Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

rapport hijackthis et

godscourge

Par godscourge
dans Analyses et éradication malwares

 Partager

Messages recommandés

godscourge Junior Member

godscourge

Posté(e)
Posté(e)

Bonjour a tous alors voila j ai une erreur

 

"ashavast.exe n'est pas une application win32 valide" et il m est impossible de lancer l install de avast (même en mode administrateur) j'ai une erreur 1920 (droit insuffisant pour lancer le process) tout cela m'est arrivé après l installation d'un logiciel pris sur emule (et surement douteux....) cela a provoqué une alerte malware de avast, l ordinateur a redémarré sans que je l'ai demandé (comme ci j avais fait démarrer / redémarrer l'ordinateur) et au redémarrage plusieurs signe bizarres...

 

 

rapport de combofix :

 

ComboFix 09-01-06.02 - godscourge 2009-01-07 16:37:39.2 - NTFSx86

Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.2047.1642 [GMT 1:00]

Lancé depuis: c:\documents and settings\godscourge\Bureau\ComboFix.exe

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\documents and settings\godscourge\Application Data\m

c:\documents and settings\godscourge\Application Data\m\data.oct

c:\documents and settings\godscourge\Application Data\m\flec006.exe

c:\documents and settings\godscourge\Application Data\m\list.oct

c:\documents and settings\godscourge\Application Data\m\shared\.NET Reflector 2.01.04.zip

c:\documents and settings\godscourge\Application Data\m\shared\@promt English-Spanish Express Translator 7.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\2.Symantec.Norton.Internet.Security.2005.Proper.Keygen.Only-Ssg.zip

c:\documents and settings\godscourge\Application Data\m\shared\2_Kaspersky.Antivirus.2006.keygen.bis.2008.[found-on-www-bitreactor-to].zip

c:\documents and settings\godscourge\Application Data\m\shared\AbyssMedia Audio Converter Plus 3.50.zip

c:\documents and settings\godscourge\Application Data\m\shared\AceComp.zip

c:\documents and settings\godscourge\Application Data\m\shared\Active Network Monitor 2.01.zip

c:\documents and settings\godscourge\Application Data\m\shared\Adusoft Photo DVD Slideshow 2.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Alloy Discovery 5.0.2.zip

c:\documents and settings\godscourge\Application Data\m\shared\AllyCAD 3.6 Build 3.zip

c:\documents and settings\godscourge\Application Data\m\shared\Antivir.6.Server.Edition.-.Win.2k.-.2k3.zip

c:\documents and settings\godscourge\Application Data\m\shared\Art Pixel 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\ASP Report Maker 2.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\ASPPack GroupWare 2.1.2.zip

c:\documents and settings\godscourge\Application Data\m\shared\AudioNUT 1.9.20.zip

c:\documents and settings\godscourge\Application Data\m\shared\AutoFTP Service 4.8.zip

c:\documents and settings\godscourge\Application Data\m\shared\avast enterprise edition v4.6.603 keygen by acme.zip

c:\documents and settings\godscourge\Application Data\m\shared\Better GCal 0.3.zip

c:\documents and settings\godscourge\Application Data\m\shared\Bg.-.Karizma.(2006).-.Eklisiast.(By.Panda.1960).zip

c:\documents and settings\godscourge\Application Data\m\shared\BKFRecovery 2.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Bootminder 2.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\BOS Calculator 1.02.zip

c:\documents and settings\godscourge\Application Data\m\shared\BreBoo 3GP Converter 4.6.zip

c:\documents and settings\godscourge\Application Data\m\shared\Breme Write Right 2.7.1.6.zip

c:\documents and settings\godscourge\Application Data\m\shared\Browse Assist 3.0.9.zip

c:\documents and settings\godscourge\Application Data\m\shared\camvista.com 1.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\Caro PictureViewer 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Comfortable PDF to HTML 1.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\Coniuno 1.3.4.zip

c:\documents and settings\godscourge\Application Data\m\shared\Contenido 4.8.3.zip

c:\documents and settings\godscourge\Application Data\m\shared\Convert BMP to JPG Software 7.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Cool All Video to FLV Flash Converter 6.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\CPU Burn-in 1.01.zip

c:\documents and settings\godscourge\Application Data\m\shared\Crack_Panda_Platinum_Internet_Security_v.8.03.00+codigo_activaciòn_garan

tizado_pOr_luismi.zip

c:\documents and settings\godscourge\Application Data\m\shared\CubeEye 1.6.zip

c:\documents and settings\godscourge\Application Data\m\shared\Cut 1.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\cvbFT 2.06.zip

c:\documents and settings\godscourge\Application Data\m\shared\Data Ferret 4.60.zip

c:\documents and settings\godscourge\Application Data\m\shared\Drop To DOS 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\E.M. Free DVD Copy 2.50.zip

c:\documents and settings\godscourge\Application Data\m\shared\Ease WAV TO RM Converter 1.00.zip

