globob

############# malwarebyte apparemment malwarebyte a fait du bon boulot : Malwarebytes' Anti-Malware 1.30 Version de la base de données: 1415 Windows 6.0.6001 Service Pack 1 22/11/2008 09:27:34 mbam-log-2008-11-22 (09-27-21).txt Type de recherche: Examen rapide Eléments examinés: 49891 Temps écoulé: 4 minute(s), 37 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 2 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rs32net (Trojan.FakeAlert.H) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rs32net (Trojan.FakeAlert.H) -> No action taken. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Windows\System32\rs32net.exe (Trojan.FakeAlert.H) -> No action taken. C:\Users\Sylvain\AppData\Local\Temp\BND94E.tmp (Rootkit.Agent) -> No action taken. ########### lop S&D par contre la je n'ai aps trop compri ce qui a été fait..rien ? --------------------\\ Lop S&D 4.2.4-9c XP/Vista Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1 X86-based PC ( Multiprocessor Free : AMD Athlon 64 X2 Dual Core Processor 6000+ ) BIOS : oC)Phoenix - AwardBIOSTeDell System v6.00PG USER : Sylvain ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1229 [VPS 081121-0] 4.8.1229 (Activated) C:\ (Local Disk) - NTFS - Total:222 Go (Free:31 Go) D:\ (Local Disk) - NTFS - Total:232 Go (Free:12 Go) E:\ (Local Disk) - NTFS - Total:9 Go (Free:6 Go) F:\ (CD or DVD) G:\ (CD or DVD) H:\ (USB) I:\ (USB) J:\ (USB) K:\ (USB) "C:\Lop SD" ( MAJ : 01-11-2008|16:30 ) Option : [4] ( 22/11/2008| 9:16 ) [ UAC => 1 ] \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script C:\ProgramData\HECKMEALJUMP C:\Program Files\HECKMEALJUMP C:\ProgramData\third lies itch ford\Book dupe.exe C:\ProgramData\third lies itch ford \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION ... C:\ProgramData\third lies itch ford\Book dupe.exe -> n'existe pas ! ... C:\ProgramData\HECKMEALJUMP -> n'existe pas ! ... C:\Program Files\HECKMEALJUMP -> n'existe pas ! ... C:\ProgramData\third lies itch ford -> n'existe pas ! Supprime! - C:\Users\Sylvain\AppData\Local\Temp\nsc2325.tmp - [ Fichier Hosts ] .. Restaure! \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans Local [21/11/2008|19:03] C:\Users\Sylvain\AppData\Local\Activision [18/11/2008|10:57] C:\Users\Sylvain\AppData\Local\Adobe [14/01/2008|19:54] C:\Users\Sylvain\AppData\Local\Ahead [06/04/2008|22:04] C:\Users\Sylvain\AppData\Local\Apple [22/10/2007|10:44] C:\Users\Sylvain\AppData\Local\Application Data [21/12/2007|10:33] C:\Users\Sylvain\AppData\Local\Apps [24/09/2008|14:15] C:\Users\Sylvain\AppData\Local\Autodesk [01/04/2008|16:09] C:\Users\Sylvain\AppData\Local\Bao_Nguyen [25/11/2007|23:05] C:\Users\Sylvain\AppData\Local\capcom [27/10/2007|19:16] C:\Users\Sylvain\AppData\Local\Codemasters [19/03/2008|17:14] C:\Users\Sylvain\AppData\Local\continuum [22/11/2008|09:14] C:\Users\Sylvain\AppData\Local\CutePDF Writer [21/11/2008|21:56] C:\Users\Sylvain\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [05/03/2008|19:18] C:\Users\Sylvain\AppData\Local\Deployment [20/11/2008|18:54] C:\Users\Sylvain\AppData\Local\Downloaded Installations [29/10/2007|20:12] C:\Users\Sylvain\AppData\Local\eMule [09/11/2008|16:08] C:\Users\Sylvain\AppData\Local\eziosoft [21/09/2008|09:20] C:\Users\Sylvain\AppData\Local\FlatOut Ultimate Carnage [28/11/2007|15:15] C:\Users\Sylvain\AppData\Local\GDIPFONTCACHEV1.DAT [25/10/2007|22:45] C:\Users\Sylvain\AppData\Local\Google [22/10/2007|10:44] C:\Users\Sylvain\AppData\Local\Historique [19/11/2008|19:03] C:\Users\Sylvain\AppData\Local\IconCache.db [27/10/2007|08:29] C:\Users\Sylvain\AppData\Local\Installer3904 [27/10/2007|08:32] C:\Users\Sylvain\AppData\Local\Installer4208 [19/02/2008|10:50] C:\Users\Sylvain\AppData\Local\Installer5664 [01/09/2008|23:31] C:\Users\Sylvain\AppData\Local\Macromedia [27/10/2008|16:04] C:\Users\Sylvain\AppData\Local\Microsoft [21/11/2007|11:11] C:\Users\Sylvain\AppData\Local\Microsoft Games [23/10/2007|12:57] C:\Users\Sylvain\AppData\Local\Microsoft Help [21/12/2007|11:05] C:\Users\Sylvain\AppData\Local\MicroVision Applications [29/11/2007|22:33] C:\Users\Sylvain\AppData\Local\Midway [22/10/2007|11:21] C:\Users\Sylvain\AppData\Local\Mozilla [31/10/2007|11:24] C:\Users\Sylvain\AppData\Local\Painkiller Overdose Demo [21/11/2008|19:03] C:\Users\Sylvain\AppData\Local\PunkBuster [20/02/2008|11:01] C:\Users\Sylvain\AppData\Local\Steam [14/11/2007|16:24] C:\Users\Sylvain\AppData\Local\SupportSoft [29/08/2008|13:50] C:\Users\Sylvain\AppData\Local\TechSmith [22/11/2008|09:16] C:\Users\Sylvain\AppData\Local\Temp [22/10/2007|10:44] C:\Users\Sylvain\AppData\Local\Temporary Internet Files [22/10/2007|10:44] C:\Users\Sylvain\AppData\Local\VirtualStore [22/10/2007|21:47] C:\Users\Sylvain\AppData\Local\Winamp Toolbar [05/03/2008|19:13] C:\Users\Sylvain\AppData\Local\Windows Collaboration [19/02/2008|14:34] C:\Users\Sylvain\AppData\Local\Windows Live Writer --------------------\\ Tâches planifiées dans C:\Windows\tasks [19/11/2008 19:10][--ah-----] C:\Windows\tasks\SA.DAT [19/11/2008 19:04][--a------] C:\Windows\tasks\SCHEDLGU.TXT --------------------\\ Listing des dossiers dans C:\ProgramData [01/11/2007|11:09] C:\ProgramData\5400 Series [10/10/2008|20:09] C:\ProgramData\Adobe [08/05/2008|15:44] C:\ProgramData\ALM [06/04/2008|22:04] C:\ProgramData\Apple [06/04/2008|22:05] C:\ProgramData\Apple Computer [22/10/2007|10:40] C:\ProgramData\Application Data [11/10/2008|09:29] C:\ProgramData\Autodesk [22/10/2007|10:40] C:\ProgramData\Bureau [30/05/2008|15:39] C:\ProgramData\Codemasters [21/11/2007|16:25] C:\ProgramData\Dell [22/10/2007|10:40] C:\ProgramData\Documents [29/10/2007|20:12] C:\ProgramData\eMule [03/02/2008|08:51] C:\ProgramData\ezsid.dat [22/10/2007|10:40] C:\ProgramData\Favoris [18/11/2008|19:40] C:\ProgramData\FLEXnet [22/10/2007|11:14] C:\ProgramData\Google [21/11/2008|18:18] C:\ProgramData\Google Updater [17/10/2007|14:14] C:\ProgramData\Gtek [17/10/2007|14:08] C:\ProgramData\InstallShield [31/01/2008|16:40] C:\ProgramData\Lavasoft [14/01/2008|18:21] C:\ProgramData\Logishrd [14/01/2008|18:09] C:\ProgramData\Logitech [01/09/2008|23:26] C:\ProgramData\Macromedia [22/10/2007|10:52] C:\ProgramData\McAfee [22/10/2007|10:40] C:\ProgramData\Menu D‚marrer [30/10/2007|22:30] C:\ProgramData\Messenger Plus! [21/09/2008|18:19] C:\ProgramData\Microsoft [22/11/2008|09:06] C:\ProgramData\Microsoft Help [22/10/2007|10:40] C:\ProgramData\ModŠles [22/10/2007|11:16] C:\ProgramData\Mozilla [14/01/2008|19:51] C:\ProgramData\Nero [25/06/2008|09:28] C:\ProgramData\NVIDIA [08/11/2008|14:01] C:\ProgramData\Pinnacle [08/11/2008|14:01] C:\ProgramData\Pinnacle Studio Plus [08/11/2008|14:06] C:\ProgramData\Pinnacle Studio Ultimate [04/02/2008|17:57] C:\ProgramData\Roxio [19/03/2008|18:36] C:\ProgramData\Skyline [22/10/2007|11:18] C:\ProgramData\Skype [17/10/2007|14:11] C:\ProgramData\Sonic [29/10/2007|17:24] C:\ProgramData\Spybot - Search & Destroy [08/11/2008|14:01] C:\ProgramData\Studio 12 [14/11/2007|15:58] C:\ProgramData\SupportSoft [19/11/2007|08:46] C:\ProgramData\TerraTec [11/10/2008|14:06] C:\ProgramData\TrackMania [22/10/2007|15:13] C:\ProgramData\Trymedia [16/05/2008|19:56] C:\ProgramData\Ubisoft [22/10/2007|11:40] C:\ProgramData\Winamp Toolbar [29/05/2008|02:21] C:\ProgramData\WindowsSearch [26/03/2008|17:18] C:\ProgramData\WLInstaller --------------------\\ Listing des dossiers dans C:\Program Files [10/01/2008|20:34] C:\Program Files\Abbyy FineReader 6.0 Sprint [22/02/2008|14:32] C:\Program Files\Acro Software [21/11/2008|18:34] C:\Program Files\Activision [21/05/2008|12:20] C:\Program Files\Ad-Aware 2007 [10/10/2008|20:01] C:\Program Files\Adobe [22/10/2007|18:04] C:\Program Files\AGEIA Technologies [22/10/2007|10:53] C:\Program Files\Alwil Software [06/04/2008|22:04] C:\Program Files\Apple Software Update [24/09/2008|14:12] C:\Program Files\AutoCAD 2009 [24/09/2008|14:03] C:\Program Files\Autodesk [27/10/2007|17:57] C:\Program Files\AveIconifier2 [22/10/2007|15:30] C:\Program Files\Bonjour [08/11/2008|14:10] C:\Program Files\Boris FX, Inc [19/06/2008|07:43] C:\Program Files\CamStudio [19/06/2008|07:39] C:\Program Files\CCleaner [30/05/2008|15:40] C:\Program Files\Codemasters [09/11/2008|16:01] C:\Program Files\Common Files [10/12/2007|20:18] C:\Program Files\Crysis [22/10/2007|11:47] C:\Program Files\DAEMON Tools [17/10/2007|14:19] C:\Program Files\Dell [14/11/2007|15:58] C:\Program Files\Dell Support Center [17/10/2007|14:14] C:\Program Files\DellSupport [19/06/2008|07:43] C:\Program Files\DeskSpace [06/11/2008|20:13] C:\Program Files\DivX [20/11/2008|18:42] C:\Program Files\EA Games [11/09/2008|18:32] C:\Program Files\Electronic Arts [29/10/2007|20:12] C:\Program Files\eMule [22/10/2007|10:40] C:\Program Files\Fichiers communs [C:\Program Files\Common Files] [18/11/2008|11:39] C:\Program Files\FileZilla Client [21/09/2008|09:20] C:\Program Files\FlatOut Ultimate Carnage [26/10/2007|22:45] C:\Program Files\FlatOut2 [16/03/2008|22:19] C:\Program Files\foxit [28/11/2007|10:17] C:\Program Files\Giganology [20/02/2008|12:44] C:\Program Files\Glary Utilities [11/08/2008|13:40] C:\Program Files\Google [22/02/2008|14:33] C:\Program Files\GPLGS [07/12/2007|00:39] C:\Program Files\gta [03/04/2008|17:02] C:\Program Files\Hamsterball [21/11/2008|18:56] C:\Program Files\InstallShield Installation Information [19/03/2008|20:29] C:\Program Files\Internet Explorer [16/12/2007|22:52] C:\Program Files\iriver [08/11/2008|22:34] C:\Program Files\Java [28/03/2008|18:04] C:\Program Files\Kaze to Desktop [09/04/2008|10:48] C:\Program Files\Lavalys [29/10/2007|17:23] C:\Program Files\Lavasoft [01/11/2007|11:16] C:\Program Files\Lexmark 5400 Series [01/11/2007|11:07] C:\Program Files\Lexmark Toolbar [25/04/2008|18:19] C:\Program Files\LimeWire [14/01/2008|18:09] C:\Program Files\Logitech [08/11/2008|14:10] C:\Program Files\LooksBuilderSE [22/11/2008|09:13] C:\Program Files\Lx_cats [06/11/2007|11:28] C:\Program Files\ma-config.com [20/09/2008|15:10] C:\Program Files\Macromedia [08/11/2008|13:50] C:\Program Files\Messenger Plus! Live [21/09/2008|18:24] C:\Program Files\Microsoft [15/01/2008|07:05] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [02/02/2008|11:29] C:\Program Files\Microsoft Games [24/09/2008|14:05] C:\Program Files\Microsoft Office [22/10/2008|16:34] C:\Program Files\Microsoft Silverlight [19/02/2008|14:46] C:\Program Files\Microsoft SQL Server Compact Edition [23/10/2007|13:04] C:\Program Files\Microsoft Visual Studio [23/10/2007|12:58] C:\Program Files\Microsoft Visual Studio 8 [10/09/2008|16:45] C:\Program Files\Microsoft Works [23/10/2007|13:02] C:\Program Files\Microsoft.NET [29/11/2007|22:01] C:\Program Files\Midway Home Entertainment [19/03/2008|20:29] C:\Program Files\Movie Maker [22/11/2008|09:03] C:\Program Files\Mozilla Firefox [18/05/2008|09:34] C:\Program Files\Mozilla Firefox 3 Beta 3 [23/10/2007|13:05] C:\Program Files\MSBuild [22/10/2007|11:25] C:\Program Files\MSXML 4.0 [14/01/2008|19:51] C:\Program Files\Nero [04/11/2007|19:22] C:\Program Files\NFSPS____ [17/10/2007|14:06] C:\Program Files\NVIDIA Corporation [12/12/2007|11:59] C:\Program Files\Nvu [27/10/2007|14:20] C:\Program Files\OO Software [10/05/2008|16:21] C:\Program Files\OpenAL [10/12/2007|20:29] C:\Program Files\PES2008 [08/11/2008|14:09] C:\Program Files\Pinnacle [08/05/2008|15:07] C:\Program Files\PowerISO [08/11/2008|14:10] C:\Program Files\proDAD [17/11/2008|20:46] C:\Program Files\Pure [06/04/2008|22:07] C:\Program Files\QuickTime [26/11/2007|20:48] C:\Program Files\Real [03/02/2008|20:59] C:\Program Files\Real Alternative [02/11/2006|13:37] C:\Program Files\Reference Assemblies [03/04/2008|16:57] C:\Program Files\ReflexiveArcade [29/10/2007|14:03] C:\Program Files\Sauerbraten [22/10/2007|15:06] C:\Program Files\Sierra [19/03/2008|18:35] C:\Program Files\Skyline [22/10/2007|11:18] C:\Program Files\Skype [29/10/2007|17:14] C:\Program Files\Spybot [20/09/2008|15:19] C:\Program Files\Steam [19/06/2008|15:39] C:\Program Files\StoneTrip [01/04/2008|16:06] C:\Program Files\Switcher [20/02/2008|19:07] C:\Program Files\SystemRequirementsLab [19/11/2007|10:08] C:\Program Files\Teamspeak2_RC2 [19/11/2007|08:43] C:\Program Files\TerraTec [10/05/2008|10:29] C:\Program Files\The KMPlayer FR [29/03/2008|11:04] C:\Program Files\THQ [16/04/2008|20:15] C:\Program Files\TmNationsForever [05/01/2008|11:10] C:\Program Files\TribalWeb [24/10/2008|15:40] C:\Program Files\Ubisoft [18/11/2008|12:26] C:\Program Files\UltraEdit-32 [18/11/2008|21:38] C:\Program Files\UnHackMe [02/11/2006|14:01] C:\Program Files\Uninstall Information [27/11/2007|12:28] C:\Program Files\Unreal Tournament 3 [26/10/2007|23:43] C:\Program Files\UT2004 [03/12/2007|22:28] C:\Program Files\uTorrent [19/06/2008|07:46] C:\Program Files\V-Gear BEE [19/06/2008|07:46] C:\Program Files\V-Gear LiveShow [26/10/2007|23:32] C:\Program Files\VideoLAN [28/11/2007|13:39] C:\Program Files\VirtualDJ [28/11/2007|13:36] C:\Program Files\virtualDJ5 [11/11/2008|18:49] C:\Program Files\Wia [11/11/2008|18:03] C:\Program Files\Wia2 [18/08/2008|10:30] C:\Program Files\Winamp [07/12/2007|19:55] C:\Program Files\Winamp Remote [22/10/2007|11:40] C:\Program Files\Winamp Toolbar [19/03/2008|20:29] C:\Program Files\Windows Calendar [19/03/2008|20:29] C:\Program Files\Windows Collaboration [19/03/2008|20:29] C:\Program Files\Windows Defender [19/03/2008|20:29] C:\Program Files\Windows Journal [21/09/2008|18:28] C:\Program Files\Windows Live [12/10/2008|17:24] C:\Program Files\Windows Live Safety Center [16/10/2008|02:11] C:\Program Files\Windows Mail [19/03/2008|20:29] C:\Program Files\Windows Media Player [22/10/2007|10:40] C:\Program Files\Windows NT [19/03/2008|20:29] C:\Program Files\Windows Photo Gallery [19/03/2008|20:29] C:\Program Files\Windows Sidebar [27/10/2007|06:39] C:\Program Files\WinRAR [31/10/2007|17:34] C:\Program Files\WinZip [22/10/2007|11:17] C:\Program Files\XnView --------------------\\ Listing des dossiers dans C:\Program Files\Common Files [27/10/2008|13:22] C:\Program Files\Common Files\Adobe [24/09/2008|14:10] C:\Program Files\Common Files\Autodesk Shared [24/09/2008|14:05] C:\Program Files\Common Files\DESIGNER [22/10/2007|11:54] C:\Program Files\Common Files\InstallShield [17/10/2007|14:05] C:\Program Files\Common Files\Java [14/01/2008|18:14] C:\Program Files\Common Files\LogiShrd [20/09/2008|15:07] C:\Program Files\Common Files\Macromedia [10/09/2008|18:03] C:\Program Files\Common Files\Macromedia Shared [22/10/2007|15:24] C:\Program Files\Common Files\Macrovision Shared [27/11/2007|09:15] C:\Program Files\Common Files\Microsoft Games [24/09/2008|14:05] C:\Program Files\Common Files\microsoft shared [14/01/2008|19:52] C:\Program Files\Common Files\Nero [08/11/2008|14:07] C:\Program Files\Common Files\Pinnacle [22/10/2007|15:46] C:\Program Files\Common Files\PX Storage Engine [26/11/2007|20:48] C:\Program Files\Common Files\Real [04/02/2008|17:57] C:\Program Files\Common Files\Roxio Shared [16/04/2008|20:23] C:\Program Files\Common Files\ServerExten [02/11/2006|12:18] C:\Program Files\Common Files\Services [09/11/2008|16:01] C:\Program Files\Common Files\Skype [27/10/2007|08:12] C:\Program Files\Common Files\snpstd3 [02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines [20/09/2008|15:03] C:\Program Files\Common Files\Steam [14/11/2007|15:57] C:\Program Files\Common Files\supportsoft [19/03/2008|20:29] C:\Program Files\Common Files\System [19/11/2007|08:45] C:\Program Files\Common Files\TerraTec [21/09/2008|18:20] C:\Program Files\Common Files\Windows Live [19/02/2008|14:33] C:\Program Files\Common Files\WindowsLiveInstaller [18/11/2008|19:49] C:\Program Files\Common Files\Wise Installation Wizard [26/11/2007|20:48] C:\Program Files\Common Files\xing shared [08/11/2008|14:01] C:\Program Files\Common Files\Yahoo! --------------------\\ Process ( 88 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-22 09:16:54 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 530 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\Users\Sylvain\AppData\Roaming\uTorrent\ADOBE.ILLUSTRATOR.CS3 (with CRACK).torrent C:\Users\Sylvain\AppData\Roaming\uTorrent\Adobe_Illustrator_CS3_DVD_Incl_Crack.torrent C:\Users\Sylvain\AppData\Roaming\uTorrent\Assassins Creed (PC) Crack no DVD v1.0 (Multilenguaje) por Pirata of Spain.rar.torrent C:\Users\Sylvain\AppData\Roaming\uTorrent\IDM UltraEdit v14.00 Final+Crack-HeartBug.torrent C:\Users\Sylvain\AppData\Roaming\uTorrent\Microsoft.Office.2007.Language.Pack_con.Crack_(TerritorioCero.com).rar.torr ent C:\Users\Sylvain\AppData\Roaming\uTorrent\NFSU crack.torrent C:\Users\Sylvain\AppData\Roaming\uTorrent\Pinnacle Studio 12 Ultimate Plus + Crack.torrent C:\Users\Sylvain\Documents\Mes sites\Sites\Site d blog\Explorer\save\Utiles\crack C:\Users\Sylvain\Documents\Mes sites\Sites\Site d blog\Explorer\save\Utiles\crack\photoshop 7.01 crack.exe C:\Users\Sylvain\Documents\script\PRGM\Cute FTP Pro 1.0 Crack.zip C:\Users\Sylvain\Downloads\install\ADOBE.ILLUSTRATOR.CS3 (with CRACK) C:\Users\Sylvain\Downloads\install\Keygen Nero 8.x.x.x.exe C:\Users\Sylvain\Downloads\install\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\ADOBE.ILLUSTRATOR.CS3 (with CRACK).daa C:\Users\Sylvain\Downloads\install\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\ADOBE.ILLUSTRATOR.CS3 (with CRACK).nfo C:\Users\Sylvain\Downloads\install\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\Torrent downloaded from Demonoid.com.txt C:\Users\Sylvain\Downloads\install\Captivate\[NewTorrents.info] Macromedia.Captivate.v1.01.1418.Incl.Keymaker-ZWT\keygen.exe C:\Users\Sylvain\Pictures\fonds\final\Crack_It_Open_by_Apartment_31.jpg [F:190][D:14]-> C:\Users\Sylvain\AppData\Local\Temp [F:4][D:0]-> C:\Users\Sylvain\AppData\Roaming\MICROS~1\Windows\Cookies [F:9][D:5]-> C:\Users\Sylvain\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5 [F:5][D:5]-> C:\$Recycle.Bin 1 - "C:\Lop SD\LopR_1.txt" - 22/11/2008| 9:11 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 22/11/2008| 9:18 - Option : [4] --------------------\\ Fin du rapport a 9:18:36 [ UAC => 1 ]

