Keyloggué ou hacké?

Résolu
yagami2k2 Messages postés 17 Statut Membre -  
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité -
Bonjour,

voila j'ai un compte world of warcraft

il semble que mon compte ai été piraté comme me le dis blizzard mais ce qui me surprend le plus c'est que je me suis rendu compte que ce matin j'ai recu une demande de réinitialisation de mot de passe sur ma propre boite email

en somme la personne a acces a mon email perso (orange.fr)

j'ai beau avoir essayé spybot, malwarebytes,

eset nod32 et avast rien a faire... je trouve toujours des données mais j'ai un doute car mon msn déconne bizarrement

la fenetre ou apparait mes cohntacts est toujours au premier plan malgré le fait que j'ouvre une autre fenetre de discussion elle reviens comme par magie et sans que je puisse y faire grand chose si ce n'est la fermer.

pourriez vous me conseiller?
A voir également:

29 réponses

Précédent
  • 1
  • 2
Réponse 21 / 29
yagami2k2 Messages postés 17 Statut Membre
 
voici le new rapport RSIT après



Logfile of random's system information tool 1.04 (written by random/random)
Run by moncef at 2008-11-17 22:37:54
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 49 GB (64%) free of 76 GB
Total RAM: 3327 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:38:30, on 17/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\moncef\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\moncef.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_activex.camfrogweb.com-advanced-2.0.1.14_instmodule.exe
O16 - DPF: {2D37B9E8-C14C-482C-B1CF-939C5440E179} (VTToolkit Control) - http://saintvalentin2006.maville.wanadoo.fr/VTToolkit.ocx
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} (VoxsyncCtrl Class) - https://login.orange.fr/captcha?return_url=https%3A%2F%2Fmescontacts.orange.fr
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/30ed27003d98cae53623/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Prime95 Service - Unknown owner - C:\Program Files\Prime95\prime95.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 22 / 29
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Re,

et le rapport de OTMoveIt ?
0
Réponse 23 / 29
yagami2k2 Messages postés 17 Statut Membre
 
le voici

========== PROCESSES ==========
Unable to kill process: msmsgs.exe
Unable to kill process: dllhost.exe
Unable to kill process: sdnsmain.exe
Unable to kill process: svchost.exe
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8D4D2F69-DF30-4471-988C-CC58545E86C8}\\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{47ADDC5F-EA71-4766-9994-155CE2095A2E}\\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{C33A35F6-CBB2-4FF5-B029-27E495C5516A}\\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSHELP.MSUSER\\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSHELP.MSUSER.1\\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D4D2F69-DF30-4471-988C-CC58545E86C8}\\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\SystemHelp not found.
========== FILES ==========
Invalid Environment Variable: System
========== COMMANDS ==========

OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11172008_230024
0
Réponse 24 / 29
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Re,

bon, on change de stratégie.

ouvre ce lien : https://www.malekal.com/avira-free-security-antivirus-gratuit/

et commence l'installation de Antivir.

Va jusqu'à" Mise à jour de la définition virale" que tu exécutes.


Tu actives la garde de Antivir et tu désactives celle de Avast (pour éviter un conflit).

Tu lances un scan d'antivir sur ton ordi.

Mets les fichiers en quarantaine.

Poste le rapport à la fin.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 29
yagami2k2 Messages postés 17 Statut Membre
 
Avira AntiVir Premium
Date de création du fichier de rapport : lundi 17 novembre 2008 23:46

La recherche porte sur 1038808 souches de virus.

Détenteur de la licence :moncef semmani
Numéro de série : 2200516829-PEPWE-0001
Plateforme : Windows XP
Version de Windows :(Service Pack 3) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : moncef
Nom de l'ordinateur :YAGAMI-STYLE

Informations de version :
BUILD.DAT : 8.2.0.32 20008 Bytes 30/10/2008 15:49:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:49
AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 13:44:27
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:16
LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 07:30:27
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 22:43:45
ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 09/11/2008 22:43:46
ANTIVIR2.VDF : 7.1.0.89 221184 Bytes 16/11/2008 22:43:47
ANTIVIR3.VDF : 7.1.0.97 45056 Bytes 17/11/2008 22:43:48
Version du moteur: 8.2.0.31
AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 10:05:56
AESCRIPT.DLL : 8.1.1.15 332156 Bytes 17/11/2008 22:43:55
AESCN.DLL : 8.1.1.5 123251 Bytes 17/11/2008 22:43:54
AERDL.DLL : 8.1.1.3 438645 Bytes 17/11/2008 22:43:54
AEPACK.DLL : 8.1.3.4 393591 Bytes 17/11/2008 22:43:53
AEOFFICE.DLL : 8.1.0.30 196986 Bytes 17/11/2008 22:43:52
AEHEUR.DLL : 8.1.0.71 1487222 Bytes 17/11/2008 22:43:51
AEHELP.DLL : 8.1.1.3 119157 Bytes 17/11/2008 22:43:50
AEGEN.DLL : 8.1.1.0 319859 Bytes 17/11/2008 22:43:49
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56
AECORE.DLL : 8.1.4.1 172405 Bytes 17/11/2008 22:43:49
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:02
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:27:58
AVREP.DLL : 8.0.0.2 98344 Bytes 17/11/2008 22:43:48
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:37
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:19
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:46
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:36
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:07
RCIMAGE.DLL : 8.0.0.51 2564353 Bytes 21/07/2008 13:46:29
RCTEXT.DLL : 8.0.51.1 90369 Bytes 14/07/2008 10:41:24

Configuration pour la recherche actuelle :
Nom de la tâche..................: Recherche de Rootkits
Fichier de configuration.........: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Premium\PROFILES\rootkit.avp
Documentation....................: élevé
Action principale................: interactif
Action secondaire................: ignorer
Recherche sur les secteurs d'amorçage maître: marche
Recherche sur les secteurs d'amorçage: marche
Recherche dans les programmes actifs: arrêt
Recherche en cours sur l'enregistrement: arrêt
Recherche de Rootkits............: marche
Fichier mode de recherche........: Tous les fichiers
Recherche sur les archives.......: marche
Limiter la profondeur de récursivité: 20
Archive Smart Extensions.........: marche
Heuristique de macrovirus........: marche
Heuristique fichier..............: élevé
Paramètres étendus de recherche..: 0x00300922

Début de la recherche : lundi 17 novembre 2008 23:46

La recherche d'objets cachés commence.
c:\program files\avira\antivir personaledition premium\licmgr.exe
[INFO] Le processus n'est pas visible.
[REMARQUE] Une copie de sécurité a été créée sous le nom 4984f608.qua ( QUARANTAINE )
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\parseautoexec
[INFO] L'entrée d'enregistrement n'est pas visible.

[INFO] Le processus n'est pas visible.
'602651' objets ont été contrôlés, '3' objets cachés ont été trouvés.

La recherche sur les fichiers sélectionnés commence :

