l'olivier

Merci merci ! Mon pc fonctionne bien ! Merci beaucoup pour ton aide ! Olivier

ET voila , en esperant que ce soit bon... Combofix Olivier Kerr - 06-12-11 15:09:51,60 Service Pack 2 ComboFix 06.11.27W - Running from: "C:\Documents and Settings\Olivier Kerr\Bureau" ((((((((((((((((((((((((((((((( Files Created from 2006-11-11 to 2006-12-11 )))))))))))))))))))))))))))))))))) 2006-12-11 13:52 <REP> d-------- C:\WINDOWS\system32\ActiveScan 2006-12-11 13:52 <REP> d-------- C:\WINDOWS\LastGood 2006-12-11 11:31 <REP> d--hs---- C:\Documents and Settings\Olivier Kerr\Recent 2006-12-11 10:22 <REP> d-------- C:\SDFix 2006-12-11 07:13 <REP> d-------- C:\!KillBox 2006-12-09 18:38 <REP> d-------- C:\WINDOWS\system32\bfubackups 2006-12-09 09:46 <REP> d-------- C:\Program Files\Microids 2006-12-09 09:46 <REP> d-------- C:\Program Files\directx 2006-12-09 08:38 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr 2006-12-09 08:38 87,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2006-12-09 08:38 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2006-12-09 08:38 666,240 --a------ C:\WINDOWS\system32\aswBoot.exe 2006-12-09 08:38 36,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2006-12-09 08:38 24,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2006-12-09 08:38 16,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2006-12-09 08:38 <REP> d-------- C:\Program Files\Alwil Software 2006-12-08 13:58 684,032 --a------ C:\WINDOWS\system32\libeay32.dll 2006-12-08 13:58 155,648 --a------ C:\WINDOWS\system32\ssleay32.dll 2006-12-08 13:15 2,548 --a------ C:\WINDOWS\system32\tmp.reg 2006-12-08 13:14 <REP> d-------- C:\Program Files\Lavasoft 2006-12-08 13:14 <REP> d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Lavasoft 2006-12-08 13:13 <REP> d-------- C:\Program Files\CCleaner 2006-12-08 12:37 <REP> d--hs---- C:\Config.Msi 2006-12-08 10:45 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2006-12-08 10:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2006-12-06 22:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\pixelStorm 2006-12-03 19:27 <REP> d-------- C:\MI3 2006-12-03 18:55 86,016 --a------ C:\WINDOWS\unvise32.exe 2006-12-03 18:55 209,636 --a------ C:\WINDOWS\IPUI_DivXG400.exe 2006-12-03 18:55 <REP> d-------- C:\Program Files\Morgan 2006-12-03 18:55 <REP> d-------- C:\Program Files\DivX 2006-12-03 18:54 <REP> d-------- C:\Program Files\Rippackv3 2006-12-03 18:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink 2006-11-27 22:58 28,672 --a------ C:\WINDOWS\system32\AVEQ.dll 2006-11-27 22:58 242,176 --a------ C:\WINDOWS\system32\fixflash.exe 2006-11-27 22:58 <REP> d-------- C:\Program Files\Allok Video to FLV Converter 2006-11-27 22:58 <REP> d-------- C:\AllokFLVFolder 2006-11-27 19:39 <REP> d-------- C:\Documents and Settings\Olivier Kerr\.GalleryRemote 2006-11-27 11:23 <REP> d-------- C:\Documents and Settings\Olivier Kerr\Application Data\XnView 2006-11-27 11:21 <REP> d-------- C:\Program Files\XnView 2006-11-24 19:49 <REP> d-------- C:\Documents and Settings\Olivier Kerr\Application Data\HAPedit 2006-11-24 08:51 <REP> d--h-c--- C:\WINDOWS\ie7 2006-11-22 15:22 <REP> d-------- C:\Documents and Settings\Olivier Kerr\.thumbnails 2006-11-22 14:20 <REP> d-------- C:\Documents and Settings\Olivier Kerr\.gimp-2.2 2006-11-22 14:15 <REP> d-------- C:\Program Files\Gimp 2006-11-22 11:13 <REP> d-------- C:\Program Files\GIMP-2.0 2006-11-21 21:41 72,192 --a------ C:\WINDOWS\unlite3.exe 2006-11-21 16:14 <REP> d-------- C:\Program Files\FileZilla 2006-11-19 21:48 <REP> d-------- C:\Program Files\Photo Story 3 for Windows 2006-11-14 07:05 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys 2006-11-12 18:47 <REP> d-------- C:\Documents and Settings\Olivier Kerr\Application Data\CyberLink 2006-11-12 18:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\CyberLink (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-12-11 14:31 -------- d-------- C:\Program Files\Windows Media Player 2006-12-11 14:31 -------- d-------- C:\Program Files\Windows Desktop Search 2006-12-11 14:30 -------- d-------- C:\Program Files\QuickTime 2006-12-11 14:28 -------- d-------- C:\Program Files\Norton AntiSpam 2006-12-11 14:28 -------- d-------- C:\Program Files\MSN Messenger 2006-12-11 14:24 -------- d-------- C:\Program Files\Microsoft IntelliType Pro 2006-12-11 14:24 -------- d-------- C:\Program Files\Microsoft IntelliPoint 2006-12-11 14:24 -------- d-------- C:\Program Files\Microsoft ActiveSync 2006-12-11 14:23 -------- d-------- C:\Program Files\iTunes 2006-12-11 14:23 -------- d-------- C:\Program Files\Internet Explorer 2006-12-11 14:21 -------- d-------- C:\Program Files\Fichiers communs\Symantec Shared 2006-12-11 13:45 -------- d-------- C:\Program Files\Fichiers communs 2006-12-11 09:36 -------- d-------- C:\Program Files\MUTAVISION © 2006-12-08 12:43 -------- d-------- C:\Program Files\Microsoft.NET 2006-12-08 12:43 -------- d-------- C:\Program Files\Fichiers communs\Microsoft Shared 2006-12-08 12:37 -------- d-------- C:\Program Files\Microsoft Small Business 2006-12-08 12:16 -------- d-------- C:\Program Files\Fichiers communs\Adobe 2006-12-08 12:16 -------- d-------- C:\Program Files\Adobe 2006-12-08 12:13 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Adobe 2006-12-08 11:25 -------- d-------- C:\Program Files\Outlook Express 2006-12-07 16:36 12999 --a------ C:\Documents and Settings\Olivier Kerr\Application Data\Microsoft Excel 97-2003.CAL 2006-12-01 14:02 -------- d---s---- C:\Documents and Settings\Olivier Kerr\Application Data\Microsoft 2006-11-26 15:02 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\OpenOffice.org2 2006-11-18 19:00 -------- d-------- C:\Program Files\SimpleOCR 2006-11-18 18:34 -------- d-------- C:\Program Files\Mozilla Firefox 2006-11-10 11:18 869 --a------ C:\Documents and Settings\Olivier Kerr\Application Data\AdobeDLM.log 2006-11-10 11:18 0 --a------ C:\Documents and Settings\Olivier Kerr\Application Data\dm.ini 2006-11-10 11:06 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\AdobeUM 2006-11-09 11:02 -------- d-------- C:\Program Files\SymNetDrv 2006-11-09 10:57 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Symantec 2006-11-09 10:42 4608 --a------ C:\WINDOWS\system32\drivers\symlcbrd.sys 2006-11-09 10:41 -------- d-------- C:\Program Files\Symantec 2006-11-07 21:03 6049280 --------- C:\WINDOWS\system32\ieframe.dll 2006-11-07 21:03 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll 2006-11-07 21:03 458752 --------- C:\WINDOWS\system32\msfeeds.dll 2006-11-07 21:03 413696 --a------ C:\WINDOWS\system32\vbscript.dll 2006-11-07 21:03 231424 --a------ C:\WINDOWS\system32\webcheck.dll 2006-11-07 21:03 180736 --------- C:\WINDOWS\system32\ieui.dll 2006-11-07 21:03 156160 --a------ C:\WINDOWS\system32\msls31.dll 2006-11-07 03:27 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll 2006-11-07 03:27 229376 --a------ C:\WINDOWS\system32\ieaksie.dll 2006-11-07 03:26 71680 --a------ C:\WINDOWS\system32\admparse.dll 2006-11-07 03:26 55296 --a------ C:\WINDOWS\system32\iesetup.dll 2006-11-07 03:26 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe 2006-11-07 03:26 43008 --a------ C:\WINDOWS\system32\iernonce.dll 2006-11-07 03:26 152064 --a------ C:\WINDOWS\system32\ieakeng.dll 2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe 2006-11-07 03:26 123904 --a------ C:\WINDOWS\system32\advpack.dll 2006-11-07 03:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll 2006-11-06 22:09 -------- d-------- C:\Program Files\WinRAR 2006-11-05 20:28 -------- d-------- C:\Program Files\iPod 2006-11-05 20:28 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Apple Computer 2006-11-04 20:25 1321744 --a------ C:\WINDOWS\system32\msxml6.dll 2006-11-03 23:59 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Delivery 2006-11-03 17:22 51972 --a------ C:\WINDOWS\BricoPackUninst.cmd 2006-11-03 17:22 3059 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd 2006-11-03 17:22 219648 --a------ C:\WINDOWS\system32\uxtheme.dll 2006-11-03 10:39 74752 --a------ C:\WINDOWS\ST6UNST.EXE 2006-11-03 10:39 253952 --------- C:\WINDOWS\Setup1.exe 2006-11-03 10:35 -------- d-------- C:\Program Files\Fichiers communs\DESIGNER 2006-11-02 15:03 -------- d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2006-11-02 07:43 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Macromedia 2006-10-31 18:12 -------- d-------- C:\Program Files\Windows Media Connect 2 2006-10-30 11:24 