c:\documents and settings\godscourge\Application Data\m\shared\Easy DVD Rip 3.0.8 Build 1070108.zip

c:\documents and settings\godscourge\Application Data\m\shared\Easy Find 1.3.zip

c:\documents and settings\godscourge\Application Data\m\shared\Easy Search E-mail 1.0.22.zip

c:\documents and settings\godscourge\Application Data\m\shared\EditCrypt 1.3.0.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Excel Swap (Reverse) Rows & Columns Software 1.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\EZMem Optimizer 2.0.26.zip

c:\documents and settings\godscourge\Application Data\m\shared\Fileseeker 0.6.zip

c:\documents and settings\godscourge\Application Data\m\shared\FillOut Manager 1.02.zip

c:\documents and settings\godscourge\Application Data\m\shared\Flash to Video Converter Pro 1.23.zip

c:\documents and settings\godscourge\Application Data\m\shared\ForceDelete 0.3a.zip

c:\documents and settings\godscourge\Application Data\m\shared\Fraulein Font 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\GATree 2.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\gmail-mobile_1.3.1_update.zip

c:\documents and settings\godscourge\Application Data\m\shared\gRapid 1.2.zip

c:\documents and settings\godscourge\Application Data\m\shared\GTA VICE CITY (www.nokia-symbian.tk).zip

c:\documents and settings\godscourge\Application Data\m\shared\Guitartab Chord Groover 2.6.zip

c:\documents and settings\godscourge\Application Data\m\shared\HeidiSQL 3.2.zip

c:\documents and settings\godscourge\Application Data\m\shared\Hodoman Timer

c:\documents and settings\godscourge\Application Data\m\shared\Home Icons.zip

c:\documents and settings\godscourge\Application Data\m\shared\ICFI 2.01.zip

c:\documents and settings\godscourge\Application Data\m\shared\IE Zone Editor 5.0.32.zip

c:\documents and settings\godscourge\Application Data\m\shared\IGES Import for AutoCAD 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Image Toolbar 0.6.5.zip

c:\documents and settings\godscourge\Application Data\m\shared\Inside Online Video 0.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\Interactive Circle of Fifths 3.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\Interactive Web Physics 3.0 RC1.zip

c:\documents and settings\godscourge\Application Data\m\shared\Investment Wizard 1.07.zip

c:\documents and settings\godscourge\Application Data\m\shared\JSplitterMp3 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Just Another Analog Clock 1.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\kia Motorola Siemens 128x128 128x160.zip

c:\documents and settings\godscourge\Application Data\m\shared\LaunchIt NOW! Plus 2006 b0823.zip

c:\documents and settings\godscourge\Application Data\m\shared\MathSpeedAhead 1.33.zip

c:\documents and settings\godscourge\Application Data\m\shared\McAfee.Virus.Scan.2005.zip

c:\documents and settings\godscourge\Application Data\m\shared\Microsoft Silverlight Unit Test Framework RTW.zip

c:\documents and settings\godscourge\Application Data\m\shared\Mobile BRAIN Trainer Español - brain_es_m2_176_gen_adapted_adapted.zip

c:\documents and settings\godscourge\Application Data\m\shared\MP3 Wav Editor 3.30.zip

c:\documents and settings\godscourge\Application Data\m\shared\MUF Calc 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\MultiStart 1.3.zip

c:\documents and settings\godscourge\Application Data\m\shared\My FB Contacts 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\n80 n72 6600 Ngage(3).zip

c:\documents and settings\godscourge\Application Data\m\shared\Night Sky Screen Saver 1.0.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\NNTP Wizard ActiveX 3.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Norton.Antivirus.2006.Crack-Serial-Keygen.zip

c:\documents and settings\godscourge\Application Data\m\shared\Opera's DC++ (oDC) 5.31.zip

c:\documents and settings\godscourge\Application Data\m\shared\PhoneBackup 1.4.4 for Sony Ericsson.zip

c:\documents and settings\godscourge\Application Data\m\shared\Pittsburgh Traffic 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Portable ClipX 1.0.3.9g.zip

c:\documents and settings\godscourge\Application Data\m\shared\ProxyChanger 2.2.zip

c:\documents and settings\godscourge\Application Data\m\shared\PSP VintageMeter 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\QWallet 2.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\RawLoad 1.0.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\ReaConverter Lite 5.5.zip

c:\documents and settings\godscourge\Application Data\m\shared\River Past Audio Converter Pro 7.7.16.1904.zip

c:\documents and settings\godscourge\Application Data\m\shared\RootFTP 2.43.zip

c:\documents and settings\godscourge\Application Data\m\shared\Sauce Reader 2.0.2 beta.zip

c:\documents and settings\godscourge\Application Data\m\shared\Screen Booty 1.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\Set Title 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\SeXstazy 3.0.2.11.zip

c:\documents and settings\godscourge\Application Data\m\shared\SharePoint Scanner Plug-in Pro 2.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Shifting Sands Screen Saver 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\SoftDimension icon pack.zip