Recherche débutant dans 'C:'
C:\
ASLog.txt
Azureus_Stats.xml
bios.txt
boot.ini
Bootfont.bin
CONFIG.SYS
coreuninstall.log
Debug.QC6
demux_log.txt
install.dat
IO.SYS
MSDOS.SYS
MSIInstall.log
NTDETECT.COM
ntldr
pagefile.sys
rapport TB.txt
Setup.log
sqmdata00.sqm
sqmdata01.sqm
sqmdata02.sqm
sqmdata03.sqm
sqmnoopt00.sqm
sqmnoopt01.sqm
sqmnoopt02.sqm
TB.txt
VTToolKit.log
xscan.txt
C:\Config.Msi\
4a100e3.rbf
C:\Documents and Settings\
All Users.LOG
Default User.LOG
C:\Documents and Settings\All Users\
ntuser.dat
ntuser.dat.LOG
ntuser.pol
C:\Documents and Settings\All Users\Application Data\
desktop.ini
C:\Documents and Settings\All Users\Application Data\Avira\
firstlsp.reg.dat
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Premium\
addr_file.html
AVWIN.INI
update.conf
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Premium\EVENTDB\
avevtdb.dbe
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Premium\IDX\
master.idx
prem-nt-fr.info
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Premium\INFECTED\
4984f608.qua
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Premium\JOBS\
produpd.avj
scanjob.avj
startupd.avj
updjob.avj
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Premium\LOGFILES\
avesvc.log
avguard.log
AVSCAN-20081117-234535-D5A8F124.LOG
AVSCAN-20081117-234624-D154E66F.LOG
mailgrd.log
sched.log
Upd-2008-11-17-23-43-00.log
webguard.log
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Premium\PROFILES\
folder.avp
rootkit.avp
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Premium\REPORTS\
0d0500bb.avl
0e981d88.avl
C:\Documents and Settings\All Users\Application Data\Blizzard\InstallerReplacements\
InstallerReplacement.log
C:\Documents and Settings\All Users\Application Data\ESET\ESET NOD32 Antivirus\
EpfwUser.dat
C:\Documents and Settings\All Users\Application Data\ESET\ESET NOD32 Antivirus\Charon\
FND6.NFI
C:\Documents and Settings\All Users\Application Data\Google\Custom Buttons\
TOOLBAR.GOOGLE.COM_O8Y91YHB24Z6SR0SGYSK.XML
C:\Documents and Settings\All Users\Application Data\Google\Toolbar Dictionary\
googledict_en2fr.dat
googledict_en2fr_small.dat
C:\Documents and Settings\All Users\Application Data\Logishrd\LQCVFX\Filters\
MMSEF.dll
VMSEF.dll
C:\Documents and Settings\All Users\Application Data\Logishrd\Updater\
LUpdateGuid.ini
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\4 Squares_{70621C6C-D8DC-4E59-8F0B-9DED1E1A100F}\
4 Squares__fun.LVF
[0] Type d'archive: CAB (Microsoft)
--> _Metadata.xml
--> 4_squares.gif
--> Copy of 4square_anim.gif
--> 4 Squares_{70621C6C-D8DC-4E59-8F0B-9DED1E1A100F}.xml
--> modelfile.dat
--> texturefile.JPG
--> alphatexture_alpha.JPG
4 Squares_{70621C6C-D8DC-4E59-8F0B-9DED1E1A100F}.xml
4_squares.gif
Copy of 4square_anim.gif
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\50's Movie Reel_{0C31C3E1-7E15-4BE7-9854-AD96B7FA2AE7}\
50's Movie Reel__fun.LVF
[0] Type d'archive: CAB (Microsoft)
--> _Metadata.xml
--> 50s_movie_reel.gif
--> Copy of 50smoviereel_anim.gif
--> 50's Movie Reel_{0C31C3E1-7E15-4BE7-9854-AD96B7FA2AE7}.xml
--> modelfile.dat
--> texturefile.JPG
--> alphatexture_alpha.JPG
50's Movie Reel_{0C31C3E1-7E15-4BE7-9854-AD96B7FA2AE7}.xml
50s_movie_reel.gif
Copy of 50smoviereel_anim.gif
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\80's Music Video_{417F9037-0213-43C4-86BA-979C9E809CAC}\
80's Music Video__fun.LVF
[0] Type d'archive: CAB (Microsoft)
--> _Metadata.xml
--> 80s_music_video.gif
--> Copy of 80smusicvideo_anim.gif
--> 80's Music Video_{417F9037-0213-43C4-86BA-979C9E809CAC}.xml
--> modelfile.dat
--> texturefile.JPG
--> alphatexture_alpha.JPG
80's Music Video_{417F9037-0213-43C4-86BA-979C9E809CAC}.xml
80s_music_video.gif
Copy of 80smusicvideo_anim.gif
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Alien_{C614E398-5BF5-4703-B19C-9D302288098A}\
Alien.gif
Alien.LVA
[0] Type d'archive: CAB (Microsoft)
--> alien.gr2
--> Alien.gif
--> Alien_Anim.gif
--> Alien_512x512.jpg
--> Alien_512x512_alpha.jpg
--> Alien_background_640x480.jpg
--> Alien_{C614E398-5BF5-4703-B19C-9D302288098A}.xml
--> _Metadata.xml
Alien_Anim.gif
Alien_{C614E398-5BF5-4703-B19C-9D302288098A}.xml
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Arrow_through_head_{A00FE4B0-05E2-494F-B845-2D1ED9C42158}\
Arrow.gif
Arrow_through_head.LVF
[0] Type d'archive: CAB (Microsoft)
--> Arrow.x
--> Arrow.gif
--> Arrow_512x512.jpg
--> Arrow_512x512_alpha.jpg
--> Arrow_through_head_{A00FE4B0-05E2-494F-B845-2D1ED9C42158}.xml
--> _Metadata.xml
Arrow_through_head_{A00FE4B0-05E2-494F-B845-2D1ED9C42158}.xml
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Baby_{00252816-D16C-48DE-99A5-766B63041185}\
baby.gif
Baby__vmk.LVF
[0] Type d'archive: CAB (Microsoft)
--> _Metadata.xml
--> baby.gif
--> baby.gif
--> Baby_{00252816-D16C-48DE-99A5-766B63041185}.xml
--> baby.dat
--> baby.jpg
--> alphatexture_alpha.JPG
Baby_{00252816-D16C-48DE-99A5-766B63041185}.xml
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Blockhead_{2A680E6D-4617-499E-98AE-3F5B9CC21755}\
blockhead.gif
Blockhead__fun.LVF
[0] Type d'archive: CAB (Microsoft)
--> _Metadata.xml
--> blockhead.gif
--> Copy of blockhead_anim.gif
--> Blockhead_{2A680E6D-4617-499E-98AE-3F5B9CC21755}.xml
--> modelfile.dat
--> texturefile.JPG
--> alphatexture_alpha.JPG
Blockhead_{2A680E6D-4617-499E-98AE-3F5B9CC21755}.xml
Copy of blockhead_anim.gif
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Bulldog_{F4020873-CFEB-4F98-A84E-F248E89C0E23}\
bulldog.gif
Bulldog__vmk.LVF
[0] Type d'archive: CAB (Microsoft)
--> _Metadata.xml
--> bulldog.gif
--> bulldog.gif
--> Bulldog_{F4020873-CFEB-4F98-A84E-F248E89C0E23}.xml
--> bulldog.dat
--> bulldog.jpg
--> alphatexture_alpha.JPG
Bulldog_{F4020873-CFEB-4F98-A84E-F248E89C0E23}.xml
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Cat_{9C7A29A3-BA63-4579-976D-4D3EE0CE7DFA}\
cat.gif
Cat.LVA
[0] Type d'archive: CAB (Microsoft)
--> cat.GR2
--> cat.gif
--> cat_anim.gif
--> cat_512x512.jpg
--> cat_512x512_alpha.jpg
--> cat_background_320x240.jpg
--> Cat_{9C7A29A3-BA63-4579-976D-4D3EE0CE7DFA}.xml
--> _Metadata.xml
cat_anim.gif
Cat_{9C7A29A3-BA63-4579-976D-4D3EE0CE7DFA}.xml
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Cat_{EBA2DCAA-3B82-4245-ADDD-9A86308EDCEF}\
cat.gif
Cat__vmk.LVF
[0] Type d'archive: CAB (Microsoft)
--> _Metadata.xml
--> cat.gif
--> cat.gif
--> Cat_{EBA2DCAA-3B82-4245-ADDD-9A86308EDCEF}.xml
--> cat.dat
--> cat.jpg
--> alphatexture_alpha.JPG
Cat_{EBA2DCAA-3B82-4245-ADDD-9A86308EDCEF}.xml
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Chalk_{2DA6ED37-5751-49D9-A5AF-4351BABE130F}\
chalk.gif
Chalk__fun.LVF
[0] Type d'archive: CAB (Microsoft)
--> _Metadata.xml
--> chalk.gif
--> Copy of chalk_anim.gif
--> Chalk_{2DA6ED37-5751-49D9-A5AF-4351BABE130F}.xml
--> modelfile.dat
--> texturefile.JPG
--> alphatexture_alpha.JPG
Chalk_{2DA6ED37-5751-49D9-A5AF-4351BABE130F}.xml
Copy of chalk_anim.gif
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Cotton Candy_{3BF23BA9-4B07-4660-AF05-CD3B45EDA2DB}\
Copy of cotton_candy_anim.gif
Cotton Candy__fun.LVF
[0] Type d'archive: CAB (Microsoft)
--> _Metadata.xml
--> cotton_candy.gif
--> Copy of cotton_candy_anim.gif
--> Cotton Candy_{3BF23BA9-4B07-4660-AF05-CD3B45EDA2DB}.xml
--> modelfile.dat
--> texturefile.JPG
--> alphatexture_alpha.JPG
Cotton Candy_{3BF23BA9-4B07-4660-AF05-CD3B45EDA2DB}.xml
cotton_candy.gif
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Crown_{4D5F0C5E-FCE4-4472-A434-D5FD3969FD64}\