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Google 2006-10-30 11:23 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-10-30 11:23 -------- d-------- C:\Program Files\Google 2006-10-30 11:23 -------- d-------- C:\Program Files\Fichiers communs\InstallShield 2006-10-24 20:35 8292352 --a------ C:\WINDOWS\system32\wmploc.dll 2006-10-24 20:14 99840 --a------ C:\WINDOWS\system32\wmpshell.dll 2006-10-24 20:14 272384 --a------ C:\WINDOWS\system32\wmerror.dll 2006-10-24 20:12 7680 --a------ C:\WINDOWS\system32\asferror.dll 2006-10-24 10:17 48424 --a------ C:\WINDOWS\system32\sirenacm.dll 2006-10-18 23:04 44032 --------- C:\WINDOWS\system32\wpdshextres.dll 2006-10-18 22:58 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe 2006-10-18 22:58 8704 --a------ C:\WINDOWS\system32\uwdf.exe 2006-10-18 22:47 991744 --a------ C:\WINDOWS\system32\drmv2clt.dll 2006-10-18 22:47 937984 --a------ C:\WINDOWS\system32\WMNetMgr.dll 2006-10-18 22:47 767488 --------- C:\WINDOWS\system32\WMVSENCD.dll 2006-10-18 22:47 757248 --a------ C:\WINDOWS\system32\wmadmod.dll 2006-10-18 22:47 656896 --------- C:\WINDOWS\system32\WMVXENCD.dll 2006-10-18 22:47 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll 2006-10-18 22:47 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll 2006-10-18 22:47 613376 --------- C:\WINDOWS\system32\wmpmde.dll 2006-10-18 22:47 603648 --a------ C:\WINDOWS\system32\WMSPDMOD.dll 2006-10-18 22:47 542720 --a------ C:\WINDOWS\system32\blackbox.dll 2006-10-18 22:47 535040 --------- C:\WINDOWS\system32\wmdrmsdk.dll 2006-10-18 22:47 429056 --a------ C:\WINDOWS\system32\wmdrmdev.dll 2006-10-18 22:47 414208 --a------ C:\WINDOWS\system32\msscp.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\WMVADVE.DLL 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\WMVADVD.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\wdfapi.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\MPG4DMOD.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\MP4SDMOD.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\MP43DMOD.dll 2006-10-18 22:47 37376 --a------ C:\WINDOWS\system32\wmdmps.dll 2006-10-18 22:47 35840 --a------ C:\WINDOWS\system32\wpdconns.dll 2006-10-18 22:47 356352 --a------ C:\WINDOWS\system32\wpdsp.dll 2006-10-18 22:47 348672 --a------ C:\WINDOWS\system32\wmdrmnet.dll 2006-10-18 22:47 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll 2006-10-18 22:47 321536 --a------ C:\WINDOWS\system32\mswmdm.dll 2006-10-18 22:47 317440 --------- C:\WINDOWS\system32\MP4SDECD.dll 2006-10-18 22:47 314880 --a------ C:\WINDOWS\system32\wmpdxm.dll 2006-10-18 22:47 295936 --------- C:\WINDOWS\system32\wmpeffects.dll 2006-10-18 22:47 284160 --------- C:\WINDOWS\system32\PortableDeviceApi.dll 2006-10-18 22:47 276992 --a------ C:\WINDOWS\system32\audiodev.dll 2006-10-18 22:47 27136 --a------ C:\WINDOWS\system32\mspmsnsv.dll 2006-10-18 22:47 2603008 --------- C:\WINDOWS\system32\WpdShext.dll 2006-10-18 22:47 259072 --------- C:\WINDOWS\system32\MPG4DECD.dll 2006-10-18 22:47 259072 --------- C:\WINDOWS\system32\MP43DECD.dll 2006-10-18 22:47 2450944 --a------ C:\WINDOWS\system32\wmvcore.dll 2006-10-18 22:47 242688 --a------ C:\WINDOWS\system32\wmpasf.dll 2006-10-18 22:47 229376 --a------ C:\WINDOWS\system32\cewmdm.dll 2006-10-18 22:47 222208 --a------ C:\WINDOWS\system32\wmasf.dll 2006-10-18 22:47 212992 --------- C:\WINDOWS\system32\MFPLAT.dll 2006-10-18 22:47 211456 --a------ C:\WINDOWS\system32\qasf.dll 2006-10-18 22:47 204288 --a------ C:\WINDOWS\system32\wmpsrcwp.dll 2006-10-18 22:47 199168 --------- C:\WINDOWS\system32\PortableDeviceWMDRM.dll 2006-10-18 22:47 179712 --a------ C:\WINDOWS\system32\msnetobj.dll 2006-10-18 22:47 175616 --a------ C:\WINDOWS\system32\mspmsp.dll 2006-10-18 22:47 166912 --------- C:\WINDOWS\system32\PortableDeviceTypes.dll 2006-10-18 22:47 1661440 --a------ C:\WINDOWS\system32\wmpencen.dll 2006-10-18 22:47 1574912 --------- C:\WINDOWS\system32\WMVENCOD.dll 2006-10-18 22:47 157184 --a------ C:\WINDOWS\system32\wmidx.dll 2006-10-18 22:47 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll 2006-10-18 22:47 1543680 --------- C:\WINDOWS\system32\WMVDECOD.dll 2006-10-18 22:47 1382912 --------- C:\WINDOWS\system32\WMVSDECD.dll 2006-10-18 22:47 133632 --------- C:\WINDOWS\system32\WPDShServiceObj.dll 2006-10-18 22:47 1329152 --a------ C:\WINDOWS\system32\WMSPDMOE.dll 2006-10-18 22:47 132096 --------- C:\WINDOWS\system32\PortableDeviceWiaCompat.dll 2006-10-18 22:47 130048 --------- C:\WINDOWS\system32\wmpps.dll 2006-10-18 22:47 11264 --a------ C:\WINDOWS\system32\LAPRXY.dll 2006-10-18 22:47 1117696 --a------ C:\WINDOWS\system32\WMADMOE.dll 2006-10-18 22:47 101888 --------- C:\WINDOWS\system32\PortableDeviceClassExtension.dll 2006-10-18 21:03 100864 --a------ C:\WINDOWS\system32\logagent.exe 2006-10-18 21:00 38528 --a------ C:\WINDOWS\system32\drivers\wpdusb.sys 2006-10-18 21:00 249856 --------- C:\WINDOWS\system32\drmupgds.exe 2006-10-18 21:00 17408 --------- C:\WINDOWS\system32\wpdshextautoplay.exe 2006-10-17 12:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll 2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll 2006-10-17 12:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe 2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll 2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll 2006-10-17 12:03 17408 --a------ C:\WINDOWS\system32\corpol.dll 2006-10-17 11:58 61952 --------- C:\WINDOWS\system32\icardie.dll 2006-10-17 11:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe 2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll 2006-10-17 11:57 266752 --------- C:\WINDOWS\system32\iertutil.dll 2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe 2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll 2006-10-17 11:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll 2006-10-14 05:56 -------- d-------- C:\Program Files\TomTom HOME 2006-10-13 13:36 145920 --a------ C:\WINDOWS\system32\nwprovau.dll 2006-10-12 14:37 -------- d-------- C:\Program Files\OpenOffice.org 2.0 2006-10-12 14:34 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Cimaware 2006-10-11 15:20 -------- d-------- C:\Program Files\Java 2006-10-11 15:20 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Sun 2006-10-11 15:16 -------- d-------- C:\Program Files\Fichiers communs\Java 2006-10-10 15:56 56 -r-hsc--- C:\WINDOWS\system32\08E6234D82.sys 2006-10-10 15:56 1890 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys 2006-10-02 15:28 312128 --------- C:\WINDOWS\system32\msdelta.dll 2006-09-28 20:13 95344 --------- C:\WINDOWS\system32\WUDFCoinstaller.dll 2006-09-28 18:56 55808 --------- C:\WINDOWS\system32\WudfSvc.dll 2006-09-28 18:56 316416 --------- C:\WINDOWS\system32\WUDFx.dll 2006-09-28 18:56 165376 --------- C:\WINDOWS\system32\WudfPlatform.dll 2006-09-28 18:56 146432 --------- C:\WINDOWS\system32\WudfHost.exe 2006-09-27 12:41 22634 --a------ C:\Documents and Settings\Olivier Kerr\Application Data\Microsoft Excel.ADR 2006-09-27 12:20 574 --a--c--- C:\Documents and Settings\Olivier Kerr\Application Data\BCMMappings.xml 2006-09-27 12:20 1881 --a--c--- C:\Documents and Settings\Olivier Kerr\Application Data\Liste ERU.xls.102821281.xml 2006-09-25 17:58 23856 --a------ C:\WINDOWS\system32\spupdsvc.exe 2006-09-19 15:43 109360 --a------ C:\WINDOWS\system32\GEARAspi.dll 2006-09-17 09:13 0 --a--c--- C:\Documents and Settings\Olivier Kerr\Application Data\wklnhst.dat 2006-09-13 06:03 1084416 --a------ C:\WINDOWS\system32\msxml3.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "fsc-reminder.exe"="C:\\WINDOWS\\reminder\\fsc-reminder.exe 2454079 2" "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background" "H/PC Connection Agent"="\"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe\"" "WMPNSCFG"="\"C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe\"" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay" "RTHDCPL"="RTHDCPL.EXE" "SMSERIAL"="sm56hlpr.exe" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\"" "type32"="\"C:\\Program Files\\Microsoft IntelliType Pro\\type32.exe\"" "IntelliPoint"="\"C:\\Program Files\\Microsoft IntelliPoint\\point32.exe\"" "Xerox_WorkCenter_C2424"="\"C:\\Program Files\\Xerox\\WorkCentre C2424\\xc24bgts.exe\" 1" "BluetoothAuthenticationAgent"="\"rundll32.exe\" bthprops.cpl,,BluetoothAuthenticationAgent" "TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe\"" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\"" "Symantec NetDriver Monitor"="\"C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe\" /Consumer" "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000000 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="Groove GFS Stub Execution Hook" "{56F9679E-7826-4C84-81F3-532071A8BCC5}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=hex:95,00,00,00 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\Symantec NetDetect.job C:\WINDOWS\tasks\User_Feed_Synchronization-{20E9E16D-58E2-4482-BA50-36F78785A623}.job Completion time: 06-12-11 15:10:45.84 C:\ComboFix.txt ... 06-12-11 15:10 C:\ComboFix2.txt ... 06-12-11 11:50