Bonjour, J'ai un problème avec un virus que avast n'arrive pas a supprimé comme il faut. Il y a 3 fichier qui sont détecté au moment ou je me connecte a internet (sans meme passé par un navigateur), ce sont toujours les même, même après les avoir supprimé (par avast). Ensuite cela fait planté "processus hôte" de windows..il y a 4 fenêtres qui se réouvre dés leur fermeture. J'ai essayé avec unhackme, mais sans résultat (et ad-aware et spybot...mais aucun raport je pense). Le virus provoque des probleme de démarage je pense aussi, je ne les avai pas avant.. Je vous remercie de l'aide que vous pourrez m'apporté. ############# image - Les 4 fenêtre du processus hôte qui plante (à différent état, mais je suis obligé d'avoir 4 de ces fenêtres ouverte !! - 2 des 3 virus détecté par avast a chaque démarrage (après connections a internet) - le dernier virus est situé : c:\windows\system32\drivers\tcpsr.sys : win32:trojan-gen {other} ############# rapport Hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:40:15, on 19/11/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Windows\tsnpstd3.exe C:\Windows\vsnpstd3.exe C:\Program Files\Lexmark 5400 Series\lxctmon.exe C:\Program Files\Lexmark 5400 Series\ezprint.exe C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rs32net.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Windows\ehome\ehtray.exe C:\Windows\System32\svchost.exe C:\Windows\System32\rs32net.exe C:\Windows\System32\svchost.exe C:\Program Files\UnHackMe\hackmon.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\WerFault.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\WerFault.exe C:\Windows\system32\WerFault.exe C:\Program Files\Alwil Software\Avast4\ashSimpl.exe C:\Program Files\Alwil Software\Avast4\ashChest.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\System32\svchost.exe C:\Windows\system32\WerFault.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Users\Sylvain\Downloads\install\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\Windows\system32\gigagetbho_v10.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe" O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [rs32net] C:\Windows\System32\rs32net.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [rs32net] C:\Windows\System32\rs32net.exe O4 - HKCU\..\Run: [unHackMe Monitor] C:\Program Files\UnHackMe\hackmon.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O8 - Extra context menu item: &Download All by Gigaget - C:\Program Files\Giganology\Gigaget\getallurl.htm O8 - Extra context menu item: &Download by Gigaget - C:\Program Files\Giganology\Gigaget\geturl.htm O8 - Extra context menu item: &Winamp Toolbar Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.fnacphoto.com/ECTelechargement/...geUploader4.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: lxct_device - - C:\Windows\system32\lxctcoms.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot\SDWinSec.exe O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\Windows\system32\sfrem01.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing) -- End of file - 13267 bytes