Crown.gif
Crown.LVF
[0] Type d'archive: CAB (Microsoft)
--> Crown.X
--> Crown.gif
--> Crown_512x512.jpg
--> Crown_512x512_alpha.jpg
--> Crown_{4D5F0C5E-FCE4-4472-A434-D5FD3969FD64}.xml
--> _Metadata.xml
Crown_{4D5F0C5E-FCE4-4472-A434-D5FD3969FD64}.xml
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Dinosaur_{17F8B0B2-2ED7-4E38-809C-C42BC55111ED}\
dinosaur.gif
Dinosaur.LVA
[0] Type d'archive: CAB (Microsoft)
--> dinosaur.GR2
--> dinosaur.gif
--> dinosaur_anim.gif
--> dinosaur_512x512.jpg
--> dinosaur_512x512_alpha.jpg
--> dinosaur_background_640x480.jpg
--> Dinosaur_{17F8B0B2-2ED7-4E38-809C-C42BC55111ED}.xml
--> _Metadata.xml
dinosaur_anim.gif
Dinosaur_{17F8B0B2-2ED7-4E38-809C-C42BC55111ED}.xml
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Fisheye_{394F17FB-B2D0-45B7-ADBE-B0E77246D89E}\
Copy of Fish_Eye_anim.gif
fisheye.gif
Fisheye__fun.LVF
[0] Type d'archive: CAB (Microsoft)
--> _Metadata.xml
--> fisheye.gif
--> Copy of Fish_Eye_anim.gif
--> Fisheye_{394F17FB-B2D0-45B7-ADBE-B0E77246D89E}.xml
--> modelfile.dat
--> texturefile.JPG
--> alphatexture_alpha.JPG
Fisheye_{394F17FB-B2D0-45B7-ADBE-B0E77246D89E}.xml
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Goatee_{09161F3F-1EBD-4781-9EAE-6AB83A674E44}\
Goatee.gif
Goatee.LVF
[0] Type d'archive: CAB (Microsoft)
--> Goatee.x
--> Goatee.gif
--> Goatee_512x512.jpg
--> Goatee_512x512_alpha.jpg
--> Goatee_{09161F3F-1EBD-4781-9EAE-6AB83A674E44}.xml
--> _Metadata.xml
Goatee_{09161F3F-1EBD-4781-9EAE-6AB83A674E44}.xml
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\I See A Ghost_{D5594FF7-6B1A-4AF3-8F21-D7A7F32ED6AD}\
Copy of IseeaGhost_anim.gif
I See A Ghost__fun.LVF
[0] Type d'archive: CAB (Microsoft)
--> _Metadata.xml
--> I_see_a_ghost.gif
--> Copy of IseeaGhost_anim.gif
--> I See A Ghost_{D5594FF7-6B1A-4AF3-8F21-D7A7F32ED6AD}.xml
--> modelfile.dat
--> texturefile.JPG
--> alphatexture_alpha.JPG
I See A Ghost_{D5594FF7-6B1A-4AF3-8F21-D7A7F32ED6AD}.xml
I_see_a_ghost.gif
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Lion_{E66DDA31-2444-4063-879F-E5C019A4722E}\
lion.gif
Lion__vmk.LVF
[0] Type d'archive: CAB (Microsoft)
--> _Metadata.xml
--> lion.gif
--> lion.gif
--> Lion_{E66DDA31-2444-4063-879F-E5C019A4722E}.xml
--> lion.dat
--> lion.jpg
--> alphatexture_alpha.JPG
Lion_{E66DDA31-2444-4063-879F-E5C019A4722E}.xml
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Mona Lisa_{6D2F662D-C0A6-4B22-8214-0E6CF43E0335}\
Mona Lisa__vmk.LVF
[0] Type d'archive: CAB (Microsoft)
--> _Metadata.xml
--> mona_lisa.gif
--> mona_lisa.gif
--> Mona Lisa_{6D2F662D-C0A6-4B22-8214-0E6CF43E0335}.xml
--> mona.dat
--> mona.jpg
--> alphatexture_alpha.JPG
Mona Lisa_{6D2F662D-C0A6-4B22-8214-0E6CF43E0335}.xml
mona_lisa.gif
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Moon_{E71E1B4D-5C32-4792-BFF4-A09D9640AF35}\
moon.gif
Moon__vmk.LVF
[0] Type d'archive: CAB (Microsoft)
--> _Metadata.xml
--> moon.gif
--> moon.gif
--> Moon_{E71E1B4D-5C32-4792-BFF4-A09D9640AF35}.xml
--> moon.dat
--> moon.jpg
--> alphatexture_alpha.JPG
Moon_{E71E1B4D-5C32-4792-BFF4-A09D9640AF35}.xml
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Mother Nature_{5E8CAF37-B057-4003-B097-8BB0E5952DAA}\
Mother Nature__vmk.LVF
[0] Type d'archive: CAB (Microsoft)
--> _Metadata.xml
--> Mother_Nature.gif
--> Mother_Nature.gif
--> Mother Nature_{5E8CAF37-B057-4003-B097-8BB0E5952DAA}.xml
--> clouds.dat
--> clouds.jpg
--> alphatexture_alpha.JPG
Mother Nature_{5E8CAF37-B057-4003-B097-8BB0E5952DAA}.xml
Mother_Nature.gif
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Neonize_{481A76E6-7496-4674-88A0-7608DBE300D3}\
Copy of neonize_anim.gif
neonize.gif
Neonize__fun.LVF
[0] Type d'archive: CAB (Microsoft)
--> _Metadata.xml
--> neonize.gif
--> Copy of neonize_anim.gif
--> Neonize_{481A76E6-7496-4674-88A0-7608DBE300D3}.xml
--> modelfile.dat
--> texturefile.JPG
--> alphatexture_alpha.JPG
Neonize_{481A76E6-7496-4674-88A0-7608DBE300D3}.xml
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Pig_nose_{52373697-C0A7-40C9-A9D0-F448C0E7A621}\
Pignose.gif
Pig_nose.LVF
[0] Type d'archive: CAB (Microsoft)
--> PigNose.x
--> Pignose.gif
--> Pignose_512x512.jpg
--> Pignose_512x512_alpha.jpg
--> Pig_nose_{52373697-C0A7-40C9-A9D0-F448C0E7A621}.xml
--> _Metadata.xml
Pig_nose_{52373697-C0A7-40C9-A9D0-F448C0E7A621}.xml
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Raccoons_{C7AA1B3E-50D2-49C0-A916-247607BFB791}\
Raccoons.gif
Raccoons__vmk.LVF
[0] Type d'archive: CAB (Microsoft)
--> _Metadata.xml
--> Raccoons.gif
--> Raccoons.gif
--> Raccoons_{C7AA1B3E-50D2-49C0-A916-247607BFB791}.xml
--> racoons.dat
--> racoons.jpg
--> alphatexture_alpha.JPG
Raccoons_{C7AA1B3E-50D2-49C0-A916-247607BFB791}.xml
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Robot_Face_{446DBFE6-4E06-4320-818C-AFCE072048D2}\
Robot.gif
Robot_Face.LVF
[0] Type d'archive: CAB (Microsoft)
--> Robot.x
--> Robot.gif
--> Robot_512x512.jpg
--> Robot_512x512_alpha.jpg
--> Robot_Face_{446DBFE6-4E06-4320-818C-AFCE072048D2}.xml
--> _Metadata.xml
Robot_Face_{446DBFE6-4E06-4320-818C-AFCE072048D2}.xml
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Shark_{0B0FB8EA-CC0B-4FB8-BFD1-F1AB182761DC}\
shark.gif
Shark.LVA
[0] Type d'archive: CAB (Microsoft)
--> shark.gr2
--> shark.gif
--> Shark_Anim.gif
--> Shark_512x512.jpg
--> Shark_512x512_alpha.jpg
--> Shark_background_640x480.jpg
--> Shark_{0B0FB8EA-CC0B-4FB8-BFD1-F1AB182761DC}.xml
--> _Metadata.xml
Shark_Anim.gif
Shark_{0B0FB8EA-CC0B-4FB8-BFD1-F1AB182761DC}.xml
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Stick_Figure_{A1A13D7E-C668-4046-B7BC-400922F632D4}\
stickfigure.gif
stickfigure_anim.gif
Stick_Figure.LVA
[0] Type d'archive: CAB (Microsoft)
--> stickfigure.GR2
--> stickfigure.gif
--> stickfigure_anim.gif
--> stickfigure_512x512.jpg
--> stickfigure_512x512_alpha.jpg
--> stickfigure_background_640x480.jpg
--> Stick_Figure_{A1A13D7E-C668-4046-B7BC-400922F632D4}.xml
--> _Metadata.xml
Stick_Figure_{A1A13D7E-C668-4046-B7BC-400922F632D4}.xml
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Talk to the Hand_{038A0070-5643-411D-9E65-EDF91666D94F}\
Talk to the Hand__vmk.LVF
[0] Type d'archive: CAB (Microsoft)
--> _Metadata.xml
--> talk_to_the_hand.gif
--> talk_to_the_hand.gif
--> Talk to the Hand_{038A0070-5643-411D-9E65-EDF91666D94F}.xml
--> talktothehand.dat
--> talktothehand.jpg
--> alphatexture_alpha.JPG
Talk to the Hand_{038A0070-5643-411D-9E65-EDF91666D94F}.xml
talk_to_the_hand.gif
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\They're Watching_{E431CEC6-FA6D-469C-A1F0-0A562AFEDA96}\
They're Watching__vmk.LVF
[0] Type d'archive: CAB (Microsoft)
--> _Metadata.xml
--> Theyre_watching.gif
--> Theyre_watching.gif
--> They're Watching_{E431CEC6-FA6D-469C-A1F0-0A562AFEDA96}.xml
--> Jungle1.dat
--> Jungle1.jpg
--> alphatexture_alpha.JPG
They're Watching_{E431CEC6-FA6D-469C-A1F0-0A562AFEDA96}.xml
Theyre_watching.gif
C:\Documents and Settings\All Users\Application Data\Logitech\QuickCam\ModelData\Tiled Up_{13F4D7E5-D931-443D-99AF-E9021029322C}\
Copy of TiledUp_anim.gif
Tiled Up__fun.LVF
[0] Type d'archive: CAB (Microsoft)
--> _Metadata.xml
--> Tiled_Up.gif
--> Copy of TiledUp_anim.gif
--> Tiled Up_{13F4D7E5-D931-443D-99AF-E9021029322C}.xml
--> modelfile.dat
--> texturefile.JPG
--> alphatexture_alpha.JPG
Tiled Up_{13F4D7E5-D931-443D-99AF-E9021029322C}.xml
Tiled_Up.gif
C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\
13956812
19459546
2266703
2607078
4028656
ignore.dat