voila le rapport antivirus ncident Statut Analyse Adware:Adware/DriveCleaner No Désinfecté C:\!KillBox\drvcav.dll Adware:Adware/DriveCleaner No Désinfecté C:\!KillBox\drvcav.dll( 7) Adware:Adware/DriveCleaner No Désinfecté C:\!KillBox\drvcep.dll Adware:Adware/DriveCleaner No Désinfecté C:\!KillBox\drvcep.dll( 4) Adware:Adware/DriveCleaner No Désinfecté C:\!KillBox\drvkiw.dll Adware:Adware/DriveCleaner No Désinfecté C:\!KillBox\drvkiw.dll( 6) Adware:Adware/DriveCleaner No Désinfecté C:\!KillBox\drvmac.dll Adware:Adware/DriveCleaner No Désinfecté C:\!KillBox\drvmac.dll( Spyware:Spyware/Virtumonde No Désinfecté C:\!KillBox\fmdbngqh.dll Spyware:Spyware/Virtumonde No Désinfecté C:\!KillBox\fmdbngqh.dll( 9) Spyware:Spyware/Virtumonde No Désinfecté C:\!KillBox\gmrhqlvr.dll Adware:Adware/WebSearch No Désinfecté C:\!KillBox\kvcvkugb.dll Spyware:Spyware/Virtumonde No Désinfecté C:\!KillBox\lexsktdp.dll Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\twxjrbge.exe Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\twxjrbge.exe( 2) Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\yrsxfbdk.exe Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\yrsxfbdk.exe( 3) Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Olivier Kerr\Bureau\SDFix.exe[sDFix\apps\Process.exe] Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Olivier Kerr\Bureau\SmitfraudFix\Process.exe Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\Olivier Kerr\Cookies\olivier_kerr@adtech[2].txt Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Olivier Kerr\Cookies\olivier_kerr@bluestreak[1].txt Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Olivier Kerr\Cookies\olivier_kerr@doubleclick[1].txt Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\Olivier Kerr\Cookies\olivier_kerr@overture[1].txt Spyware:Cookie/QuestionMarket No Désinfecté C:\Documents and Settings\Olivier Kerr\Cookies\olivier_kerr@questionmarket[1].txt Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Olivier Kerr\Cookies\olivier_kerr@serving-sys[1].txt Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Olivier Kerr\Cookies\olivier_kerr@tradedoubler[2].txt Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Olivier Kerr\Cookies\olivier_kerr@weborama[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Olivier Kerr\Cookies\olivier_kerr@xiti[1].txt Adware:Adware/WebSearch No Désinfecté C:\Documents and Settings\Olivier Kerr\Mes documents\backups\backup-20061211-073020-614.dll Outil indésirable:Application/Processor No Désinfecté C:\SDFix\apps\Process.exe

On avance on avance merci encore pour ton aide. Je viens de relancer kil box, pas d'erreur la scan est en cours voici le rapport killbox Pocket Killbox version 2.0.0.648 Running on Windows XP as Olivier Kerr(Administrator) was started @ lundi, décembre 11, 2006, 7:13 AM # 1 [Delete on Reboot] Path = C:\WINDOWS\system32\gmrhqlvr.dll # 2 [Delete on Reboot] Path = C:\WINDOWS\system32\fmdbngqh.dll Pocket Killbox version 2.0.0.648 Running on Windows XP as Olivier Kerr(Administrator) was started @ lundi, décembre 11, 2006, 1:41 PM # 1 [Delete on Reboot] Path = C:\WINDOWS\system32\fmdbngqh.dll # 2 [Delete on Reboot] Path = C:\WINDOWS\system32\drvmac.dll # 3 [Delete on Reboot] Path = C:\WINDOWS\system32\drvcav.dll # 4 [Delete on Reboot] Path = C:\WINDOWS\system32\drvkiw.dll # 5 [Delete on Reboot] Path = C:\WINDOWS\system32\lexsktdp.dll # 6 [Delete on Reboot] Path = C:\WINDOWS\system32\frsvabb.dll # 7 [Delete on Reboot] Path = C:\WINDOWS\system32\drvcep.dll # 8 [Delete on Reboot] Path = C:\WINDOWS\system32\yrsxfbdk.exe # 9 [Delete on Reboot] Path = C:\WINDOWS\system32\twxjrbge.exe # 10 [Delete on Reboot] Path = C:\WINDOWS\system32\wnsapisv.exe I Rebooted @ 1:42:59 PM Killbox Closed(Exit) @ 1:43:20 PM __________________________________________________

Et voilà chef ! [Logfile of HijackThis v1.99.1 Scan saved at 11:45:50, on 11/12/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\o2flash.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\sm56hlpr.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe C:\Documents and Settings\Olivier Kerr\Mes documents\test.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [sMSERIAL] sm56hlpr.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [Xerox_WorkCenter_C2424] "C:\Program Files\Xerox\WorkCentre C2424\xc24bgts.exe" 1 O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] "C:\PROGRA~1\SYMNET~1\SNDMon.exe" /Consumer O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2454079 2 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe" O4 - Global Startup: Croix Rouge Française Connexion VPN Intranet.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200609...ex/qtplugin.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1156334769656 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jin...indows-i586.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing) Olivier Kerr - 06-12-11 11:49:26,17 Service Pack 2 ComboFix 06.11.27W - Running from: "C:\Documents and Settings\Olivier Kerr\Bureau" ((((((((((((((((((((((((((((((( Files Created from 2006-11-11 to 2006-12-11 )))))))))))))))))))))))))))))))))) 2006-12-11 11:31 <REP> d--hs---- C:\Documents and Settings\Olivier Kerr\Recent 2006-12-11 10:22 <REP> d-------- C:\SDFix 2006-12-11 07:13 <REP> d-------- C:\!KillBox 2006-12-09 18:38 <REP> d-------- C:\WINDOWS\system32\bfubackups 2006-12-09 09:46 <REP> d-------- C:\Program Files\Microids 2006-12-09 09:46 <REP> d-------- C:\Program Files\directx 2006-12-09 08:38 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr 2006-12-09 08:38 87,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2006-12-09 08:38 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2006-12-09 08:38 666,240 --a------ C:\WINDOWS\system32\aswBoot.exe 2006-12-09 08:38 36,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2006-12-09 08:38 24,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2006-12-09 08:38 16,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2006-12-09 08:38 <REP> d-------- C:\Program Files\Alwil Software 2006-12-08 17:27 126,996 --------- C:\WINDOWS\system32\fmdbngqh.dll 2006-12-08 17:26 88,340 --a------ C:\WINDOWS\system32\yrsxfbdk.exe 2006-12-08 16:06 72,704 --a------ C:\WINDOWS\system32\drvmac.dll 2006-12-08 13:58 684,032 --a------ C:\WINDOWS\system32\libeay32.dll 2006-12-08 13:58 155,648 --a------ C:\WINDOWS\system32\ssleay32.dll 2006-12-08 13:15 2,548 --a------ C:\WINDOWS\system32\tmp.reg 2006-12-08 13:14 <REP> d-------- C:\Program Files\Lavasoft 2006-12-08 13:14 <REP> d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Lavasoft 2006-12-08 13:13 <REP> d-------- C:\Program Files\CCleaner 2006-12-08 12:37 <REP> d--hs---- C:\Config.Msi 2006-12-08 12:31 72,704 --a------ C:\WINDOWS\system32\drvcav.dll 2006-12-08 11:19 72,704 --a------ C:\WINDOWS\system32\drvkiw.dll 2006-12-08 10:45 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2006-12-08 10:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2006-12-08 09:46 126,996 --a------ C:\WINDOWS\system32\lexsktdp.dll 2006-12-08 09:45 88,340 --a------ C:\WINDOWS\system32\twxjrbge.exe 2006-12-08 09:42 2 --a------ C:\WINDOWS\system32\wnsapisv.exe 2006-12-08 09:41 93,696 --a------ C:\WINDOWS\system32\frsvabb.dll 2006-12-08 09:40 72,704 --a------ C:\WINDOWS\system32\drvcep.dll 2006-12-06 22:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\pixelStorm 2006-12-03 19:27 <REP> d-------- C:\MI3 2006-12-03 18:55 86,016 --a------ C:\WINDOWS\unvise32.exe 2006-12-03 18:55 209,636 --a------ C:\WINDOWS\IPUI_DivXG400.exe 2006-12-03 18:55 <REP> d-------- C:\Program Files\Morgan 2006-12-03 18:55 <REP> d-------- C:\Program Files\DivX 2006-12-03 18:54 <REP> d-------- C:\Program Files\Rippackv3 2006-12-03 18:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink 2006-11-27 22:58 28,672 --a------ C:\WINDOWS\system32\AVEQ.dll 2006-11-27 22:58 242,176 --a------ C:\WINDOWS\system32\fixflash.exe 2006-11-27 22:58 <REP> d-------- C:\Program Files\Allok Video to FLV Converter 2006-11-27 22:58 <REP> d-------- C:\AllokFLVFolder 2006-11-27 19:39 <REP> d-------- C:\Documents and Settings\Olivier Kerr\.GalleryRemote 2006-11-27 11:23 <REP> d-------- C:\Documents and Settings\Olivier Kerr\Application Data\XnView 2006-11-27 11:21 <REP> d-------- C:\Program Files\XnView 2006-11-24 19:49 <REP> d-------- C:\Documents and Settings\Olivier Kerr\Application Data\HAPedit 2006-11-24 08:51 <REP> d--h-c--- C:\WINDOWS\ie7 2006-11-22 15:22 <REP> d-------- C:\Documents and Settings\Olivier Kerr\.thumbnails 2006-11-22 14:20 <REP> d-------- C:\Documents and Settings\Olivier Kerr\.gimp-2.2 2006-11-22 14:15 <REP> d-------- C:\Program Files\Gimp 2006-11-22 11:13 <REP> d-------- C:\Program Files\GIMP-2.0 2006-11-21 21:41 72,192 --a------ C:\WINDOWS\unlite3.exe 2006-11-21 16:14 <REP> d-------- C:\Program Files\FileZilla 2006-11-19 21:48 <REP> d-------- C:\Program Files\Photo Story 3 for Windows 2006-11-14 07:05 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys 2006-11-12 18:47 <REP> d-------- C:\Documents and Settings\Olivier Kerr\Application Data\CyberLink 2006-11-12 18:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\CyberLink (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-12-11 11:43 -------- d-------- C:\Program Files\Fichiers communs 2006-12-11 09:36 -------- d-------- C:\Program Files\MUTAVISION © 2006-12-08 12:43 -------- d-------- C:\Program Files\Microsoft.NET 2006-12-08 12:43 -------- d-------- C:\Program Files\Fichiers communs\Microsoft Shared 2006-12-08 12:37 -------- d-------- C:\Program Files\Microsoft Small Business 2006-12-08 12:16 -------- d-------- C:\Program Files\Fichiers communs\Adobe 2006-12-08 12:16 -------- d-------- C:\Program Files\Adobe 2006-12-08 12:13 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Adobe 2006-12-08 11:25 -------- d-------- C:\Program Files\Windows Media Player 2006-12-08 11:25 -------- d-------- C:\Program Files\Outlook Express 2006-12-07 16:36 12999 --a------ C:\Documents and Settings\Olivier Kerr\Application Data\Microsoft Excel 97-2003.CAL 2006-12-05 20:49 -------- d-------- C:\Program Files\Fichiers communs\Symantec Shared 2006-12-01 14:02 -------- d---s---- C:\Documents and Settings\Olivier Kerr\Application Data\Microsoft 2006-11-26 15:02 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\OpenOffice.org2 2006-11-24 08:55 -------- d-------- C:\Program Files\Internet Explorer 2006-11-18 19:00 -------- d-------- C:\Program Files\SimpleOCR 2006-11-18 18:34 -------- d-------- C:\Program Files\Mozilla Firefox 2006-11-10 11:18 869 --a------ C:\Documents and Settings\Olivier Kerr\Application Data\AdobeDLM.log 2006-11-10 11:18 0 --a------ C:\Documents and Settings\Olivier Kerr\Application Data\dm.ini 2006-11-10 11:06 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\AdobeUM 2006-11-09 11:02 -------- d-------- C:\Program Files\SymNetDrv 2006-11-09 10:57 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Symantec 2006-11-09 10:43 -------- d-------- C:\Program Files\Norton AntiSpam 2006-11-09 10:42 4608 --a------ C:\WINDOWS\system32\drivers\symlcbrd.sys 2006-11-09 10:41 -------- d-------- C:\Program Files\Symantec 2006-11-07 21:03 6049280 --------- C:\WINDOWS\system32\ieframe.dll 2006-11-07 21:03 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll 2006-11-07 21:03 458752 --------- C:\WINDOWS\system32\msfeeds.dll 2006-11-07 21:03 413696 --a------ C:\WINDOWS\system32\vbscript.dll 2006-11-07 21:03 231424 --a------ C:\WINDOWS\system32\webcheck.dll 2006-11-07 21:03 180736 --------- C:\WINDOWS\system32\ieui.dll 2006-11-07 21:03 156160 --a------ C:\WINDOWS\system32\msls31.dll 2006-11-07 03:27 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll 2006-11-07 03:27 229376 --a------ C:\WINDOWS\system32\ieaksie.dll 2006-11-07 03:26 71680 --a------ C:\WINDOWS\system32\admparse.dll 2006-11-07 03:26 55296 --a------ C:\WINDOWS\system32\iesetup.dll 2006-11-07 03:26 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe 2006-11-07 03:26 43008 --a------ C:\WINDOWS\system32\iernonce.dll 2006-11-07 03:26 152064 --a------ C:\WINDOWS\system32\ieakeng.dll 2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe 2006-11-07 03:26 123904 --a------ C:\WINDOWS\system32\advpack.dll 2006-11-07 03:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll 2006-11-06 22:09 -------- d-------- C:\Program Files\WinRAR 2006-11-05 20:28 -------- d-------- C:\Program Files\iTunes 2006-11-05 20:28 -------- d-------- C:\Program Files\iPod 2006-11-05 20:28 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Apple Computer 2006-11-05 20:27 -------- d-------- C:\Program Files\QuickTime 2006-11-04 20:25 1321744 --a------ C:\WINDOWS\system32\msxml6.dll 2006-11-03 23:59 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Delivery 2006-11-03 17:22 51972 --a------ C:\WINDOWS\BricoPackUninst.cmd 2006-11-03 17:22 3059 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd 2006-11-03 17:22 219648 --a------ C:\WINDOWS\system32\uxtheme.dll 2006-11-03 10:39 74752 --a------ C:\WINDOWS\ST6UNST.EXE 2006-11-03 10:39 253952 --------- C:\WINDOWS\Setup1.exe 2006-11-03 10:35 -------- d-------- C:\Program Files\Fichiers communs\DESIGNER 2006-11-02 15:03 -------- d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2006-11-02 07:43 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Macromedia 2006-10-31 18:52 -------- d-------- C:\Program Files\MSN Messenger 2006-10-31 18:12 -------- d-------- C:\Program Files\Windows Media Connect 2 2006-10-30 11:24 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Google 2006-10-30 11:23 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-10-30 11:23 -------- d-------- C:\Program Files\Google 2006-10-30 11:23 -------- d-------- C:\Program Files\Fichiers communs\InstallShield 2006-10-24 20:35 8292352 --a------ C:\WINDOWS\system32\wmploc.dll 2006-10-24 20:14 99840 --a------ C:\WINDOWS\system32\wmpshell.dll 2006-10-24 20:14 272384 --a------ C:\WINDOWS\system32\wmerror.dll 2006-10-24 20:12 7680 --a------ C:\WINDOWS\system32\asferror.dll 2006-10-24 10:17 48424 --a------ C:\WINDOWS\system32\sirenacm.dll 2006-10-18 23:04 44032 --------- C:\WINDOWS\system32\wpdshextres.dll 2006-10-18 22:58 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe 2006-10-18 22:58 8704 --a------ C:\WINDOWS\system32\uwdf.exe 2006-10-18 22:47 991744 --a------ C:\WINDOWS\system32\drmv2clt.dll 2006-10-18 22:47 937984 --a------ C:\WINDOWS\system32\WMNetMgr.dll 2006-10-18 22:47 767488 --------- C:\WINDOWS\system32\WMVSENCD.dll 2006-10-18 22:47 757248 --a------ C:\WINDOWS\system32\wmadmod.dll 2006-10-18 22:47 656896 --------- C:\WINDOWS\system32\WMVXENCD.dll 2006-10-18 22:47 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll 2006-10-18 22:47 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll 2006-10-18 22:47 613376 --------- C:\WINDOWS\system32\wmpmde.dll 2006-10-18 22:47 603648 --a------ C:\WINDOWS\system32\WMSPDMOD.dll 2006-10-18 22:47 542720 --a------ C:\WINDOWS\system32\blackbox.dll 2006-10-18 22:47 535040 --------- C:\WINDOWS\system32\wmdrmsdk.dll 2006-10-18 22:47 429056 --a------ C:\WINDOWS\system32\wmdrmdev.dll 2006-10-18 22:47 414208 --a------ C:\WINDOWS\system32\msscp.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\WMVADVE.DLL 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\WMVADVD.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\wdfapi.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\MPG4DMOD.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\MP4SDMOD.