c:\documents and settings\godscourge\Application Data\m\shared\Sony [176x208] 1000 Words Mobile [W550i].zip

c:\documents and settings\godscourge\Application Data\m\shared\Surpriise 1.3.zip

c:\documents and settings\godscourge\Application Data\m\shared\Survey Power 6.40.zip

c:\documents and settings\godscourge\Application Data\m\shared\SwisSQL - SQL Server to Oracle Migration Tool 3.2.zip

c:\documents and settings\godscourge\Application Data\m\shared\The Art And Science Of Personal Magnetism 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\The Picture of Dorian Grey 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Tinysoar 3GP Video Converter 1.6.2.zip

c:\documents and settings\godscourge\Application Data\m\shared\Total Fax 8.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\TrakLoan 1.1.3.zip

c:\documents and settings\godscourge\Application Data\m\shared\Voix Jacques Chirac Tomtom Mobile 5.zip

c:\documents and settings\godscourge\Application Data\m\shared\WeatherXpress 2000 v2.2.5.zip

c:\documents and settings\godscourge\Application Data\m\shared\WebGuide 4.0.20.zip

c:\documents and settings\godscourge\Application Data\m\shared\WinForcer 3.3.zip

c:\documents and settings\godscourge\Application Data\m\shared\WinFormResizer for .NET 1.1 2.0.0011.6.zip

c:\documents and settings\godscourge\Application Data\m\shared\WinPager 1.1.0.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Winter 3D screensaver 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\WMS Messenger Corporate Edition 3.0.253.zip

c:\documents and settings\godscourge\Application Data\m\shared\WOOWEB-PRO 4.47.zip

c:\documents and settings\godscourge\Application Data\m\shared\Xilisoft CD Ripper 1.0.43.1017.zip

c:\documents and settings\godscourge\Application Data\m\shared\YourDir 2.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\ZHider 2.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Ziepod 1.0.zip

c:\documents and settings\godscourge\Application Data\m\srvlist.oct

c:\windows\system32\mdelk.exe

c:\windows\system32\wintems.exe

.

---- Previous Run -------

.

c:\documents and settings\godscourge\Application Data\drivers\downld

c:\documents and settings\godscourge\Application Data\drivers\downld\112515.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\126171.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\127687.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\130843.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\131437.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\131562.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\134062.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\134750.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\134890.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\156015.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\156578.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\162578.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\163265.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\178609.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\179703.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\180171.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\180906.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\181609.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\182046.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\188843.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\189906.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\190562.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\191234.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\191625.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\199312.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\199890.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\200203.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\209953.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\210515.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\210609.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\210812.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\212687.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\214375.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\218796.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\224531.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\230734.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\234453.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\235140.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\262609.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\277312.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\279515.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\279593.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\283843.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\291984.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\292093.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\46437.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\47015.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\50234.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\73531.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\75062.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\75484.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\75500.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\78718.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\83203.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\83500.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\95531.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\98281.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\99000.exe

c:\documents and settings\godscourge\Application Data\drivers\downld\99296.exe

c:\documents and settings\godscourge\Application Data\drivers\srosa2.sys

c:\documents and settings\godscourge\Application Data\drivers\winupgro.exe

c:\documents and settings\godscourge\Application Data\m\data.oct

c:\documents and settings\godscourge\Application Data\m\list.oct

c:\documents and settings\godscourge\Application Data\m\shared

c:\documents and settings\godscourge\Application Data\m\shared\3D Crazy Clock Screensaver 2.2.zip

c:\documents and settings\godscourge\Application Data\m\shared\3D Dungeon Screensaver 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\5.0 IPAQ LOOX Acer HP Compaq PDA setup(2).zip

c:\documents and settings\godscourge\Application Data\m\shared\A-one FLV Video Converter 6.2.6.zip

c:\documents and settings\godscourge\Application Data\m\shared\Ad Arrest Popup Killer 2.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\Addlogix SnapShot Professional 7.2.1 build 2691006476.zip

c:\documents and settings\godscourge\Application Data\m\shared\Addressinator! 4.1.0.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\AdFind 1.37.00.zip

c:\documents and settings\godscourge\Application Data\m\shared\Adriana Lima 28 Screensaver 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Afree AVI FLV MPEG WMV ASF MOV to MP4 Converter 5.2.zip

c:\documents and settings\godscourge\Application Data\m\shared\Allatori Obfuscator 2.3.zip

c:\documents and settings\godscourge\Application Data\m\shared\Aloaha PDF Crypter 3.6.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Aml Pages 9.08 Build 1994 Beta.zip

c:\documents and settings\godscourge\Application Data\m\shared\Amphis Customer 2.5.zip

c:\documents and settings\godscourge\Application Data\m\shared\Angostura.zip

c:\documents and settings\godscourge\Application Data\m\shared\Australian news 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Automatic Bridge Bidder 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Avast!.Antivirus.4.7.942.incl.Keygen.CORE.iTA.by.Peaceman.zip

