.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37439.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3743A.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3743B.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3743C.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3743D.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3743E.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3743F.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37440.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37441.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37442.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37443.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37444.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37445.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37446.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37447.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37448.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37449.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3744A.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3744B.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3744C.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3744D.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3744E.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3744F.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37450.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37451.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37452.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37453.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37454.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37455.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37456.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37457.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37458.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37459.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3745A.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3745B.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3745C.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3745D.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3745E.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3745F.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37460.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37461.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37462.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37463.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37464.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37465.tmp Object is locked skipped
C:\WINDOWS\SchedLog.Txt Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\Paramètres locaux\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\WINDOWS\Paramètres locaux\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\WINDOWS\Paramètres locaux\Application Data\Identities\{A62F1500-3FBA-11D8-AA1C-BA64B95D107E}\Microsoft\Outlook Express\Hotmail - Éléments supprimés.dbx/[From postmaster@hotmail.com][Date Wed, 14 Feb 2007 02:29:15 -0800]/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Paramètres locaux\Application Data\Identities\{A62F1500-3FBA-11D8-AA1C-BA64B95D107E}\Microsoft\Outlook Express\Hotmail - Éléments supprimés.dbx/[From postmaster@hotmail.com][Date Wed, 14 Feb 2007 02:29:15 -0800]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Paramètres locaux\Application Data\Identities\{A62F1500-3FBA-11D8-AA1C-BA64B95D107E}\Microsoft\Outlook Express\Hotmail - Éléments supprimés.dbx/[From postmaster@hotmail.com][Date Wed, 14 Feb 2007 02:29:15 -0800]/UNNAMED/UNNAMED/[From seb_codina@hotmail.com][Date Wed, 14 Feb 2007 11:29:13 +0100]/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Paramètres locaux\Application Data\Identities\{A62F1500-3FBA-11D8-AA1C-BA64B95D107E}\Microsoft\Outlook Express\Hotmail - Éléments supprimés.dbx/[From postmaster@hotmail.com][Date Wed, 14 Feb 2007 02:29:15 -0800]/UNNAMED/UNNAMED/[From seb_codina@hotmail.com][Date Wed, 14 Feb 2007 11:29:13 +0100]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Paramètres locaux\Application Data\Identities\{A62F1500-3FBA-11D8-AA1C-BA64B95D107E}\Microsoft\Outlook Express\Hotmail - Éléments supprimés.dbx/[From postmaster@hotmail.com][Date Wed, 14 Feb 2007 02:29:15 -0800]/UNNAMED/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Paramètres locaux\Application Data\Identities\{A62F1500-3FBA-11D8-AA1C-BA64B95D107E}\Microsoft\Outlook Express\Hotmail - Éléments supprimés.dbx/[From postmaster@hotmail.com][Date Wed, 14 Feb 2007 02:29:15 -0800]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Paramètres locaux\Application Data\Identities\{A62F1500-3FBA-11D8-AA1C-BA64B95D107E}\Microsoft\Outlook Express\Hotmail - Éléments supprimés.dbx Mail MS Outlook 5: suspicious - 6 skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\LOG\ERRORLOG Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\master.mdf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\mastlog.ldf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\model.mdf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\modellog.ldf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\tempdb.mdf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\templog.ldf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext.mdf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext_log.LDF Object is locked skipped
C:\Program Files\GrabIt\Cache\Temp\12041460 Object is locked skipped
C:\Program Files\GrabIt\Cache\Temp\12301660 Object is locked skipped
C:\Program Files\Avast\Avast4\DATA\report\Protection résidente.txt Object is locked skipped
C:\Program Files\Avast\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Avast\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Avast\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Avast\Avast4\DATA\integ\avast.int Object is locked skipped
C:\Program Files\Avast\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Avast\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\CODINA\Local Settings\Temp\WCESLog.log Object is locked skipped
C:\Documents and Settings\CODINA\Local Settings\Temp\~DF5E3B.tmp Object is locked skipped
C:\Documents and Settings\CODINA\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\CODINA\Local Settings\Historique\History.IE5\MSHist012007022820070301\index.dat Object is locked skipped
C:\Documents and Settings\CODINA\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\CODINA\Mes documents\Fichiers MSN Messenger\seb_codina@hotmail.com\Historique des événements.txt Object is locked skipped
C:\Documents and Settings\CODINA\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\CODINA\Application Data\$_hpcst$.hpc Object is locked skipped
C:\Documents and Settings\CODINA\Application Data\Webroot\Spy Sweeper\Logs\070224124654.ses Object is locked skipped
C:\Documents and Settings\CODINA\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\CODINA\ntuser.dat Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped
Scan process completed.