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\MP43DMOD.dll 2006-10-18 22:47 37376 --a------ C:\WINDOWS\system32\wmdmps.dll 2006-10-18 22:47 35840 --a------ C:\WINDOWS\system32\wpdconns.dll 2006-10-18 22:47 356352 --a------ C:\WINDOWS\system32\wpdsp.dll 2006-10-18 22:47 348672 --a------ C:\WINDOWS\system32\wmdrmnet.dll 2006-10-18 22:47 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll 2006-10-18 22:47 321536 --a------ C:\WINDOWS\system32\mswmdm.dll 2006-10-18 22:47 317440 --------- C:\WINDOWS\system32\MP4SDECD.dll 2006-10-18 22:47 314880 --a------ C:\WINDOWS\system32\wmpdxm.dll 2006-10-18 22:47 295936 --------- C:\WINDOWS\system32\wmpeffects.dll 2006-10-18 22:47 284160 --------- C:\WINDOWS\system32\PortableDeviceApi.dll 2006-10-18 22:47 276992 --a------ C:\WINDOWS\system32\audiodev.dll 2006-10-18 22:47 27136 --a------ C:\WINDOWS\system32\mspmsnsv.dll 2006-10-18 22:47 2603008 --------- C:\WINDOWS\system32\WpdShext.dll 2006-10-18 22:47 259072 --------- C:\WINDOWS\system32\MPG4DECD.dll 2006-10-18 22:47 259072 --------- C:\WINDOWS\system32\MP43DECD.dll 2006-10-18 22:47 2450944 --a------ C:\WINDOWS\system32\wmvcore.dll 2006-10-18 22:47 242688 --a------ C:\WINDOWS\system32\wmpasf.dll 2006-10-18 22:47 229376 --a------ C:\WINDOWS\system32\cewmdm.dll 2006-10-18 22:47 222208 --a------ C:\WINDOWS\system32\wmasf.dll 2006-10-18 22:47 212992 --------- C:\WINDOWS\system32\MFPLAT.dll 2006-10-18 22:47 211456 --a------ C:\WINDOWS\system32\qasf.dll 2006-10-18 22:47 204288 --a------ C:\WINDOWS\system32\wmpsrcwp.dll 2006-10-18 22:47 199168 --------- C:\WINDOWS\system32\PortableDeviceWMDRM.dll 2006-10-18 22:47 179712 --a------ C:\WINDOWS\system32\msnetobj.dll 2006-10-18 22:47 175616 --a------ C:\WINDOWS\system32\mspmsp.dll 2006-10-18 22:47 166912 --------- C:\WINDOWS\system32\PortableDeviceTypes.dll 2006-10-18 22:47 1661440 --a------ C:\WINDOWS\system32\wmpencen.dll 2006-10-18 22:47 1574912 --------- C:\WINDOWS\system32\WMVENCOD.dll 2006-10-18 22:47 157184 --a------ C:\WINDOWS\system32\wmidx.dll 2006-10-18 22:47 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll 2006-10-18 22:47 1543680 --------- C:\WINDOWS\system32\WMVDECOD.dll 2006-10-18 22:47 1382912 --------- C:\WINDOWS\system32\WMVSDECD.dll 2006-10-18 22:47 133632 --------- C:\WINDOWS\system32\WPDShServiceObj.dll 2006-10-18 22:47 1329152 --a------ C:\WINDOWS\system32\WMSPDMOE.dll 2006-10-18 22:47 132096 --------- C:\WINDOWS\system32\PortableDeviceWiaCompat.dll 2006-10-18 22:47 130048 --------- C:\WINDOWS\system32\wmpps.dll 2006-10-18 22:47 11264 --a------ C:\WINDOWS\system32\LAPRXY.dll 2006-10-18 22:47 1117696 --a------ C:\WINDOWS\system32\WMADMOE.dll 2006-10-18 22:47 101888 --------- C:\WINDOWS\system32\PortableDeviceClassExtension.dll 2006-10-18 21:03 100864 --a------ C:\WINDOWS\system32\logagent.exe 2006-10-18 21:00 38528 --a------ C:\WINDOWS\system32\drivers\wpdusb.sys 2006-10-18 21:00 249856 --------- C:\WINDOWS\system32\drmupgds.exe 2006-10-18 21:00 17408 --------- C:\WINDOWS\system32\wpdshextautoplay.exe 2006-10-17 12:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll 2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll 2006-10-17 12:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe 2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll 2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll 2006-10-17 12:03 17408 --a------ C:\WINDOWS\system32\corpol.dll 2006-10-17 11:58 61952 --------- C:\WINDOWS\system32\icardie.dll 2006-10-17 11:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe 2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll 2006-10-17 11:57 266752 --------- C:\WINDOWS\system32\iertutil.dll 2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe 2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll 2006-10-17 11:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll 2006-10-14 05:56 -------- d-------- C:\Program Files\TomTom HOME 2006-10-13 13:36 145920 --a------ C:\WINDOWS\system32\nwprovau.dll 2006-10-12 14:37 -------- d-------- C:\Program Files\OpenOffice.org 2.0 2006-10-12 14:34 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Cimaware 2006-10-12 14:00 -------- d-------- C:\Program Files\Microsoft ActiveSync 2006-10-11 15:20 -------- d-------- C:\Program Files\Java 2006-10-11 15:20 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Sun 2006-10-11 15:16 -------- d-------- C:\Program Files\Fichiers communs\Java 2006-10-10 15:56 56 -r-hsc--- C:\WINDOWS\system32\08E6234D82.sys 2006-10-10 15:56 1890 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys 2006-10-02 15:28 312128 --------- C:\WINDOWS\system32\msdelta.dll 2006-09-28 20:13 95344 --------- C:\WINDOWS\system32\WUDFCoinstaller.dll 2006-09-28 18:56 55808 --------- C:\WINDOWS\system32\WudfSvc.dll 2006-09-28 18:56 316416 --------- C:\WINDOWS\system32\WUDFx.dll 2006-09-28 18:56 165376 --------- C:\WINDOWS\system32\WudfPlatform.dll 2006-09-28 18:56 146432 --------- C:\WINDOWS\system32\WudfHost.exe 2006-09-27 12:41 22634 --a------ C:\Documents and Settings\Olivier Kerr\Application Data\Microsoft Excel.ADR 2006-09-27 12:20 574 --a--c--- C:\Documents and Settings\Olivier Kerr\Application Data\BCMMappings.xml 2006-09-27 12:20 1881 --a--c--- C:\Documents and Settings\Olivier Kerr\Application Data\Liste ERU.xls.102821281.xml 2006-09-25 17:58 23856 --a------ C:\WINDOWS\system32\spupdsvc.exe 2006-09-19 15:43 109360 --a------ C:\WINDOWS\system32\GEARAspi.dll 2006-09-17 09:13 0 --a--c--- C:\Documents and Settings\Olivier Kerr\Application Data\wklnhst.dat 2006-09-13 06:03 1084416 --a------ C:\WINDOWS\system32\msxml3.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "fsc-reminder.exe"="C:\\WINDOWS\\reminder\\fsc-reminder.exe 2454079 2" "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background" "H/PC Connection Agent"="\"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe\"" "WMPNSCFG"="\"C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe\"" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay" "RTHDCPL"="RTHDCPL.EXE" "SMSERIAL"="sm56hlpr.exe" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\"" "type32"="\"C:\\Program Files\\Microsoft IntelliType Pro\\type32.exe\"" "IntelliPoint"="\"C:\\Program Files\\Microsoft IntelliPoint\\point32.exe\"" "Xerox_WorkCenter_C2424"="\"C:\\Program Files\\Xerox\\WorkCentre C2424\\xc24bgts.exe\" 1" "BluetoothAuthenticationAgent"="\"rundll32.exe\" bthprops.cpl,,BluetoothAuthenticationAgent" "TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe\"" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\"" "Symantec NetDriver Monitor"="\"C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe\" /Consumer" "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000000 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="Groove GFS Stub Execution Hook" "{56F9679E-7826-4C84-81F3-532071A8BCC5}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=hex:95,00,00,00 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\Symantec NetDetect.job C:\WINDOWS\tasks\User_Feed_Synchronization-{20E9E16D-58E2-4482-BA50-36F78785A623}.job Completion time: 06-12-11 11:50:13.90 C:\ComboFix.txt ... 06-12-11 11:50 SDFix: Version 1.46 **************** 11/12/2006 - 11:36:00,03 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Stage One - Safe Mode Checking For Trojan Services... Service Name: SVKP File Path: \??\C:\WINDOWS\system32\SVKP.sys SVKP Deleted... Starting Registry Repairs... Restoring Default Hosts File... Stage One Complete Rebooting... Stage Two - Normal Mode Checking For Malware: -------------------- C:\WINDOWS\system32\SVKP.SYS Backing Up and Removing any Files Found... Final Check: Services: --------- Authorized Applications Key Export: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] Files: ------ Backups Folder: - C:\SDFix\backups\backups.zip Checking for files with Hidden Attributes: C:\Program Files\Fichiers communs\Adobe\ESD\DLMCleanup.exe C:\Program Files\Messenger\Msmsgs.exe C:\recover\WINDOWS\system32\cdplayer.exe.manifest C:\recover\WINDOWS\system32\logonui.exe.manifest C:\WINDOWS\system32\cdplayer.exe.manifest C:\WINDOWS\system32\logonui.exe.manifest C:\hiberfil.sys C:\IO.SYS C:\MSDOS.SYS C:\pagefile.sys C:\recover\IO.SYS C:\recover\MSDOS.SYS C:\WINDOWS\system32\08E6234D82.sys C:\WINDOWS\system32\KGyGaAvL.sys C:\Documents and Settings\All Users\DRM\Cache\Indiv03.tmp C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\304234ac6fe4a37aee38bc67f3b5f916\download\BITF.tmp C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\71854a7649fb31aea445d659d7d7630b\download\BITE.tmp FINISHED! Ad-Aware SE Build 1.06r1 Logfile Created on:lundi 11 décembre 2006 09:49:11 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R137 06.12.2006 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» MRU List(TAC index:0):5 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 11-12-2006 09:49:11 - Scan started. (Full System Scan) MRU List Object Recognized! Location: : C:\Documents and Settings\Olivier Kerr\recent Description : list of recently opened documents MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : S-1-5-21-1384290738-297610903-3600507398-1007\software\microsoft\windows media\wmsdk\general Description : windows media sdk Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 1176 ThreadCreationTime : 11-12-2006 08:47:38 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 1256 ThreadCreationTime : 11-12-2006 08:47:40 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 1340 ThreadCreationTime : 11-12-2006 08:47:44 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1384 ThreadCreationTime : 11-12-2006 08:47:44 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Système d'exploitation Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Applications Services et Contrôleur InternalName : services.exe LegalCopyright : © Microsoft Corporation. Tous droits réservés. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1396 ThreadCreationTime : 11-12-2006 08:47:44 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [ati2evxx.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1564 ThreadCreationTime : 11-12-2006 08:47:45 BasePriority : Normal FileVersion : 6.14.10.4132 ProductVersion : 6.14.10.4132 ProductName : ATI External Event Utility for WindowsNT and Windows9X CompanyName : ATI Technologies Inc. FileDescription : ATI External Event Utility EXE Module InternalName : ATI2EVXX.EXE LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc. OriginalFilename : ATI2EVXX.EXE #:7 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1580 ThreadCreationTime : 11-12-2006 08:47:45 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1648 ThreadCreationTime : 11-12-2006 08:47:45 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1844 ThreadCreationTime : 11-12-2006 08:47:45 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 136 ThreadCreationTime : 11-12-2006 08:47:45 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:11 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 252 ThreadCreationTime : 11-12-2006 08:47:45 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:12 [ccproxy.exe] FilePath : C:\Program Files\Fichiers communs\Symantec Shared\ ProcessID : 672 ThreadCreationTime : 11-12-2006 08:47:46 BasePriority : Normal FileVersion : 103.0.1.26 ProductVersion : 103.0.1.26 ProductName : Client and Host Security Platform CompanyName : Symantec Corporation FileDescription : Symantec Network Proxy Service InternalName : ccProxy LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved. OriginalFilename : ccProxy.exe #:13 [ccsetmgr.exe] FilePath : C:\Program Files\Fichiers communs\Symantec Shared\ ProcessID : 696 ThreadCreationTime : 11-12-2006 08:47:46 BasePriority : Normal FileVersion : 103.0.7.2 ProductVersion : 103.0.7.2 ProductName : Client and Host Security Platform CompanyName : Symantec Corporation FileDescription : Symantec Settings Manager Service InternalName : ccSetMgr LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved. OriginalFilename : ccSetMgr.exe #:14 [ccevtmgr.exe] FilePath : C:\Program Files\Fichiers communs\Symantec Shared\ ProcessID : 720 ThreadCreationTime : 11-12-2006 08:47:47 BasePriority : Normal FileVersion : 103.0.7.2 ProductVersion : 103.0.7.2 ProductName : Client and Host Security Platform CompanyName : Symantec Corporation FileDescription : Symantec Event Manager Service InternalName : ccEvtMgr LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved. OriginalFilename : ccEvtMgr.exe #:15 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 912 ThreadCreationTime : 11-12-2006 08:47:48 BasePriority : Normal FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519) ProductVersion : 5.1.2600.2696 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:16 [aswupdsv.exe] FilePath : C:\Program Files\Alwil Software\Avast4\ ProcessID : 556 ThreadCreationTime : 11-12-2006 08:47:55 BasePriority : Normal #:17 [ashserv.exe] FilePath : C:\Program Files\Alwil Software\Avast4\ ProcessID : 564 ThreadCreationTime : 11-12-2006 08:47:55 BasePriority : High FileVersion : 4, 7, 889, 0 ProductVersion : 4, 7, 0, 0 ProductName : avast! Antivirus FileDescription : avast! antivirus service InternalName : aswServ LegalCopyright : Copyright © 2006 ALWIL Software OriginalFilename : aswServ.exe #:18 [ati2evxx.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 944 ThreadCreationTime : 11-12-2006 08:47:55 BasePriority : Normal FileVersion : 6.14.10.4132 ProductVersion : 6.14.10.4132 ProductName : ATI External Event Utility for WindowsNT and Windows9X CompanyName : ATI Technologies Inc. FileDescription : ATI External Event Utility EXE Module InternalName : ATI2EVXX.EXE LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc. OriginalFilename : ATI2EVXX.EXE #:19 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1120 ThreadCreationTime : 11-12-2006 08:47:55 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:20 [cvpnd.exe] FilePath : C:\Program Files\Cisco Systems\VPN Client\ ProcessID : 1196 ThreadCreationTime : 11-12-2006 08:47:55 BasePriority : Normal FileVersion : 4.0.2 (A) ProductVersion : 4.0.2 (A) ProductName : Cisco Systems VPN Client CompanyName : Cisco Systems, Inc. FileDescription : Cisco Systems VPN Client InternalName : cvpnd LegalCopyright : Copyright © 1998-2003 Cisco Systems, Inc. OriginalFilename : CVPND.EXE #:21 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1316 ThreadCreationTime : 11-12-2006 08:47:55 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:22 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 1528 ThreadCreationTime : 11-12-2006 08:47:55 BasePriority : Normal FileVersion : 6.00.2900.2649 (xpsp.050406-1732) ProductVersion : 6.00.2900.2649 ProductName : Système d'exploitation Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Explorateur Windows InternalName : explorer LegalCopyright : © Microsoft Corporation. Tous droits réservés. OriginalFilename : EXPLORER.EXE #:23 [mdm.exe] FilePath : C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\ ProcessID : 1728 ThreadCreationTime : 11-12-2006 08:47:56 BasePriority : Normal FileVersion : 7.00.9466 ProductVersion : 7.00.9466 ProductName : Microsoft® Visual Studio .NET CompanyName : Microsoft Corporation FileDescription : Machine Debug Manager InternalName : mdm.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : mdm.exe #:24 [o2flash.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 488 ThreadCreationTime : 11-12-2006 08:47:59 BasePriority : Normal #:25 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1116 ThreadCreationTime : 11-12-2006 08:47:59 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:26 [symlcsvc.exe] FilePath : C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\ ProcessID : 356 ThreadCreationTime : 11-12-2006 08:48:01 BasePriority : Normal FileVersion : 1, 8, 54, 534 ProductVersion : 1, 8, 54, 534 ProductName : Symantec Core Component CompanyName : Symantec Corporation FileDescription : Symantec Core Component InternalName : symlcsvc LegalCopyright : Copyright © 2003 OriginalFilename : symlcsvc.exe #:27 [winvnc4.exe] FilePath : C:\Program Files\RealVNC\VNC4\ ProcessID : 156 ThreadCreationTime : 11-12-2006 08:48:01 BasePriority : Normal FileVersion : 4.1.2 ProductVersion : 4.1.2 ProductName : VNC Server Free Edition CompanyName

Bonjour, Merci pour ton aide. JE n'ai bien qu'un antivirus c'est AVAST NORTON c'est juste norton antispam. livier Kerr - 06-12-10 7:22:01,01 Service Pack 2 ComboFix 06.11.27W - Running from: "C:\Documents and Settings\Olivier Kerr\Bureau" ((((((((((((((((((((((((((((((( Files Created from 2006-11-10 to 2006-12-10 )))))))))))))))))))))))))))))))))) 2006-12-10 01:04 <REP> d-------- C:\!KillBox 2006-12-09 18:38 <REP> d-------- C:\WINDOWS\system32\bfubackups 2006-12-09 18:14 <REP> d--hs---- C:\Documents and Settings\Olivier Kerr\Recent 2006-12-09 18:09 <REP> d-------- C:\Navipromo 2006-12-09 17:58 <REP> d-------- C:\BFU 2006-12-09 09:46 <REP> d-------- C:\Program Files\Microids 2006-12-09 09:46 <REP> d-------- C:\Program Files\directx 2006-12-09 08:38 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr 2006-12-09 08:38 87,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2006-12-09 08:38 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2006-12-09 08:38 666,240 --a------ C:\WINDOWS\system32\aswBoot.exe 2006-12-09 08:38 36,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2006-12-09 08:38 24,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2006-12-09 08:38 16,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2006-12-09 08:38 <REP> d-------- C:\Program Files\Alwil Software 2006-12-08 17:27 126,996 --a------ C:\WINDOWS\system32\gmrhqlvr.dll 2006-12-08 17:27 126,996 --a------ C:\WINDOWS\system32\fmdbngqh.dll 2006-12-08 17:26 88,340 --a------ C:\WINDOWS\system32\yrsxfbdk.exe 2006-12-08 16:06 72,704 --a------ C:\WINDOWS\system32\drvmac.dll 2006-12-08 13:58 684,032 --a------ C:\WINDOWS\system32\libeay32.dll 2006-12-08 13:58 