news.txt
rules.ref
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\S-1-5-18\
6d14e4b1d8ca773bab785d1be032546e_6f5695f3-dc54-456b-b939-8e930608bfd8
d42cc0c3858a58db2db37658219e6400_6f5695f3-dc54-456b-b939-8e930608bfd8
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\
drwtsn32.log
user.dmp
C:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\
ppcrlconfig.dll
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\
qmgr0.dat
qmgr1.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\
MSS.chk
MSS.log
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
MSS018EE.log
MSStmp.log
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
res1.log
res2.log
tmp.edb
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
Windows.edb
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Config\
Gathrprm.Txt
Schema.Txt
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\
SystemIndex.1.Crwl
SystemIndex.10.Crwl
SystemIndex.100.Crwl
SystemIndex.101.Crwl
SystemIndex.102.Crwl
SystemIndex.103.Crwl
SystemIndex.104.Crwl
SystemIndex.105.Crwl
SystemIndex.106.Crwl
SystemIndex.107.Crwl
SystemIndex.108.Crwl
SystemIndex.109.Crwl
SystemIndex.11.Crwl
SystemIndex.110.Crwl
SystemIndex.111.Crwl
SystemIndex.112.Crwl
SystemIndex.113.Crwl
SystemIndex.114.Crwl
SystemIndex.115.Crwl
SystemIndex.116.Crwl
SystemIndex.117.Crwl
SystemIndex.118.Crwl
SystemIndex.119.Crwl
SystemIndex.12.Crwl
SystemIndex.120.Crwl
SystemIndex.121.Crwl
SystemIndex.122.Crwl
SystemIndex.123.Crwl
SystemIndex.124.Crwl
SystemIndex.125.Crwl
SystemIndex.126.Crwl
SystemIndex.127.Crwl
SystemIndex.128.Crwl
SystemIndex.129.Crwl
SystemIndex.13.Crwl
SystemIndex.130.Crwl
SystemIndex.131.Crwl
SystemIndex.132.Crwl
SystemIndex.133.Crwl
SystemIndex.134.Crwl
SystemIndex.135.Crwl
SystemIndex.136.Crwl
SystemIndex.137.Crwl
SystemIndex.138.Crwl
SystemIndex.139.Crwl
SystemIndex.14.Crwl
SystemIndex.140.Crwl
SystemIndex.141.Crwl
SystemIndex.142.Crwl
SystemIndex.143.Crwl
SystemIndex.144.Crwl
SystemIndex.145.Crwl
SystemIndex.146.Crwl
SystemIndex.147.Crwl
SystemIndex.148.Crwl
SystemIndex.149.Crwl
SystemIndex.15.Crwl
SystemIndex.150.Crwl
SystemIndex.151.Crwl
SystemIndex.152.Crwl
SystemIndex.153.Crwl
SystemIndex.154.Crwl
SystemIndex.155.Crwl
SystemIndex.156.Crwl
SystemIndex.157.Crwl
SystemIndex.158.Crwl
SystemIndex.159.Crwl
SystemIndex.16.Crwl
SystemIndex.160.Crwl
SystemIndex.161.Crwl
SystemIndex.162.Crwl
SystemIndex.163.Crwl
SystemIndex.164.Crwl
SystemIndex.165.Crwl
SystemIndex.166.Crwl
SystemIndex.167.Crwl
SystemIndex.168.Crwl
SystemIndex.169.Crwl
SystemIndex.17.Crwl
SystemIndex.170.Crwl
SystemIndex.171.Crwl
SystemIndex.172.Crwl
SystemIndex.173.Crwl
SystemIndex.174.Crwl
SystemIndex.175.Crwl
SystemIndex.176.Crwl
SystemIndex.177.Crwl
SystemIndex.178.Crwl
SystemIndex.179.Crwl
SystemIndex.18.Crwl
SystemIndex.180.Crwl
SystemIndex.181.Crwl
SystemIndex.182.Crwl
SystemIndex.183.Crwl
SystemIndex.184.Crwl
SystemIndex.185.Crwl
SystemIndex.186.Crwl
SystemIndex.187.Crwl
SystemIndex.188.Crwl
SystemIndex.189.Crwl
SystemIndex.19.Crwl
SystemIndex.190.Crwl
SystemIndex.191.Crwl
SystemIndex.192.Crwl
SystemIndex.193.Crwl
SystemIndex.194.Crwl
SystemIndex.195.Crwl
SystemIndex.196.Crwl
SystemIndex.197.Crwl
SystemIndex.198.Crwl
SystemIndex.199.Crwl
SystemIndex.2.Crwl
SystemIndex.20.Crwl
SystemIndex.200.Crwl
SystemIndex.201.Crwl
SystemIndex.202.Crwl
SystemIndex.203.Crwl
SystemIndex.204.Crwl
SystemIndex.205.Crwl
SystemIndex.206.Crwl
SystemIndex.207.Crwl
SystemIndex.208.Crwl
SystemIndex.209.Crwl
SystemIndex.21.Crwl
SystemIndex.210.Crwl
SystemIndex.211.Crwl
SystemIndex.212.Crwl
SystemIndex.213.Crwl
SystemIndex.214.Crwl
SystemIndex.215.Crwl
SystemIndex.216.Crwl
SystemIndex.217.Crwl
SystemIndex.218.Crwl
SystemIndex.219.Crwl
SystemIndex.22.Crwl
SystemIndex.220.Crwl
SystemIndex.221.Crwl
SystemIndex.222.Crwl
SystemIndex.223.Crwl
SystemIndex.224.Crwl
SystemIndex.225.Crwl
SystemIndex.226.Crwl
SystemIndex.227.Crwl
SystemIndex.228.Crwl
SystemIndex.229.Crwl
SystemIndex.23.Crwl
SystemIndex.230.Crwl
SystemIndex.231.Crwl
SystemIndex.232.Crwl
SystemIndex.233.Crwl
SystemIndex.234.Crwl
SystemIndex.235.Crwl
SystemIndex.236.Crwl
SystemIndex.237.Crwl
SystemIndex.238.Crwl
SystemIndex.239.Crwl
SystemIndex.24.Crwl
SystemIndex.240.Crwl
SystemIndex.241.Crwl
SystemIndex.242.Crwl
SystemIndex.243.Crwl
SystemIndex.244.Crwl
SystemIndex.245.Crwl
SystemIndex.246.Crwl
SystemIndex.247.Crwl
SystemIndex.248.Crwl
SystemIndex.249.Crwl
SystemIndex.25.Crwl
SystemIndex.250.Crwl
SystemIndex.251.Crwl
SystemIndex.252.Crwl
SystemIndex.253.Crwl
SystemIndex.254.Crwl
SystemIndex.255.Crwl
SystemIndex.256.Crwl
SystemIndex.256.gthr
SystemIndex.257.Crwl
SystemIndex.257.gthr
SystemIndex.258.Crwl
SystemIndex.258.gthr
SystemIndex.259.Crwl
SystemIndex.259.gthr
SystemIndex.26.Crwl
SystemIndex.260.Crwl
SystemIndex.260.gthr
SystemIndex.27.Crwl
SystemIndex.28.Crwl
SystemIndex.29.Crwl
SystemIndex.3.Crwl
SystemIndex.30.Crwl
SystemIndex.31.Crwl
SystemIndex.32.Crwl
SystemIndex.33.Crwl
SystemIndex.34.Crwl
SystemIndex.35.Crwl
SystemIndex.36.Crwl
SystemIndex.37.Crwl
SystemIndex.38.Crwl
SystemIndex.39.Crwl
SystemIndex.4.Crwl
SystemIndex.40.Crwl
SystemIndex.41.Crwl
SystemIndex.42.Crwl
SystemIndex.43.Crwl
SystemIndex.44.Crwl
SystemIndex.45.Crwl
SystemIndex.46.Crwl
SystemIndex.47.Crwl
SystemIndex.48.Crwl
SystemIndex.49.Crwl
SystemIndex.5.Crwl
SystemIndex.50.Crwl
SystemIndex.51.Crwl
SystemIndex.52.Crwl
SystemIndex.53.Crwl
SystemIndex.54.Crwl
SystemIndex.55.Crwl
SystemIndex.56.Crwl
SystemIndex.57.Crwl
SystemIndex.58.Crwl
SystemIndex.59.Crwl
SystemIndex.6.Crwl
SystemIndex.60.Crwl
SystemIndex.61.Crwl
SystemIndex.62.Crwl
SystemIndex.63.Crwl
SystemIndex.64.Crwl
SystemIndex.65.Crwl
SystemIndex.66.Crwl
SystemIndex.67.Crwl
SystemIndex.68.Crwl
SystemIndex.69.Crwl
SystemIndex.7.Crwl
SystemIndex.70.Crwl
SystemIndex.71.Crwl
SystemIndex.72.Crwl
SystemIndex.73.Crwl
SystemIndex.74.Crwl
SystemIndex.75.Crwl
SystemIndex.76.Crwl
SystemIndex.77.Crwl
SystemIndex.78.Crwl
SystemIndex.79.Crwl
SystemIndex.8.Crwl
SystemIndex.80.Crwl
SystemIndex.81.Crwl
SystemIndex.82.Crwl
SystemIndex.83.Crwl
SystemIndex.84.Crwl
SystemIndex.85.Crwl
SystemIndex.86.Crwl
SystemIndex.87.Crwl
SystemIndex.88.Crwl
SystemIndex.89.Crwl
SystemIndex.9.Crwl
SystemIndex.90.Crwl
SystemIndex.91.Crwl
SystemIndex.92.Crwl
SystemIndex.93.Crwl
SystemIndex.94.Crwl
SystemIndex.95.Crwl
SystemIndex.96.Crwl
SystemIndex.97.Crwl
SystemIndex.98.Crwl
SystemIndex.99.Crwl
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\
SystemIndex.chk1.gthr
SystemIndex.chk2.gthr
SystemIndex.Ntfy231.gthr
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\
00010001.ci
00010001.dir
00010001.wid
00010002.ci
00010002.dir
00010002.wid
00010003.ci
00010003.dir
00010003.wid
00010004.ci
00010004.dir
00010004.wid
00010005.ci
00010005.dir
00010005.wid
00010006.ci
00010006.dir
00010006.wid
00010007.ci
00010007.dir
00010007.wid
00010008.ci
00010008.dir
00010008.wid
00010009.ci
00010009.dir
00010009.wid
0001000A.ci
0001000A.dir
0001000A.wid
0001000B.ci
0001000B.dir
0001000B.wid
0001000B.wsb
0001000C.ci
0001000C.dir
0001000C.wid
0001000D.ci
0001000D.dir
0001000D.wid
0001000E.ci
0001000E.dir
0001000E.wid
0001000F.ci
0001000F.dir
0001000F.wid
00010010.ci
00010010.dir
00010010.wid
00010011.ci
00010011.dir
00010011.wid
00010012.ci
00010012.dir
00010012.wid
00010013.ci
00010013.dir
00010013.wid
00010014.ci
00010014.dir
00010014.wid
00010015.ci
00010015.dir
00010015.wid
00010016.ci
00010016.dir
00010016.wid
00010018.ci
00010018.dir
00010018.wid
00010019.ci
00010019.dir