c:\documents and settings\godscourge\Application Data\m\shared\Avast!.professional.editon.(español).v4.6.691.updated-fixed.12-2006.zip

c:\documents and settings\godscourge\Application Data\m\shared\Avast.4.7.By.TuX53.zip

c:\documents and settings\godscourge\Application Data\m\shared\Basic Web Page Layouts Creator 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\BB Tags 1.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\Bill Power Plus 9.3.172.zip

c:\documents and settings\godscourge\Application Data\m\shared\Birthday Reminder 1.4.2.zip

c:\documents and settings\godscourge\Application Data\m\shared\Bulldoser 3.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Contact Capture 3.1.6 Build 295.zip

c:\documents and settings\godscourge\Application Data\m\shared\CPU Meter Gadget 0.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\CQPhone 2.4.04.zip

c:\documents and settings\godscourge\Application Data\m\shared\Cxbx 0.7.8c.zip

c:\documents and settings\godscourge\Application Data\m\shared\Data-Reports.NET 1.2.0.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\Debt Collection Manager 1.0.2.zip

c:\documents and settings\godscourge\Application Data\m\shared\Desktop Christmas Tree 1.4.zip

c:\documents and settings\godscourge\Application Data\m\shared\DiskInternals CD and DVD Recovery 3.5.zip

c:\documents and settings\godscourge\Application Data\m\shared\DiskSpaceChart 2.3.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\DVD2XviD 1.0.75.zip

c:\documents and settings\godscourge\Application Data\m\shared\ECBackup 2.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\ELI Theme 0.4.zip

c:\documents and settings\godscourge\Application Data\m\shared\Firefox 2 theme for Firefox 3 0.9.3.zip

c:\documents and settings\godscourge\Application Data\m\shared\Flash Video MX 5.0.9.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\FontsOnCD 0.9b.zip

c:\documents and settings\godscourge\Application Data\m\shared\FoxyBox 1.0.2535.38187.zip

c:\documents and settings\godscourge\Application Data\m\shared\FractMus 2000 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Free Search Engine Ranking Software 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Free UPX 1.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\FreeEject 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\G-tune 2.50.zip

c:\documents and settings\godscourge\Application Data\m\shared\GCS MedSup 9.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\GoodOK DVD Clone 5.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Green Pulse 1.0.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\Ham Clock 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\HotKicks 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\iMacros Web Automation and Web Testing 6.12.zip

c:\documents and settings\godscourge\Application Data\m\shared\Image Navigator 3.2.zip

c:\documents and settings\godscourge\Application Data\m\shared\IP Desktop Viewer XP 2.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\iWebGet Professional 1.2.zip

c:\documents and settings\godscourge\Application Data\m\shared\Jackson 1.34.zip

c:\documents and settings\godscourge\Application Data\m\shared\John’s Background Switcher 3.5.0.1.2.zip

c:\documents and settings\godscourge\Application Data\m\shared\Jukebox Arcade 1.0.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\kaspersky 1.8.180 fr + crack.zip

c:\documents and settings\godscourge\Application Data\m\shared\KeepAlive 12.0.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\LavaLamp Screensaver 1.04.zip

c:\documents and settings\godscourge\Application Data\m\shared\Legendary Art Screensaver.zip

c:\documents and settings\godscourge\Application Data\m\shared\Lighthouse Clock screensaver 2.3.zip

c:\documents and settings\godscourge\Application Data\m\shared\LOOPSalad Lite 1.5.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Lottery Players Assistant 1.zip

c:\documents and settings\godscourge\Application Data\m\shared\MacSound 1.3.zip

c:\documents and settings\godscourge\Application Data\m\shared\McAfee.VirusScan.Enterprise.8.0.(Windows.Server).zip

c:\documents and settings\godscourge\Application Data\m\shared\Mediastork 0.25 alpha.zip

c:\documents and settings\godscourge\Application Data\m\shared\MP3 Converter 4.5.2.zip

c:\documents and settings\godscourge\Application Data\m\shared\MPS HTMLGate 12.2.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\MultiScript 2.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\NetAdjust Anonymous Proxy 5.4.0.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Netcraft Toolbar 1.7.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\NevAutoReg Bot 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\NGenFix Build 2007.04.11.zip

c:\documents and settings\godscourge\Application Data\m\shared\NOD32.Antivirus.System.2.51.30.XP-2000-NT.y.98-ME.+.Parche.ORO.zip

c:\documents and settings\godscourge\Application Data\m\shared\NOD32.Antivirus.v2.12.crack.keygen.serial.patch.zip

c:\documents and settings\godscourge\Application Data\m\shared\NovaBACKUP 10.1.41844.zip

c:\documents and settings\godscourge\Application Data\m\shared\NSEXEM32 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Number Boy 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Number Rows 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\PC Image Editor 3.70.zip