Voici le rapport de Kaspersky:
KASPERSKY ONLINE SCANNER REPORT
Wednesday, February 28, 2007 7:17:21 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 28/02/2007
Kaspersky Anti-Virus database records: 274812
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
Scan Statistics
Total number of scanned objects 91625
Number of viruses found 1
Number of infected objects 0 / 0
Number of suspicious objects 7
Duration of the scan process 01:22:26
Infected Object Name Virus Name Last Action
C:\WINDOWS\SYSTEM32\h323log.txt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\system.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\software.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\default.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped
C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped
C:\WINDOWS\Internet Logs\T8G6Y5.ldb Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\TEMP\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\TEMP\Perflib_Perfdata_14c.dat Object is locked skipped
C:\WINDOWS\TEMP\Perflib_Perfdata_7f8.dat Object is locked skipped
C:\WINDOWS\TEMP\ZLT06f00.TMP Object is locked skipped
C:\WINDOWS\TEMP\CS3741.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3742.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3743.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3744.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3745.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3746.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3747.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3748.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3749.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS374A.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS374B.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS374C.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS374D.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS374E.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS374F.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37410.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37411.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37412.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37413.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37414.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37415.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37416.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37417.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37418.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37419.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3741A.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3741B.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3741C.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3741D.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3741E.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3741F.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37420.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37421.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37422.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37423.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37424.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37425.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37426.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37427.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37428.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37429.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3742A.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3742B.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3742C.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3742D.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3742E.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3742F.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37430.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37431.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37432.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37433.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37434.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37435.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37436.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37437.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37438.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37439.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3743A.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3743B.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3743C.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3743D.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3743E.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3743F.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37440.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37441.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37442.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37443.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37444.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37445.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37446.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37447.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37448.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37449.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3744A.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3744B.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3744C.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3744D.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3744E.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3744F.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37450.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37451.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37452.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37453.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37454.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37455.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37456.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37457.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37458.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37459.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3745A.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3745B.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3745C.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3745D.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3745E.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS3745F.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37460.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37461.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37462.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37463.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37464.tmp Object is locked skipped
C:\WINDOWS\TEMP\CS37465.tmp Object is locked skipped
C:\WINDOWS\SchedLog.Txt Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\Paramètres locaux\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\WINDOWS\Paramètres locaux\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\WINDOWS\Paramètres locaux\Application Data\Identities\{A62F1500-3FBA-11D8-AA1C-BA64B95D107E}\Microsoft\Outlook Express\Hotmail - Éléments supprimés.dbx/[From postmaster@hotmail.com][Date Wed, 14 Feb 2007 02:29:15 -0800]/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Paramètres locaux\Application Data\Identities\{A62F1500-3FBA-11D8-AA1C-BA64B95D107E}\Microsoft\Outlook Express\Hotmail - Éléments supprimés.dbx/[From postmaster@hotmail.com][Date Wed, 14 Feb 2007 02:29:15 -0800]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Paramètres locaux\Application Data\Identities\{A62F1500-3FBA-11D8-AA1C-BA64B95D107E}\Microsoft\Outlook Express\Hotmail - Éléments supprimés.dbx/[From postmaster@hotmail.com][Date Wed, 14 Feb 2007 02:29:15 -0800]/UNNAMED/UNNAMED/[From seb_codina@hotmail.com][Date Wed, 14 Feb 2007 11:29:13 +0100]/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Paramètres locaux\Application Data\Identities\{A62F1500-3FBA-11D8-AA1C-BA64B95D107E}\Microsoft\Outlook Express\Hotmail - Éléments supprimés.dbx/[From postmaster@hotmail.com][Date Wed, 14 Feb 2007 02:29:15 -0800]/UNNAMED/UNNAMED/[From seb_codina@hotmail.com][Date Wed, 14 Feb 2007 11:29:13 +0100]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Paramètres locaux\Application Data\Identities\{A62F1500-3FBA-11D8-AA1C-BA64B95D107E}\Microsoft\Outlook Express\Hotmail - Éléments supprimés.dbx/[From postmaster@hotmail.com][Date Wed, 14 Feb 2007 02:29:15 -0800]/UNNAMED/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Paramètres locaux\Application Data\Identities\{A62F1500-3FBA-11D8-AA1C-BA64B95D107E}\Microsoft\Outlook Express\Hotmail - Éléments supprimés.dbx/[From postmaster@hotmail.com][Date Wed, 14 Feb 2007 02:29:15 -0800]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload skipped
C:\WINDOWS\Paramètres locaux\Application Data\Identities\{A62F1500-3FBA-11D8-AA1C-BA64B95D107E}\Microsoft\Outlook Express\Hotmail - Éléments supprimés.dbx Mail MS Outlook 5: suspicious - 6 skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\LOG\ERRORLOG Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\master.mdf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\mastlog.ldf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\model.mdf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\modellog.ldf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\tempdb.mdf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\templog.ldf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext.mdf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext_log.LDF Object is locked skipped
C:\Program Files\GrabIt\Cache\Temp\12041460 Object is locked skipped
C:\Program Files\GrabIt\Cache\Temp\12301660 Object is locked skipped
C:\Program Files\Avast\Avast4\DATA\report\Protection résidente.txt Object is locked skipped
C:\Program Files\Avast\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Avast\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Avast\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Avast\Avast4\DATA\integ\avast.int Object is locked skipped
C:\Program Files\Avast\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Avast\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\CODINA\Local Settings\Temp\WCESLog.log Object is locked skipped
C:\Documents and Settings\CODINA\Local Settings\Temp\~DF5E3B.tmp Object is locked skipped
C:\Documents and Settings\CODINA\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\CODINA\Local Settings\Historique\History.IE5\MSHist012007022820070301\index.dat Object is locked skipped
C:\Documents and Settings\CODINA\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\CODINA\Mes documents\Fichiers MSN Messenger\seb_codina@hotmail.com\Historique des événements.txt Object is locked skipped
C:\Documents and Settings\CODINA\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\CODINA\Application Data\$_hpcst$.hpc Object is locked skipped
C:\Documents and Settings\CODINA\Application Data\Webroot\Spy Sweeper\Logs\070224124654.ses Object is locked skipped
C:\Documents and Settings\CODINA\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\CODINA\ntuser.dat Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped
Scan process completed.