00010019.wid
0001001A.ci
0001001A.dir
0001001A.wid
0001001B.ci
0001001B.dir
0001001B.wid
0001001F.ci
0001001F.dir
0001001F.wid
00010023.ci
00010023.dir
00010023.wid
00010024.ci
00010024.dir
00010024.wid
00010025.ci
00010025.dir
00010025.wid
CiAB0001.000
CiAB0001.001
CiAB0001.002
CiAB0002.000
CiAB0002.001
CiAB0002.002
CiAD0002.000
CiAD0002.001
CiAD0002.002
INDEX.000
INDEX.001
INDEX.002
SETTINGS.DIA
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\
CiPT0000.000
CiPT0000.001
CiPT0000.002
Used0000.000
Used0000.001
Used0000.002
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\
CiST0000.000
CiST0000.001
CiST0000.002
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Config\
gathrprm.txt
schema.txt
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\
Ntf1.tmp
Ntf2.tmp
Perflib_Perfdata_860.dat
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\Documents and Settings\All Users\Application Data\NortonInstaller\Logs\10-2-2008-23h00m12s\
SymNRT-10-2-2008-23h00m12s.log
SymNRT.1.mft.7z
C:\Documents and Settings\All Users\Application Data\Skype\Plugins\
local_store.dat
pxml.xml
_sstore.dat
C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Local Cache\
0019ED3CC0A745F8891EAEAAE2D3BED9_icon24.png
0019ED3CC0A745F8891EAEAAE2D3BED9_icon48.png
04B3EC9B2B5945A1B7AFC5FAFC297401_icon24.png
04B3EC9B2B5945A1B7AFC5FAFC297401_icon48.png
04B3EC9B2B5945A1B7AFC5FAFC297401_more.jpg
04B85A4AD92F471CB8EC199BEBD26C57_icon24.png
04B85A4AD92F471CB8EC199BEBD26C57_icon48.png
04B85A4AD92F471CB8EC199BEBD26C57_more.jpg
073AF5AC136443AEAF82FBD0E6EE23D0_icon24.png
073AF5AC136443AEAF82FBD0E6EE23D0_icon48.png
073AF5AC136443AEAF82FBD0E6EE23D0_named_strings.mlsxml
07B9E799E57E446881426C489ED9764D_icon24.png
07B9E799E57E446881426C489ED9764D_icon48.png
07B9E799E57E446881426C489ED9764D_more.jpg
08D7796607914DFCBDB76A685DCBCD6B_icon24.png
08D7796607914DFCBDB76A685DCBCD6B_icon48.png
08D7796607914DFCBDB76A685DCBCD6B_more.jpg
0B3223A1A4EA4592841023160E190196_icon24.png
0B3223A1A4EA4592841023160E190196_icon48.png
0B3223A1A4EA4592841023160E190196_more.jpg
0E9B418314BC4742BE13D94710A876D6_icon48.png
1163D2B46CC742E5A3CC9E4157887751_icon24.png
1163D2B46CC742E5A3CC9E4157887751_icon48.png
1163D2B46CC742E5A3CC9E4157887751_more.jpg
1163D2B46CC742E5A3CC9E4157887751_named_strings.mlsxml
13651BBE51534FF1B250EBE56CDE0987_icon48.png
13651BBE51534FF1B250EBE56CDE0987_named_strings.mlsxml
1447D8734FCC4B56BA92FDFD6C2F0C4E_icon24.png
1447D8734FCC4B56BA92FDFD6C2F0C4E_icon48.png
1447D8734FCC4B56BA92FDFD6C2F0C4E_more.jpg
1447D8734FCC4B56BA92FDFD6C2F0C4E_named_strings.mlsxml
15820943763B412CB59AA18ACC0EB6D7_icon24.png
15820943763B412CB59AA18ACC0EB6D7_icon48.png
15820943763B412CB59AA18ACC0EB6D7_named_strings.mlsxml
1597FB434D964733B5D8B2B112EE34C2_icon24.png
1597FB434D964733B5D8B2B112EE34C2_icon48.png
1597FB434D964733B5D8B2B112EE34C2_named_strings.mlsxml
1738568061F344A1A4CB20704FFEDA01_icon24.png
1738568061F344A1A4CB20704FFEDA01_icon48.png
177A970D7E05474FBE7059A182672B58_icon24.png
177A970D7E05474FBE7059A182672B58_icon48.png
177A970D7E05474FBE7059A182672B58_more.jpg
177A970D7E05474FBE7059A182672B58_named_strings.mlsxml
185538D1B9D7403E8163FCDCD905001E_icon24.png
185538D1B9D7403E8163FCDCD905001E_icon48.png
185538D1B9D7403E8163FCDCD905001E_more.jpg
1C858F44FD20414EA6E3ACFBA01EBBD2_icon24.png
1C858F44FD20414EA6E3ACFBA01EBBD2_icon48.png
1C858F44FD20414EA6E3ACFBA01EBBD2_more.jpg
1FC70C3683AC4F5492B8B9484F70BE62_icon24.png
1FC70C3683AC4F5492B8B9484F70BE62_icon48.png
1FC70C3683AC4F5492B8B9484F70BE62_more.jpg
20C0EC98121B45AB8E47ACAD00F439B2_icon24.png
20C0EC98121B45AB8E47ACAD00F439B2_icon48.png
20C0EC98121B45AB8E47ACAD00F439B2_more.jpg
215F17483FA345F985AFB7F0D52C6B80_icon24.png
215F17483FA345F985AFB7F0D52C6B80_icon48.png
215F17483FA345F985AFB7F0D52C6B80_more.jpg
215F17483FA345F985AFB7F0D52C6B80_named_strings.mlsxml
2286118ED27F4185B8E914DB419B9845_icon24.png
2286118ED27F4185B8E914DB419B9845_icon48.png
22E1CF92BED041C09C94A28F62FA6E12_icon24.png
22E1CF92BED041C09C94A28F62FA6E12_icon48.png
22E1CF92BED041C09C94A28F62FA6E12_more.jpg
26BF497F320A43C3B0EF4CB5702DDFDA_icon24.png
26BF497F320A43C3B0EF4CB5702DDFDA_icon48.png
26BF497F320A43C3B0EF4CB5702DDFDA_more.jpg
289650C9E52C40FE91D947C6D0EB72DA_icon24.png
289650C9E52C40FE91D947C6D0EB72DA_icon48.png
28D845C2326C442C824F851AB1B54AB4_icon24.png
28D845C2326C442C824F851AB1B54AB4_icon48.png
28D845C2326C442C824F851AB1B54AB4_more.jpg
2DA9E410035A495AA15707F5F57B8290_icon24.png
2DA9E410035A495AA15707F5F57B8290_icon48.png
2DA9E410035A495AA15707F5F57B8290_more.jpg
310891C5FB3645A0BEC3A6648A1468C8_icon24.png
310891C5FB3645A0BEC3A6648A1468C8_icon48.png
310891C5FB3645A0BEC3A6648A1468C8_more.jpg
3173E4F7E13640FD8BA83F7B886288F6_icon24.png
3173E4F7E13640FD8BA83F7B886288F6_icon48.png
3173E4F7E13640FD8BA83F7B886288F6_more.jpg
31E6481A7A624C39BB43E8BF6390376C_icon24.png
31E6481A7A624C39BB43E8BF6390376C_icon48.png
31E6481A7A624C39BB43E8BF6390376C_more.jpg
336F99D6F0094ADF86AD0D24F0E8A6F8_icon24.png
336F99D6F0094ADF86AD0D24F0E8A6F8_icon48.png
336F99D6F0094ADF86AD0D24F0E8A6F8_more.jpg
344D33EE48D740E890505EB2FEA27CF9_icon24.png
344D33EE48D740E890505EB2FEA27CF9_icon48.png
397BBD13AC0247B49B5C99654EC957B6_icon48.png
39B2F533597C4902A09E458E1F529484_icon24.png
39B2F533597C4902A09E458E1F529484_icon48.png
39B2F533597C4902A09E458E1F529484_named_strings.mlsxml
3FC333113C2B4835B62DCD762B266874_icon24.png
3FC333113C2B4835B62DCD762B266874_icon48.png
3FC333113C2B4835B62DCD762B266874_more.jpg
4241BB637A4E428696AA5B176904B25F_icon24.png
4241BB637A4E428696AA5B176904B25F_icon48.png
467A7D6F4FB84F3BBA97CE5218E3174C_icon24.png
467A7D6F4FB84F3BBA97CE5218E3174C_icon48.png
467A7D6F4FB84F3BBA97CE5218E3174C_more.jpg
4B0CD40E64684EFBB9596337DF1BFCD9_icon24.png
4B0CD40E64684EFBB9596337DF1BFCD9_icon48.png
4B0CD40E64684EFBB9596337DF1BFCD9_more.jpg
4B5C625A1D594B07BD2A5535186DA00D_icon24.png
4B5C625A1D594B07BD2A5535186DA00D_icon48.png
4B5C625A1D594B07BD2A5535186DA00D_more.jpg
4D05EF472458470DA8EF5F5B1C4258B0_icon24.png
4D05EF472458470DA8EF5F5B1C4258B0_icon48.png
4D05EF472458470DA8EF5F5B1C4258B0_more.jpg
565F009C651A4787952DCE8DCAEC7A2F_icon24.png
565F009C651A4787952DCE8DCAEC7A2F_icon48.png
5E79B22DC5314A7F8CA44FD6F346D763_icon24.png
5E79B22DC5314A7F8CA44FD6F346D763_icon48.png
5E79B22DC5314A7F8CA44FD6F346D763_named_strings.mlsxml
5F4F26549C094CDEA4BA0531F053A953_icon24.png
5F4F26549C094CDEA4BA0531F053A953_icon48.png
5F4F26549C094CDEA4BA0531F053A953_more.jpg
5FC2EEB3725B481CBFACF032F28BFB1B_icon24.png
5FC2EEB3725B481CBFACF032F28BFB1B_icon48.png
603EE37F99AD4A1D96456E9CE0982199_icon24.png
603EE37F99AD4A1D96456E9CE0982199_icon48.png
61BEB79ECBDD451F9554700542EE2D92_icon24.png
61BEB79ECBDD451F9554700542EE2D92_icon48.png
6580944A1D1042CAAC209DD9E3B09CDB_icon24.png
6580944A1D1042CAAC209DD9E3B09CDB_icon48.png
6580944A1D1042CAAC209DD9E3B09CDB_more.jpg
70A769DCB31D4D59AE936EAC08D29EE4_icon24.png
70A769DCB31D4D59AE936EAC08D29EE4_icon48.png
70A769DCB31D4D59AE936EAC08D29EE4_more.jpg
7583A6C03F894E7DB7977696F2A303B8_icon24.png
7583A6C03F894E7DB7977696F2A303B8_icon48.png
7606D527D0F54914BDC42899342D7164_icon24.png
7606D527D0F54914BDC42899342D7164_icon48.png
7606D527D0F54914BDC42899342D7164_more.jpg
76DD75F4114D4980AA886269FB262203_icon24.png
76DD75F4114D4980AA886269FB262203_icon48.png
76DD75F4114D4980AA886269FB262203_more.jpg
791AA5C0E2B842988FC61FF9DE4B1D06_icon24.png
791AA5C0E2B842988FC61FF9DE4B1D06_icon48.png
791AA5C0E2B842988FC61FF9DE4B1D06_more.jpg