c:\documents and settings\godscourge\Application Data\m\shared\PhotoCleaner Professional 3.4.0 Build 0391.zip

c:\documents and settings\godscourge\Application Data\m\shared\PHP Code Library 1.9.0.152.zip

c:\documents and settings\godscourge\Application Data\m\shared\Portable PowerMenu 1.5.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\Porter 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\PowWow 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Pray For America Clock Screen Saver 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Privacy Fusion 1.0.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Project Risk Analysis 2.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\PSP Media Server 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\QuickHelp 3.0.2.zip

c:\documents and settings\godscourge\Application Data\m\shared\raw vision 0.0.8.zip

c:\documents and settings\godscourge\Application Data\m\shared\Registry Explorer 1.4.4.zip

c:\documents and settings\godscourge\Application Data\m\shared\RemoteObserver 2.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\RPE Photo 3.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Sagyn WebFilter 2.0.2.zip

c:\documents and settings\godscourge\Application Data\m\shared\Satellite Antenna Alignment 2.50.0.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Saugstube-Symantec_pcAnywhere_v11.5_GERMAN.zip

c:\documents and settings\godscourge\Application Data\m\shared\Saver Starter 1.5.zip

c:\documents and settings\godscourge\Application Data\m\shared\SCROLLIE 1.54.zip

c:\documents and settings\godscourge\Application Data\m\shared\ShowSize PE 5.0.2.zip

c:\documents and settings\godscourge\Application Data\m\shared\SoftAmbulance for Outlook Express 1.4.zip

c:\documents and settings\godscourge\Application Data\m\shared\SoftCollection Lefthander 1.36.043.zip

c:\documents and settings\godscourge\Application Data\m\shared\Sp@mX 4.2.6.zip

c:\documents and settings\godscourge\Application Data\m\shared\Space & Beyond Screensaver 1.0.6.2634.zip

c:\documents and settings\godscourge\Application Data\m\shared\Space Searcher 1.6.zip

c:\documents and settings\godscourge\Application Data\m\shared\SplitFire 1.05.zip

c:\documents and settings\godscourge\Application Data\m\shared\SS FileSplit 2-C.zip

c:\documents and settings\godscourge\Application Data\m\shared\Stars Channel 1.0.0.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Steelpod 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\Symantec Norton AntiVirus 2005 - Keygen Only! (by TMG).zip

c:\documents and settings\godscourge\Application Data\m\shared\The Simpsons Nokia 240-320 s60v3 n95.zip

c:\documents and settings\godscourge\Application Data\m\shared\Trading Framework 2.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\TuneCab 3.4.2.zip

c:\documents and settings\godscourge\Application Data\m\shared\TurnToolBox 2008.zip

c:\documents and settings\godscourge\Application Data\m\shared\Ultimate JV Letter Generator 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\UnlimitedFTP Servlet 1.0.7.zip

c:\documents and settings\godscourge\Application Data\m\shared\Video Capture Factory 7.1.0.0001.zip

c:\documents and settings\godscourge\Application Data\m\shared\Virtual Print Pilot 1.22.zip

c:\documents and settings\godscourge\Application Data\m\shared\Visual Studio Team System 2008 Test Load Agent.zip

c:\documents and settings\godscourge\Application Data\m\shared\VRRadio Player 2.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\WAVanalysator 1.2.zip

c:\documents and settings\godscourge\Application Data\m\shared\Willy Wonka 1.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\WindowOnTop 0.1.zip

c:\documents and settings\godscourge\Application Data\m\shared\xICE Desktop 1.0.16.zip

c:\documents and settings\godscourge\Application Data\m\shared\YapperNut 1.2.2.0.zip

c:\documents and settings\godscourge\Application Data\m\shared\YKill 1.1.zip

c:\documents and settings\godscourge\Application Data\m\srvlist.oct

c:\documents and settings\godscourge\new.txt

c:\program files\MSN Messenger\MsnMsgr.Exe

c:\windows\exefld

c:\windows\system32\ban_list.txt

c:\windows\twain_16.dll

 

.

((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Legacy_SK9OU0S

-------\Legacy_SROSA

-------\Service_sK9Ou0s

-------\Service_srosa

 

 

((((((((((((((((((((((((((((( Fichiers créés du 2008-12-07 au 2009-01-07 ))))))))))))))))))))))))))))))))))))

.