155,648 --a------ C:\WINDOWS\system32\ssleay32.dll 2006-12-08 13:15 2,548 --a------ C:\WINDOWS\system32\tmp.reg 2006-12-08 13:14 <REP> d-------- C:\Program Files\Lavasoft 2006-12-08 13:14 <REP> d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Lavasoft 2006-12-08 13:13 <REP> d-------- C:\Program Files\CCleaner 2006-12-08 12:37 <REP> d--hs---- C:\Config.Msi 2006-12-08 12:31 72,704 --a------ C:\WINDOWS\system32\drvcav.dll 2006-12-08 11:19 72,704 --a------ C:\WINDOWS\system32\drvkiw.dll 2006-12-08 10:45 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2006-12-08 10:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2006-12-08 09:46 126,996 --a------ C:\WINDOWS\system32\lexsktdp.dll 2006-12-08 09:45 88,340 --a------ C:\WINDOWS\system32\twxjrbge.exe 2006-12-08 09:45 42,516 --a------ C:\WINDOWS\system32\kvcvkugb.dll 2006-12-08 09:42 2 --a------ C:\WINDOWS\system32\wnsapisv.exe 2006-12-08 09:41 93,696 --a------ C:\WINDOWS\system32\frsvabb.dll 2006-12-08 09:41 71,680 --a------ C:\WINDOWS\system32\viyjhai.dll 2006-12-08 09:40 72,704 --a------ C:\WINDOWS\system32\drvcep.dll 2006-12-06 22:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\pixelStorm 2006-12-03 19:27 <REP> d-------- C:\MI3 2006-12-03 18:55 86,016 --a------ C:\WINDOWS\unvise32.exe 2006-12-03 18:55 209,636 --a------ C:\WINDOWS\IPUI_DivXG400.exe 2006-12-03 18:55 <REP> d-------- C:\Program Files\Morgan 2006-12-03 18:55 <REP> d-------- C:\Program Files\DivX 2006-12-03 18:54 <REP> d-------- C:\Program Files\Rippackv3 2006-12-03 18:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink 2006-11-27 22:58 28,672 --a------ C:\WINDOWS\system32\AVEQ.dll 2006-11-27 22:58 242,176 --a------ C:\WINDOWS\system32\fixflash.exe 2006-11-27 22:58 2,368 --a------ C:\WINDOWS\system32\SVKP.sys 2006-11-27 22:58 <REP> d-------- C:\Program Files\Allok Video to FLV Converter 2006-11-27 22:58 <REP> d-------- C:\AllokFLVFolder 2006-11-27 19:39 <REP> d-------- C:\Documents and Settings\Olivier Kerr\.GalleryRemote 2006-11-27 11:23 <REP> d-------- C:\Documents and Settings\Olivier Kerr\Application Data\XnView 2006-11-27 11:21 <REP> d-------- C:\Program Files\XnView 2006-11-24 19:49 <REP> d-------- C:\Documents and Settings\Olivier Kerr\Application Data\HAPedit 2006-11-24 08:51 <REP> d--h-c--- C:\WINDOWS\ie7 2006-11-22 15:22 <REP> d-------- C:\Documents and Settings\Olivier Kerr\.thumbnails 2006-11-22 14:20 <REP> d-------- C:\Documents and Settings\Olivier Kerr\.gimp-2.2 2006-11-22 14:15 <REP> d-------- C:\Program Files\Gimp 2006-11-22 11:13 <REP> d-------- C:\Program Files\GIMP-2.0 2006-11-21 21:41 72,192 --a------ C:\WINDOWS\unlite3.exe 2006-11-21 16:14 <REP> d-------- C:\Program Files\FileZilla 2006-11-19 21:48 <REP> d-------- C:\Program Files\Photo Story 3 for Windows 2006-11-14 07:05 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys 2006-11-12 18:47 <REP> d-------- C:\Documents and Settings\Olivier Kerr\Application Data\CyberLink 2006-11-12 18:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\CyberLink 2006-11-10 11:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Adobe (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-12-10 07:16 -------- d-------- C:\Program Files\Fichiers communs 2006-12-08 12:43 -------- d-------- C:\Program Files\Microsoft.NET 2006-12-08 12:43 -------- d-------- C:\Program Files\Fichiers communs\Microsoft Shared 2006-12-08 12:37 -------- d-------- C:\Program Files\Microsoft Small Business 2006-12-08 12:16 -------- d-------- C:\Program Files\Fichiers communs\Adobe 2006-12-08 12:16 -------- d-------- C:\Program Files\Adobe 2006-12-08 12:13 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Adobe 2006-12-08 11:25 -------- d-------- C:\Program Files\Windows Media Player 2006-12-08 11:25 -------- d-------- C:\Program Files\Outlook Express 2006-12-07 16:36 12999 --a------ C:\Documents and Settings\Olivier Kerr\Application Data\Microsoft Excel 97-2003.CAL 2006-12-05 20:49 -------- d-------- C:\Program Files\Fichiers communs\Symantec Shared 2006-12-01 14:02 -------- d---s---- C:\Documents and Settings\Olivier Kerr\Application Data\Microsoft 2006-11-26 15:02 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\OpenOffice.org2 2006-11-24 08:55 -------- d-------- C:\Program Files\Internet Explorer 2006-11-18 19:00 -------- d-------- C:\Program Files\SimpleOCR 2006-11-18 18:34 -------- d-------- C:\Program Files\Mozilla Firefox 2006-11-10 11:18 869 --a------ C:\Documents and Settings\Olivier Kerr\Application Data\AdobeDLM.log 2006-11-10 11:18 0 --a------ C:\Documents and Settings\Olivier Kerr\Application Data\dm.ini 2006-11-10 11:06 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\AdobeUM 2006-11-10 09:25 -------- d-------- C:\Program Files\MUTAVISION © 2006-11-09 11:02 -------- d-------- C:\Program Files\SymNetDrv 2006-11-09 10:57 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Symantec 2006-11-09 10:43 -------- d-------- C:\Program Files\Norton AntiSpam 2006-11-09 10:42 4608 --a------ C:\WINDOWS\system32\drivers\symlcbrd.sys 2006-11-09 10:41 -------- d-------- C:\Program Files\Symantec 2006-11-07 21:03 6049280 --------- C:\WINDOWS\system32\ieframe.dll 2006-11-07 21:03 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll 2006-11-07 21:03 458752 --------- C:\WINDOWS\system32\msfeeds.dll 2006-11-07 21:03 413696 --a------ C:\WINDOWS\system32\vbscript.dll 2006-11-07 21:03 231424 --a------ C:\WINDOWS\system32\webcheck.dll 2006-11-07 21:03 180736 --------- C:\WINDOWS\system32\ieui.dll 2006-11-07 21:03 156160 --a------ C:\WINDOWS\system32\msls31.dll 2006-11-07 03:27 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll 2006-11-07 03:27 229376 --a------ C:\WINDOWS\system32\ieaksie.dll 2006-11-07 03:26 71680 --a------ C:\WINDOWS\system32\admparse.dll 2006-11-07 03:26 55296 --a------ C:\WINDOWS\system32\iesetup.dll 2006-11-07 03:26 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe 2006-11-07 03:26 43008 --a------ C:\WINDOWS\system32\iernonce.dll 2006-11-07 03:26 152064 --a------ C:\WINDOWS\system32\ieakeng.dll 2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe 2006-11-07 03:26 123904 --a------ C:\WINDOWS\system32\advpack.dll 2006-11-07 03:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll 2006-11-06 22:09 -------- d-------- C:\Program Files\WinRAR 2006-11-05 20:28 -------- d-------- C:\Program Files\iTunes 2006-11-05 20:28 -------- d-------- C:\Program Files\iPod 2006-11-05 20:28 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Apple Computer 2006-11-05 20:27 -------- d-------- C:\Program Files\QuickTime 2006-11-04 20:25 1321744 --a------ C:\WINDOWS\system32\msxml6.dll 2006-11-03 23:59 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Delivery 2006-11-03 17:22 51972 --a------ C:\WINDOWS\BricoPackUninst.cmd 2006-11-03 17:22 3059 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd 2006-11-03 17:22 219648 --a------ C:\WINDOWS\system32\uxtheme.dll 2006-11-03 10:39 74752 --a------ C:\WINDOWS\ST6UNST.EXE 2006-11-03 10:39 253952 --------- C:\WINDOWS\Setup1.exe 2006-11-03 10:35 -------- d-------- C:\Program Files\Fichiers communs\DESIGNER 2006-11-02 15:03 -------- d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2006-11-02 07:43 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Macromedia 2006-10-31 18:52 -------- d-------- C:\Program Files\MSN Messenger 2006-10-31 18:12 -------- d-------- C:\Program Files\Windows Media Connect 2 2006-10-30 11:24 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Google 2006-10-30 11:23 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-10-30 11:23 -------- d-------- C:\Program Files\Google 2006-10-30 11:23 -------- d-------- C:\Program Files\Fichiers communs\InstallShield 2006-10-24 20:35 8292352 --a------ C:\WINDOWS\system32\wmploc.dll 2006-10-24 20:14 99840 --a------ C:\WINDOWS\system32\wmpshell.dll 2006-10-24 20:14 272384 --a------ C:\WINDOWS\system32\wmerror.dll 2006-10-24 20:12 7680 --a------ C:\WINDOWS\system32\asferror.dll 2006-10-24 10:17 48424 --a------ C:\WINDOWS\system32\sirenacm.dll 2006-10-18 23:04 44032 --------- C:\WINDOWS\system32\wpdshextres.dll 2006-10-18 22:58 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe 2006-10-18 22:58 8704 --a------ C:\WINDOWS\system32\uwdf.exe 2006-10-18 22:47 991744 --a------ C:\WINDOWS\system32\drmv2clt.dll 2006-10-18 22:47 937984 --a------ C:\WINDOWS\system32\WMNetMgr.dll 2006-10-18 22:47 767488 --------- C:\WINDOWS\system32\WMVSENCD.dll 2006-10-18 22:47 757248 --a------ C:\WINDOWS\system32\wmadmod.dll 2006-10-18 22:47 656896 --------- C:\WINDOWS\system32\WMVXENCD.dll 2006-10-18 22:47 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll 2006-10-18 22:47 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll 2006-10-18 22:47 613376 --------- C:\WINDOWS\system32\wmpmde.dll 2006-10-18 22:47 603648 --a------ C:\WINDOWS\system32\WMSPDMOD.dll 2006-10-18 22:47 542720 --a------ C:\WINDOWS\system32\blackbox.dll 2006-10-18 22:47 535040 --------- C:\WINDOWS\system32\wmdrmsdk.dll 2006-10-18 22:47 429056 --a------ C:\WINDOWS\system32\wmdrmdev.dll 2006-10-18 22:47 414208 --a------ C:\WINDOWS\system32\msscp.