791AA5C0E2B842988FC61FF9DE4B1D06_named_strings.mlsxml
794AA91C407043A88DAD4B086A865B2C_icon48.png
7A35F6B8E3B747518F5737995988E6FB_icon24.png
7A35F6B8E3B747518F5737995988E6FB_icon48.png
7A35F6B8E3B747518F5737995988E6FB_more.jpg
7DB369C197CB421699AA8B7A9C0420FC_icon24.png
7DB369C197CB421699AA8B7A9C0420FC_icon48.png
7DB369C197CB421699AA8B7A9C0420FC_more.jpg
7F5BE4677CC2476AAE329A220A9256D9_icon24.png
7F5BE4677CC2476AAE329A220A9256D9_icon48.png
7FF925F91B164F79B5B60CF131390434_icon24.png
7FF925F91B164F79B5B60CF131390434_icon48.png
7FF925F91B164F79B5B60CF131390434_more.jpg
7FF925F91B164F79B5B60CF131390434_named_strings.mlsxml
80D03E349BF44E6D9BCD6BF3006A2379_icon24.png
80D03E349BF44E6D9BCD6BF3006A2379_icon48.png
823837D034CA4FC58C73C7108F00081E_icon24.png
823837D034CA4FC58C73C7108F00081E_icon48.png
823837D034CA4FC58C73C7108F00081E_more.jpg
823837D034CA4FC58C73C7108F00081E_named_strings.mlsxml
827568A28AD44457A81ABC08309D7D62_icon24.png
827568A28AD44457A81ABC08309D7D62_icon48.png
827568A28AD44457A81ABC08309D7D62_more.jpg
86B67BC476C5410CA9C1F0FE1D97BEB2_icon24.png
86B67BC476C5410CA9C1F0FE1D97BEB2_icon48.png
86B67BC476C5410CA9C1F0FE1D97BEB2_more.jpg
86B67BC476C5410CA9C1F0FE1D97BEB2_named_strings.mlsxml
880C4AF585E7424893A3D22C64C3E597_icon24.png
880C4AF585E7424893A3D22C64C3E597_icon48.png
880C4AF585E7424893A3D22C64C3E597_more.jpg
885D1E7B61B84B46BC70973A9C4327BA_icon24.png
885D1E7B61B84B46BC70973A9C4327BA_icon48.png
885D1E7B61B84B46BC70973A9C4327BA_more.jpg
8BC41031C6CA43DD9DB7DDFA6F73C729_icon24.png
8BC41031C6CA43DD9DB7DDFA6F73C729_icon48.png
8BC41031C6CA43DD9DB7DDFA6F73C729_named_strings.mlsxml
8BF7B6507D32426F8EC9FCF43520397D_icon24.png
8BF7B6507D32426F8EC9FCF43520397D_icon48.png
8BF7B6507D32426F8EC9FCF43520397D_more.jpg
8DC8467972494A2FA46A9106F7003291_icon24.png
8DC8467972494A2FA46A9106F7003291_icon48.png
8DC8467972494A2FA46A9106F7003291_more.jpg
903CB56BA52F42478957BE8314837A86_icon24.png
903CB56BA52F42478957BE8314837A86_icon48.png
903CB56BA52F42478957BE8314837A86_more.jpg
906D8ACBEDCF4F9ABA608DE65965F0A9_icon24.png
906D8ACBEDCF4F9ABA608DE65965F0A9_icon48.png
906D8ACBEDCF4F9ABA608DE65965F0A9_more.jpg
90F9407DF16A48EAA743527F2C290774_icon24.png
90F9407DF16A48EAA743527F2C290774_icon48.png
90F9407DF16A48EAA743527F2C290774_more.jpg
90F9407DF16A48EAA743527F2C290774_named_strings.mlsxml
95F12167483D466CABC98CAFE4B4FD93_icon24.png
95F12167483D466CABC98CAFE4B4FD93_icon48.png
95F12167483D466CABC98CAFE4B4FD93_more.jpg
95F12167483D466CABC98CAFE4B4FD93_named_strings.mlsxml
962C58B9C93944A28A0B82EF9F85A392_icon24.png
962C58B9C93944A28A0B82EF9F85A392_icon48.png
962C58B9C93944A28A0B82EF9F85A392_more.jpg
96A68502084D46D0AD40C0C52D878A1E_icon24.png
96A68502084D46D0AD40C0C52D878A1E_icon48.png
97E065B58DB34359BED4D223D737C7E9_icon24.png
97E065B58DB34359BED4D223D737C7E9_icon48.png
97E065B58DB34359BED4D223D737C7E9_more.jpg
99999DACB5D54C46ABDF74397417741F_icon24.png
99999DACB5D54C46ABDF74397417741F_icon48.png
99999DACB5D54C46ABDF74397417741F_more.jpg
9B3841924CC847D7A428DE45431EFC77_icon24.png
9B3841924CC847D7A428DE45431EFC77_icon48.png
9B3841924CC847D7A428DE45431EFC77_more.jpg
9B3841924CC847D7A428DE45431EFC77_named_strings.mlsxml
9CF3151555FD401482AACC0FCF5AE540_icon24.png
9CF3151555FD401482AACC0FCF5AE540_icon48.png
9CF3151555FD401482AACC0FCF5AE540_more.jpg
9DD0E9094EA9457586DBCCEF6C641617_icon24.png
9DD0E9094EA9457586DBCCEF6C641617_icon48.png
9DD0E9094EA9457586DBCCEF6C641617_more.jpg
9DD0E9094EA9457586DBCCEF6C641617_named_strings.mlsxml
9DF70D99C7FE4D4D884651DA67A61B40_icon24.png
9DF70D99C7FE4D4D884651DA67A61B40_icon48.png
9DF70D99C7FE4D4D884651DA67A61B40_more.jpg
9E0D937F462E4362A83B254A9F8AB3F8_icon24.png
9E0D937F462E4362A83B254A9F8AB3F8_icon48.png
9E0D937F462E4362A83B254A9F8AB3F8_more.jpg
A2F36B1829EB4E69AC53989EB936C018_icon24.png
A2F36B1829EB4E69AC53989EB936C018_icon48.png
A2F36B1829EB4E69AC53989EB936C018_more.jpg
A38257F4BDAC4615BBE5E0ACDF608896_icon24.png
A38257F4BDAC4615BBE5E0ACDF608896_icon48.png
A5D98C699A4049D0A43C1136F38B1B07_icon24.png
A5D98C699A4049D0A43C1136F38B1B07_icon48.png
A5D98C699A4049D0A43C1136F38B1B07_more.jpg
A64E72D796E944EBA048AA1312AC2827_icon24.png
A64E72D796E944EBA048AA1312AC2827_icon48.png
A64E72D796E944EBA048AA1312AC2827_more.jpg
A917D7C9B8D0422E8AF070EED126876E_icon24.png
A917D7C9B8D0422E8AF070EED126876E_icon48.png
A917D7C9B8D0422E8AF070EED126876E_more.jpg
ADEECE83278F48DCBD8FF75E21342C35_icon24.png
ADEECE83278F48DCBD8FF75E21342C35_icon48.png
ADEECE83278F48DCBD8FF75E21342C35_more.jpg
B28403978FFE445C813E20A465C0C7DB_icon24.png
B28403978FFE445C813E20A465C0C7DB_icon48.png
B28403978FFE445C813E20A465C0C7DB_more.jpg
B5403225562D4A258B9F2E4C83852D9F_icon24.png
B5403225562D4A258B9F2E4C83852D9F_icon48.png
B5403225562D4A258B9F2E4C83852D9F_more.jpg
B6699E9B0FC545D88F648101AF84DA49_icon24.png
B6699E9B0FC545D88F648101AF84DA49_icon48.png
B6699E9B0FC545D88F648101AF84DA49_named_strings.mlsxml
B6A7F3A52FFD4934A26DAFDF41C6AC1B_icon24.png
B6A7F3A52FFD4934A26DAFDF41C6AC1B_icon48.png
B6A7F3A52FFD4934A26DAFDF41C6AC1B_named_strings.mlsxml
B7AA6314C6724DE38206EA862EF5A90E_icon24.png
B7AA6314C6724DE38206EA862EF5A90E_icon48.png
B7AA6314C6724DE38206EA862EF5A90E_more.jpg
B9206F7A33BA4CE1BED2DE155CB6D812_icon24.png
B9206F7A33BA4CE1BED2DE155CB6D812_icon48.png
B9206F7A33BA4CE1BED2DE155CB6D812_more.jpg
BD8D6FC5009346649E12CAC16EF2C33B_icon24.png
BD8D6FC5009346649E12CAC16EF2C33B_icon48.png
BD8D6FC5009346649E12CAC16EF2C33B_more.jpg
BD8D6FC5009346649E12CAC16EF2C33B_named_strings.mlsxml
C248BA0AB16341EE98466B74579F6923_icon24.png
C248BA0AB16341EE98466B74579F6923_icon48.png
C248BA0AB16341EE98466B74579F6923_more.jpg
C2CBCB8DECC2408BB03E7522D5C3BC28_icon24.png
C2CBCB8DECC2408BB03E7522D5C3BC28_icon48.png
C2CBCB8DECC2408BB03E7522D5C3BC28_more.jpg
C2CBCB8DECC2408BB03E7522D5C3BC28_named_strings.mlsxml
C528FFB1B9EC473792CF67849E25EDB6_icon24.png
C528FFB1B9EC473792CF67849E25EDB6_icon48.png
C528FFB1B9EC473792CF67849E25EDB6_more.jpg
C665089E09A74A44B11CBE01878E1049_icon24.png
C665089E09A74A44B11CBE01878E1049_icon48.png
C665089E09A74A44B11CBE01878E1049_more.jpg
C764B54920584E4DB6ED22C76181C663_icon24.png
C764B54920584E4DB6ED22C76181C663_icon48.png
C764B54920584E4DB6ED22C76181C663_more.jpg
C862D5FF867E44C7AF42F7D27E77515D_icon24.png
C862D5FF867E44C7AF42F7D27E77515D_icon48.png
CBBF3DD80BDE4A29A723BE906CAFF33B_icon24.png
CBBF3DD80BDE4A29A723BE906CAFF33B_icon48.png
CBBF3DD80BDE4A29A723BE906CAFF33B_more.jpg
CED7EA9B9D5D4C368001CEC627017007_icon24.png
CED7EA9B9D5D4C368001CEC627017007_icon48.png
CED7EA9B9D5D4C368001CEC627017007_more.jpg
D32D9ABFBE354AC8A84F07C309C1E3AF_icon24.png
D32D9ABFBE354AC8A84F07C309C1E3AF_icon48.png
D32D9ABFBE354AC8A84F07C309C1E3AF_more.jpg
D3987B641C134048B815DB578D607F42_icon24.png
D3987B641C134048B815DB578D607F42_icon48.png
D3987B641C134048B815DB578D607F42_more.jpg
D804062847E141ACAE576A54264242C7_icon24.png
D804062847E141ACAE576A54264242C7_icon48.png
D804062847E141ACAE576A54264242C7_more.jpg
D804062847E141ACAE576A54264242C7_named_strings.mlsxml
D99E0FE328074EBB91C9CF9781C3150D_icon24.png
D99E0FE328074EBB91C9CF9781C3150D_icon48.png
D9DE1C0C0B674A588218C5698E2193D3_icon24.png
D9DE1C0C0B674A588218C5698E2193D3_icon48.png
D9DE1C0C0B674A588218C5698E2193D3_more.jpg
D9DE1C0C0B674A588218C5698E2193D3_named_strings.mlsxml
DDEB1C5957CB432E8BA823B6D3B25E0D_icon24.png
DDEB1C5957CB432E8BA823B6D3B25E0D_icon48.png
DDEB1C5957CB432E8BA823B6D3B25E0D_more.jpg
E0EC36FFC2E841ECBB16385CBF6D932D_icon24.png