 

2009-01-07 16:25 . 2009-01-07 16:25 <REP> d-------- c:\program files\Trend Micro

2009-01-07 16:15 . 2009-01-07 16:20 <REP> d-------- C:\Combo-Fix

2009-01-07 16:13 . 2009-01-07 16:13 <REP> d-------- c:\windows\system32\Kaspersky Lab

2009-01-07 15:58 . 2009-01-07 15:58 <REP> d-------- c:\documents and settings\Administrateur\Application Data\Sony Ericsson

2009-01-07 15:57 . 2006-10-20 11:21 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage réseau

2009-01-07 15:57 . 2006-10-20 11:21 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage d'impression

2009-01-07 15:57 . 2006-10-20 09:27 <REP> d--h----- c:\documents and settings\Administrateur\Modèles

2009-01-07 15:57 . 2009-01-07 15:58 <REP> dr------- c:\documents and settings\Administrateur\Mes documents

2009-01-07 15:57 . 2006-10-20 11:21 <REP> dr------- c:\documents and settings\Administrateur\Menu Démarrer

2009-01-07 15:57 . 2009-01-07 15:58 <REP> dr------- c:\documents and settings\Administrateur\Favoris

2009-01-07 15:57 . 2009-01-07 16:25 <REP> d-------- c:\documents and settings\Administrateur\Bureau

2009-01-07 15:57 . 2009-01-07 16:30 <REP> d-------- c:\documents and settings\Administrateur

2009-01-07 15:18 . 2009-01-07 16:37 <REP> d--h----- c:\documents and settings\godscourge\Application Data\drivers

2008-12-07 14:13 . 2008-12-07 14:13 54,156 --ah----- c:\windows\QTFont.qfn

2008-12-07 14:13 . 2008-12-07 14:13 1,409 --a------ c:\windows\QTFont.for

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-01-07 15:20 --------- d-----w c:\program files\MSN Messenger

2009-01-07 14:38 --------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard

2009-01-07 14:36 --------- d-----w c:\documents and settings\godscourge\Application Data\Lavasoft

2009-01-07 14:33 --------- d-----w c:\program files\eMule

2009-01-07 14:16 --------- d--h--w c:\program files\InstallShield Installation Information

2009-01-07 09:11 --------- d-----w c:\documents and settings\godscourge\Application Data\FileZilla

2009-01-07 08:39 --------- d-----w c:\program files\FileZilla Client

2008-12-20 22:16 --------- d-----w c:\documents and settings\godscourge\Application Data\Vso

2008-11-16 16:40 --------- d-----w c:\documents and settings\godscourge\Application Data\OpenOffice.org2

2007-07-30 11:10 5,548 ----a-w c:\documents and settings\godscourge\pprxlo.exe

2007-07-30 11:06 5,548 ----a-w c:\documents and settings\godscourge\mhxajb.exe

2007-07-30 10:50 5,547 ----a-w c:\documents and settings\godscourge\bgwect.exe

2007-03-29 16:30 2,232 ----a-w c:\documents and settings\godscourge\Application Data\wklnhst.dat

.

 

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DriveCrypt Startup"="c:\program files\DriveCrypt\DriveCrypt.exe" [2002-02-02 1250084]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-01-07 81000]

"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2009-01-07 15872]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-11 7630848]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-01-02 98304]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360]

 

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\

ASUS WiFi-AP Solo.lnk - c:\program files\ASUS WiFi-AP Solo\RtWLan.exe [2007-10-15 987136]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]

"DisableRegedit"= 0 (0x0)

"HideClock"= 0 (0x0)

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]

path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]

path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk

backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^godscourge^Menu Démarrer^Programmes^Démarrage^AbsoluteShield Track Eraser.lnk]

path=c:\documents and settings\godscourge\Menu Démarrer\Programmes\Démarrage\AbsoluteShield Track Eraser.lnk

backup=c:\windows\pss\AbsoluteShield Track Eraser.lnkStartup

 

[HKLM\~\startupfolder\C:^Documents and Settings^godscourge^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]

path=c:\documents and settings\godscourge\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk

backup=c:\windows\pss\Adobe Gamma.lnkStartup

 

[HKLM\~\startupfolder\C:^Documents and Settings^godscourge^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.2.lnk]

path=c:\documents and settings\godscourge\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.2.lnk

backup=c:\windows\pss\OpenOffice.org 2.2.lnkStartup

 

[HKLM\~\startupfolder\C:^Documents and Settings^godscourge^Menu Démarrer^Programmes^Démarrage^Xfire.lnk]

path=c:\documents and settings\godscourge\Menu Démarrer\Programmes\Démarrage\Xfire.lnk

backup=c:\windows\pss\Xfire.lnkStartup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]

--a------ 2008-01-11 18:54 623992 c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0EYTHM]

--a------ 2007-03-20 15:40 1884160 c:\progra~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath]

--a------ 2005-02-28 16:53 53248 c:\windows\Vm_sti.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

--a------ 2004-08-05 13:00 15360 c:\windows\system32\ctfmon.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]

--a------ 2004-08-22 16:05 81920 c:\program files\D-Tools\daemon.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector]

--a------ 2003-11-27 09:16 217088 c:\program files\Fichiers communs\ACD Systems\FR\DevDetect.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]

--a------ 2005-07-12 10:36 299008 c:\program files\Lexmark Fax Solutions\fm3032.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]

--a------ 2006-11-22 02:09 842584 c:\program files\Microsoft IntelliPoint\ipoint.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch PC Probe II]