E0EC36FFC2E841ECBB16385CBF6D932D_icon48.png
E0EC36FFC2E841ECBB16385CBF6D932D_more.jpg
E12C95FCBD1240FEAE314D89676CA6F8_icon24.png
E12C95FCBD1240FEAE314D89676CA6F8_icon48.png
E12C95FCBD1240FEAE314D89676CA6F8_more.jpg
E12C95FCBD1240FEAE314D89676CA6F8_named_strings.mlsxml
E1667E89D6F2409287165EA4D8F06DC4_icon24.png
E1667E89D6F2409287165EA4D8F06DC4_icon48.png
E1667E89D6F2409287165EA4D8F06DC4_more.jpg
E1C4A63D24CE4ADC87D41DBEC1B27380_icon24.png
E1C4A63D24CE4ADC87D41DBEC1B27380_icon48.png
E1C4A63D24CE4ADC87D41DBEC1B27380_more.jpg
E5A2E5DE22C1417B977F291A80306500_icon24.png
E5A2E5DE22C1417B977F291A80306500_icon48.png
E5A2E5DE22C1417B977F291A80306500_named_strings.mlsxml
E6EC567C64B94F07A1A0826808B80B28_icon24.png
E6EC567C64B94F07A1A0826808B80B28_icon48.png
EB88264BC73E4BA0995109CEAF506A5F_icon24.png
EB88264BC73E4BA0995109CEAF506A5F_icon48.png
EB977B98998D4925929512564A60FED8_icon24.png
EB977B98998D4925929512564A60FED8_icon48.png
EDEFC1D01DA44E42B6B77DC847BF123D_icon48.png
F09C3B9060684346A02C2F528049D062_icon24.png
F09C3B9060684346A02C2F528049D062_icon48.png
F09C3B9060684346A02C2F528049D062_more.jpg
F1C19BF14C0246F693A175DFB7664EAD_icon24.png
F1C19BF14C0246F693A175DFB7664EAD_icon48.png
F2B83EECD4CF4910A0260B914BA281BA_icon24.png
F2B83EECD4CF4910A0260B914BA281BA_icon48.png
F2B83EECD4CF4910A0260B914BA281BA_more.jpg
F3053EF74652448F98A5C45703106076_icon24.png
F3053EF74652448F98A5C45703106076_icon48.png
F3053EF74652448F98A5C45703106076_more.jpg
F3053EF74652448F98A5C45703106076_named_strings.mlsxml
F35E193DC3E84933B83DE961D9AC33BF_icon24.png
F35E193DC3E84933B83DE961D9AC33BF_icon48.png
F35E193DC3E84933B83DE961D9AC33BF_more.jpg
F35E193DC3E84933B83DE961D9AC33BF_named_strings.mlsxml
F6978F4ED0EB4A2B957D08E37B29E951_icon24.png
F6978F4ED0EB4A2B957D08E37B29E951_icon48.png
F6978F4ED0EB4A2B957D08E37B29E951_more.jpg
FBAB4AF4CB0540E7B40FCE765547F4A1_icon24.png
FBAB4AF4CB0540E7B40FCE765547F4A1_icon48.png
FBAB4AF4CB0540E7B40FCE765547F4A1_more.jpg
FE8E23D36D8A4E3AA10BB1FBB58E9876_icon24.png
FE8E23D36D8A4E3AA10BB1FBB58E9876_icon48.png
FE8E23D36D8A4E3AA10BB1FBB58E9876_more.jpg
FE8E23D36D8A4E3AA10BB1FBB58E9876_named_strings.mlsxml
FF343C082C7E44418B47411DCB57438D_icon24.png
FF343C082C7E44418B47411DCB57438D_icon48.png
FF343C082C7E44418B47411DCB57438D_more.jpg
~Please do not delete files from this folder
C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Local Cache\Categories\
Business.png
Collaboration.png
Community.png
Expression.png
Featured.png
GameChannel.png
GreetingCards.png
Manage.png
MostPopular.png
MyPlugins.png
New.png
Productivity.png
RemoteAccess.png
Utilities.png
C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\
Game List.swf
[0] Type d'archive: SWC
--> Object
icon24.png
named_strings.mlsxml
PickGame.htm
pxml.xml
C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Local Cache\
~Please do not delete files from this folder
C:\Documents and Settings\All Users\Application Data\Skype\{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}\
Skype.msi
C:\Documents and Settings\All Users\Application Data\Sony Corporation\SonicStage\Gracenote\
cddbplm.gcf
cddbplm.idx
cddbplm.lsf
cddbplm.pdb
C:\Documents and Settings\All Users\Application Data\Sony Corporation\SonicStage\Packages\
MtData.mdb
MtType.mdb
C:\Documents and Settings\All Users\Application Data\Sony Corporation\SonicStage\Packages\DPL\Samples\
DynamicPlaylist.dtd
Lang.dtd
sample1.dpl
sample2.dpl
sample3.dpl
C:\Documents and Settings\All Users\Application Data\Sony Corporation\SonicStage\Skins\
MiniPlayer.ojs
[0] Type d'archive: ZIP
--> skin.xml
--> slider.bmp
--> stop.bmp
--> voldown.bmp
--> volup.bmp
--> base.bmp
--> ch.bmp
--> close.bmp
--> full.bmp
--> menu.bmp
--> min.bmp
--> next.bmp
--> play.bmp
--> prv.bmp
SonicStage2.ojs
[0] Type d'archive: ZIP
--> skin.xml
--> slider.bmp
--> stop.bmp
--> voldown.bmp
--> volup.bmp
--> base.bmp
--> ch.bmp
--> close.bmp
--> ff.bmp
--> full.bmp
--> menu.bmp
--> min.bmp
--> next.bmp
--> pause.bmp
--> play.bmp
--> playing.bmp
--> prv.bmp
--> rwd.bmp
C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Anti-Virus\Config\
bootstrap.xml
factory.xml
interchk.chk
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
machine.xml
Quarantine.xml
SAVIConfigFile.xml
storebootstrap.xml
C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Anti-Virus\logs\
SAV.txt
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\
Configuration.ini
Immunization.ini
ProcCache.sbc
Statistics.ini
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Backups\
regLocal.reg
regUsers.reg
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\
Bots.sbe
Cookies.sbe
FileExt.sbe
Links.sbe
RegKeyWhite.sbe
Single.sbe
SystemInternals.sbe
UpdateDL.sbe
WaitFor.sbe
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\
Checks.081002-2319.log
Checks.081002-2342.txt
Checks.081002-2350.log
Checks.081002-2350.txt
Checks.081025-1150.log
Checks.081025-1151.txt
Checks.081025-1201.log
Checks.081025-1201.txt
Checks.081027-0000.log
Checks.081027-0013.txt
Checks.081027-0014.log
Checks.081027-0729.log
Checks.081027-0740.txt
Checks.081028-1917.log
Checks.081028-1943.txt
Checks.081028-1949.log
Checks.081028-2005.txt
Checks.081028-2142.log
Checks.081028-2142.txt
Checks.081029-0900.log
Checks.081029-0931.txt
Checks.081029-2230.log
Checks.081029-2251.txt
Checks.081029-2302.log
Checks.081029-2313.txt
Checks.081030-0740.log
Checks.081030-0748.txt
Checks.081030-0900.log
Checks.081030-0926.txt
Checks.081031-0900.log
Checks.081031-0929.txt
Checks.081101-0900.log
Checks.081101-0930.txt
Checks.081102-0900.log
Checks.081102-0929.txt
Checks.081103-0900.log
Checks.081103-0928.txt
Checks.081104-0900.log
Checks.081104-0926.txt
Checks.081105-0900.log
Checks.081105-0925.txt
Checks.081106-0900.log
Checks.081106-0930.txt
Checks.081107-0900.log
Checks.081107-0933.txt
Checks.081108-0900.log
Checks.081108-0937.txt
Checks.081109-0900.log
Checks.081109-0937.txt
Checks.081110-0900.log
Checks.081110-0937.txt
Checks.081111-0900.log
Checks.081111-0933.txt
Checks.081112-0900.log
Checks.081112-0939.txt
Checks.081113-0900.log
Checks.081113-0935.txt
Checks.081114-0900.log
Checks.081114-0938.txt
Checks.081114-2126.log
Checks.081114-2141.txt
Fixes.081002-2350.txt
Fixes.081027-0013.txt
Fixes.081027-0014.txt
Fixes.081027-1415.txt
Fixes.081028-1944.txt
Fixes.081029-0931.txt
Fixes.081029-2302.txt
Fixes.081030-0926.txt
Fixes.081031-0929.txt
Fixes.081101-0930.txt
Fixes.081102-0929.txt
Fixes.081103-0928.txt
Fixes.081104-0926.txt
Fixes.081105-0925.txt
Fixes.081106-0930.txt
Fixes.081107-0933.txt
Fixes.081108-0937.txt
Fixes.081109-0937.txt
Fixes.081110-0937.txt
Fixes.081111-0933.txt
Fixes.081112-0939.txt
Fixes.081113-0935.txt
Fixes.081114-0938.txt
Fixes.081114-2142.txt
Resident.log
Update downloads.log
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\
Overview.ini
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2\
RegBHO-Global.reg
RegGBTB1-Global.reg
RegGS1-Global.reg
RegGS2-Global.reg
Timestamps.ini
C:\Documents and Settings\All Users\Application Data\TEMP
TEMP:DFC5A2B2
C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage\data\
data.dat
C:\Documents and Settings\All Users\Application Data\WLInstaller\
WLI_BS_2008-11-16_00-22-19.log
C:\Documents and Settings\All Users\Application Data\Yahoo! Companion\Data\default\
feed4.data
fr_p_c.data
fr_sres.data
us_sres.data
C:\Documents and Settings\All Users\Application Data\Yahoo! C
0
Réponse 26 / 29
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Re,