--a------ 2002-01-04 22:53 2125312 c:\program files\ASUS\PC Probe II\Probe2.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

--------- 2004-10-13 17:24 1694208 c:\program files\Messenger\msmsgs.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

--a------ 2001-07-09 09:50 155648 c:\windows\system32\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

--a------ 2006-08-11 14:43 7630848 c:\windows\system32\nvcpl.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite for Smartphones]

-ra------ 2006-04-25 12:09 487424 c:\program files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

--a------ 2007-01-02 18:41 98304 c:\program files\QuickTime\qttask.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

--a------ 2007-09-25 01:11 132496 c:\program files\Java\jre1.6.0_03\bin\jusched.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

--a------ 2007-09-06 09:58 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

--a------ 2006-09-26 15:49 35328 c:\program files\Winamp\winampa.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]

-r------- 2005-05-03 11:43 69632 c:\windows\Alcmtr.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

--a------ 2006-08-11 14:43 86016 c:\windows\system32\nvmctray.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

--a------ 2006-08-11 14:43 1519616 c:\windows\system32\nwiz.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]

-r------- 2006-04-17 08:34 16143872 c:\windows\RTHDCPL.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"ose"=3 (0x3)

"HP Status Server"=3 (0x3)

"HP Port Resolver"=3 (0x3)

"usnjsvc"=3 (0x3)

"Pml Driver HPZ12"=2 (0x2)

"gusvc"=3 (0x3)

"Bonjour Service"=2 (0x2)

"FLEXnet Licensing Service"=3 (0x3)

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\FlashFXP\\FlashFXP.exe"=

"c:\\Program Files\\BitTorrent\\bittorrent.exe"=

"d:\\jeux installé\\nerverwinternight2\\nwn2main.exe"=

"d:\\jeux installé\\nerverwinternight2\\nwn2main_amdxp.exe"=

"d:\\jeux installé\\nerverwinternight2\\nwupdate.exe"=

"d:\\jeux installé\\nerverwinternight2\\nwn2server.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\MSN Messenger\\livecall.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\Fichiers communs\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"135:TCP"= 135:TCP:TCP Port 135

"5000:TCP"= 5000:TCP:TCP Port 5000

"5001:TCP"= 5001:TCP:TCP Port 5001

"5002:TCP"= 5002:TCP:TCP Port 5002

"5003:TCP"= 5003:TCP:TCP Port 5003

"5004:TCP"= 5004:TCP:TCP Port 5004

"5005:TCP"= 5005:TCP:TCP Port 5005

"5006:TCP"= 5006:TCP:TCP Port 5006

"5007:TCP"= 5007:TCP:TCP Port 5007

"5008:TCP"= 5008:TCP:TCP Port 5008

"5009:TCP"= 5009:TCP:TCP Port 5009

"5010:TCP"= 5010:TCP:TCP Port 5010

"5011:TCP"= 5011:TCP:TCP Port 5011

"5012:TCP"= 5012:TCP:TCP Port 5012

"5013:TCP"= 5013:TCP:TCP Port 5013

"5014:TCP"= 5014:TCP:TCP Port 5014

"5015:TCP"= 5015:TCP:TCP Port 5015

"5016:TCP"= 5016:TCP:TCP Port 5016

"5017:TCP"= 5017:TCP:TCP Port 5017

"5018:TCP"= 5018:TCP:TCP Port 5018

"5019:TCP"= 5019:TCP:TCP Port 5019

"5020:TCP"= 5020:TCP:TCP Port 5020

"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server

"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server

"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server

"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server

 

R0 DCR;DCR;c:\windows\system32\drivers\DCR.sys [2006-10-23 230208]

R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM);c:\windows\system32\drivers\zebrceb.sys [2007-04-17 53392]

R4 DriveCryptService;DriveCrypt Service;c:\program files\DriveCrypt\DcrServ.exe [2006-10-23 98875]

S1 aswSP;avast! Self Protection; [x]

S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [2007-10-15 176128]

S3 SjyPkt;SjyPkt;c:\windows\system32\drivers\SjyPkt.sys [2007-10-15 13532]

S3 zebrbus;Sony Ericsson Composite Device driver;c:\windows\system32\drivers\zebrbus.sys [2007-04-17 66864]

S3 zebrmdfl;Sony Ericsson Modem Filter;c:\windows\system32\drivers\zebrmdfl.sys [2007-04-17 9264]

S3 zebrmdm;Sony Ericsson Port (WDM);c:\windows\system32\drivers\zebrmdm.sys [2007-04-17 101072]

S3 zebrmdmc;Sony Ericsson mRouter Port (WDM);c:\windows\system32\drivers\zebrmdmc.sys [2007-04-17 101008]

S3 zebrsce;Sony Ericsson PC-Connect Port;c:\windows\system32\drivers\zebrsce.sys [2007-04-17 85040]

S4 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys --> c:\windows\system32\DRIVERS\aswFsBlk.sys [?]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a185854c-7761-11dc-aea7-0018f3610612}]