double clic sur l'icône d'antivir dans la barre des tâches

Clique sur Administration puis Quarantine.

Qu'y-a-t-il comme objet dans la quarantaine ?

Remets un rapport Hijackthis (ouvre l'explorateur Windows et cherche
C:\Program Files\Trend Micro\HijackThis\moncef.exe

double-clique et choisi di a scan and save a logfile)


0
Réponse 27 / 29
yagami2k2 Messages postés 17 Statut Membre
 
voici le rapport hijack this pour la quarantaine d'antivir j'ai supprimé l'antivirus vu que je possedais déja avast et syphos

j'ai reintallé antivir et relancé un scan le seul élément en quarantaire etait: TR/BHO.65536




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:15:10, on 18/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\moncef.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_activex.camfrogweb.com-advanced-2.0.1.14_instmodule.exe
O16 - DPF: {2D37B9E8-C14C-482C-B1CF-939C5440E179} (VTToolkit Control) - http://saintvalentin2006.maville.wanadoo.fr/VTToolkit.ocx
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} (VoxsyncCtrl Class) - https://login.orange.fr/captcha?return_url=https%3A%2F%2Fmescontacts.orange.fr
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/30ed27003d98cae53623/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Prime95 Service - Unknown owner - C:\Program Files\Prime95\prime95.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 28 / 29
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Re,

antivir a fait le job.

où en sont tes soucis ?
0
Réponse 29 / 29
yagami2k2 Messages postés 17 Statut Membre
 
apparemment msn ne déconne plus la fenetre ne s'impose plus au premier plan

en ce qui concerne mes recherches de virus et autres malwares rien a signaler

je vous remercie quelque soit le résultat (il semble bon pour le moment) de votre précieuse aide

et je vous souhaite une excellente soirée
0

Discussions similaires

Site Joomla hacké
cybsuzvar -
bg62 -

5 réponses
mw2 ps3 hacké ...
sniperwolf76200 -
Helpeople53 -

29 réponses
Mot de passe hacké :'(
Alexdieuveult -
MPMP10 -

5 réponses