\Shell\AutoRun\command - H:\VMC_PBStarter.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a185854d-7761-11dc-aea7-0018f3610612}]

\Shell\AutoRun\command - H:\VMC_PBStarter.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a185854e-7761-11dc-aea7-0018f3610612}]

\Shell\AutoRun\command - H:\VMC_PBStarter.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a185854f-7761-11dc-aea7-0018f3610612}]

\Shell\AutoRun\command - I:\VMC_PBStarter.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a1858550-7761-11dc-aea7-0018f3610612}]

\Shell\AutoRun\command - H:\VMC_PBStarter.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{af521696-a2a3-11dc-aeda-0015af069c66}]

\Shell\AutoRun\command - H:\VMC_PBStarter.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{af521697-a2a3-11dc-aeda-0015af069c66}]

\Shell\AutoRun\command - H:\VMC_PBStarter.exe

.

- - - - ORPHELINS SUPPRIMES - - - -

 

HKCU-Run-msnmsgr - c:\program files\MSN Messenger\msnmsgr.exe

MSConfigStartUp-dlmMgr - c:\program files\Fichiers communs\Adobe\ESD\AdobeDownloadManager.exe

MSConfigStartUp-eBayToolbar - c:\program files\eBay\eBay Toolbar2\eBayTBDaemon.exe

MSConfigStartUp-HP Software Update - c:\program files\HP\HP Software Update\HPWuSchd2.exe

MSConfigStartUp-MsnMsgr - c:\program files\MSN Messenger\MsnMsgr.Exe

MSConfigStartUp-Ub4TrayApp - c:\program files\Astase\UltraBackup\4.0\bin\ubtray.exe

 

 

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://www.google.fr/

uInternet Settings,ProxyOverride = *.local

IE: &eBay Search - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

IE: Ajouter au fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convertir en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convertir la cible du lien en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convertir la cible du lien en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convertir la sélection en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convertir la sélection en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convertir les liens sélectionnés en fichier Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convertir les liens sélectionnés en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

IE: Easy-WebPrint Ajouter à la liste d'impressions - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

IE: Easy-WebPrint Impression rapide - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

IE: Easy-WebPrint Imprimer - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

IE: Easy-WebPrint Prévisualiser - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

FF - ProfilePath - c:\documents and settings\godscourge\Application Data\Mozilla\Firefox\Profiles\inbggewg.default\

FF - prefs.js: browser.startup.homepage - hxxp://games.mountyhall.com/

FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-01-07 16:45:42

Windows 5.1.2600 Service Pack 2 NTFS

 

Recherche de processus cachés ...

 

Recherche d'éléments en démarrage automatique cachés ...

 

Recherche de fichiers cachés ...

 

Scan terminé avec succès

Fichiers cachés: 0

 

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

 

[HKEY_USERS\S-1-5-21-57989841-839522115-951005096-1003\Software\Microsoft\SystemCertificates\AddressBook*NULL*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

.

------------------------ Autres processus actifs ------------------------

.

c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\windows\system32\nvsvc32.exe

c:\windows\system32\HPZipm12.exe

c:\windows\system32\wdfmgr.exe

c:\windows\system32\wscntfy.exe

.

**************************************************************************

.

Heure de fin: 2009-01-07 16:51:44 - La machine a redémarré

ComboFix-quarantined-files.txt 2009-01-07 15:51:42

 

Avant-CF: 31 565 901 824 octets libres

Après-CF: 31,651,143,680 octets libres

 

600 --- E O F --- 2008-12-18 06:48:49

 

 

 

rapport de hijackthis

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:32:05, on 07/01/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\DriveCrypt\DcrServ.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\DriveCrypt\DriveCrypt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Documents and Settings\godscourge\Application Data\m\flec006.exe

C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\godscourge\Bureau\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll

O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [DriveCrypt Startup] C:\Program Files\DriveCrypt\DriveCrypt.exe /WS

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [drvsyskit] C:\Documents and Settings\godscourge\Application Data\drivers\winupgro.exe

O4 - HKCU\..\Run: [german.exe] C:\WINDOWS\system32\wintems.exe

O4 - HKCU\..\Run: [mule_st_key] C:\Documents and Settings\godscourge\Application Data\m\flec006.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-21-57989841-839522115-951005096-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Administrateur')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?

O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: AbsoluteShield Track Eraser - {4A0EF50C-6A4A-4b30-84D8-53D5BC95C043} - C:\Program Files\SysShield Tools\Track Eraser\cseraser.exe (HKCU)

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

O23 - Service: DriveCrypt Service (DriveCryptService) - Unknown owner - C:\Program Files\DriveCrypt\DcrServ.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

--

End of file - 8561 bytes

 

merci au professionnels de la lecture de ce genre de rapport pour leur futur aide!

 

l analyse de kaspersky online est en cours je posterai le compte rendu plus tard!

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...