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\WMVADVE.DLL 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\WMVADVD.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\wdfapi.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\MPG4DMOD.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\MP4SDMOD.dll 2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\MP43DMOD.dll 2006-10-18 22:47 37376 --a------ C:\WINDOWS\system32\wmdmps.dll 2006-10-18 22:47 35840 --a------ C:\WINDOWS\system32\wpdconns.dll 2006-10-18 22:47 356352 --a------ C:\WINDOWS\system32\wpdsp.dll 2006-10-18 22:47 348672 --a------ C:\WINDOWS\system32\wmdrmnet.dll 2006-10-18 22:47 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll 2006-10-18 22:47 321536 --a------ C:\WINDOWS\system32\mswmdm.dll 2006-10-18 22:47 317440 --------- C:\WINDOWS\system32\MP4SDECD.dll 2006-10-18 22:47 314880 --a------ C:\WINDOWS\system32\wmpdxm.dll 2006-10-18 22:47 295936 --------- C:\WINDOWS\system32\wmpeffects.dll 2006-10-18 22:47 284160 --------- C:\WINDOWS\system32\PortableDeviceApi.dll 2006-10-18 22:47 276992 --a------ C:\WINDOWS\system32\audiodev.dll 2006-10-18 22:47 27136 --a------ C:\WINDOWS\system32\mspmsnsv.dll 2006-10-18 22:47 2603008 --------- C:\WINDOWS\system32\WpdShext.dll 2006-10-18 22:47 259072 --------- C:\WINDOWS\system32\MPG4DECD.dll 2006-10-18 22:47 259072 --------- C:\WINDOWS\system32\MP43DECD.dll 2006-10-18 22:47 2450944 --a------ C:\WINDOWS\system32\wmvcore.dll 2006-10-18 22:47 242688 --a------ C:\WINDOWS\system32\wmpasf.dll 2006-10-18 22:47 229376 --a------ C:\WINDOWS\system32\cewmdm.dll 2006-10-18 22:47 222208 --a------ C:\WINDOWS\system32\wmasf.dll 2006-10-18 22:47 212992 --------- C:\WINDOWS\system32\MFPLAT.dll 2006-10-18 22:47 211456 --a------ C:\WINDOWS\system32\qasf.dll 2006-10-18 22:47 204288 --a------ C:\WINDOWS\system32\wmpsrcwp.dll 2006-10-18 22:47 199168 --------- C:\WINDOWS\system32\PortableDeviceWMDRM.dll 2006-10-18 22:47 179712 --a------ C:\WINDOWS\system32\msnetobj.dll 2006-10-18 22:47 175616 --a------ C:\WINDOWS\system32\mspmsp.dll 2006-10-18 22:47 166912 --------- C:\WINDOWS\system32\PortableDeviceTypes.dll 2006-10-18 22:47 1661440 --a------ C:\WINDOWS\system32\wmpencen.dll 2006-10-18 22:47 1574912 --------- C:\WINDOWS\system32\WMVENCOD.dll 2006-10-18 22:47 157184 --a------ C:\WINDOWS\system32\wmidx.dll 2006-10-18 22:47 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll 2006-10-18 22:47 1543680 --------- C:\WINDOWS\system32\WMVDECOD.dll 2006-10-18 22:47 1382912 --------- C:\WINDOWS\system32\WMVSDECD.dll 2006-10-18 22:47 133632 --------- C:\WINDOWS\system32\WPDShServiceObj.dll 2006-10-18 22:47 1329152 --a------ C:\WINDOWS\system32\WMSPDMOE.dll 2006-10-18 22:47 132096 --------- C:\WINDOWS\system32\PortableDeviceWiaCompat.dll 2006-10-18 22:47 130048 --------- C:\WINDOWS\system32\wmpps.dll 2006-10-18 22:47 11264 --a------ C:\WINDOWS\system32\LAPRXY.dll 2006-10-18 22:47 1117696 --a------ C:\WINDOWS\system32\WMADMOE.dll 2006-10-18 22:47 101888 --------- C:\WINDOWS\system32\PortableDeviceClassExtension.dll 2006-10-18 21:03 100864 --a------ C:\WINDOWS\system32\logagent.exe 2006-10-18 21:00 38528 --a------ C:\WINDOWS\system32\drivers\wpdusb.sys 2006-10-18 21:00 249856 --------- C:\WINDOWS\system32\drmupgds.exe 2006-10-18 21:00 17408 --------- C:\WINDOWS\system32\wpdshextautoplay.exe 2006-10-17 12:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll 2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll 2006-10-17 12:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe 2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll 2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll 2006-10-17 12:03 17408 --a------ C:\WINDOWS\system32\corpol.dll 2006-10-17 11:58 61952 --------- C:\WINDOWS\system32\icardie.dll 2006-10-17 11:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe 2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll 2006-10-17 11:57 266752 --------- C:\WINDOWS\system32\iertutil.dll 2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe 2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll 2006-10-17 11:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll 2006-10-14 05:56 -------- d-------- C:\Program Files\TomTom HOME 2006-10-13 13:36 145920 --a------ C:\WINDOWS\system32\nwprovau.dll 2006-10-12 14:37 -------- d-------- C:\Program Files\OpenOffice.org 2.0 2006-10-12 14:34 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Cimaware 2006-10-12 14:00 -------- d-------- C:\Program Files\Microsoft ActiveSync 2006-10-11 15:20 -------- d-------- C:\Program Files\Java 2006-10-11 15:20 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\Sun 2006-10-11 15:16 -------- d-------- C:\Program Files\Fichiers communs\Java 2006-10-10 15:56 56 -r-hsc--- C:\WINDOWS\system32\08E6234D82.sys 2006-10-10 15:56 1890 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys 2006-10-10 15:55 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\IsolatedStorage 2006-10-10 15:49 -------- d-------- C:\Documents and Settings\Olivier Kerr\Application Data\ACT 2006-10-10 15:47 -------- d--h----- C:\Program Files\Uninstall Information 2006-10-10 15:45 -------- d-------- C:\Program Files\Microsoft SQL Server 2006-10-02 15:28 312128 --------- C:\WINDOWS\system32\msdelta.dll 2006-09-28 20:13 95344 --------- C:\WINDOWS\system32\WUDFCoinstaller.dll 2006-09-28 18:56 55808 --------- C:\WINDOWS\system32\WudfSvc.dll 2006-09-28 18:56 316416 --------- C:\WINDOWS\system32\WUDFx.dll 2006-09-28 18:56 165376 --------- C:\WINDOWS\system32\WudfPlatform.dll 2006-09-28 18:56 146432 --------- C:\WINDOWS\system32\WudfHost.exe 2006-09-27 12:41 22634 --a------ C:\Documents and Settings\Olivier Kerr\Application Data\Microsoft Excel.ADR 2006-09-27 12:20 574 --a--c--- C:\Documents and Settings\Olivier Kerr\Application Data\BCMMappings.xml 2006-09-27 12:20 1881 --a--c--- C:\Documents and Settings\Olivier Kerr\Application Data\Liste ERU.xls.102821281.xml 2006-09-25 17:58 23856 --a------ C:\WINDOWS\system32\spupdsvc.exe 2006-09-19 15:43 109360 --a------ C:\WINDOWS\system32\GEARAspi.dll 2006-09-17 09:13 0 --a--c--- C:\Documents and Settings\Olivier Kerr\Application Data\wklnhst.dat 2006-09-13 06:03 1084416 --a------ C:\WINDOWS\system32\msxml3.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "fsc-reminder.exe"="C:\\WINDOWS\\reminder\\fsc-reminder.exe 2454079 2" "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background" "H/PC Connection Agent"="\"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe\"" "WMPNSCFG"="\"C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe\"" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay" "RTHDCPL"="RTHDCPL.EXE" "Alcmtr"="ALCMTR.EXE" "SMSERIAL"="sm56hlpr.exe" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\"" "type32"="\"C:\\Program Files\\Microsoft IntelliType Pro\\type32.exe\"" "IntelliPoint"="\"C:\\Program Files\\Microsoft IntelliPoint\\point32.exe\"" "Xerox_WorkCenter_C2424"="\"C:\\Program Files\\Xerox\\WorkCentre C2424\\xc24bgts.exe\" 1" "BluetoothAuthenticationAgent"="\"rundll32.exe\" bthprops.cpl,,BluetoothAuthenticationAgent" "TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe\"" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\"" "Symantec NetDriver Monitor"="\"C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe\" /Consumer" "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000000 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="Groove GFS Stub Execution Hook" "{56F9679E-7826-4C84-81F3-532071A8BCC5}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=hex:95,00,00,00 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OdysseyClient [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\Symantec NetDetect.job C:\WINDOWS\tasks\User_Feed_Synchronization-{20E9E16D-58E2-4482-BA50-36F78785A623}.job Completion time: 06-12-10 7:22:50.95 C:\ComboFix.txt ... 06-12-10 07:22 C:\ComboFix2.txt ... 06-12-09 16:02 Hijackthis 2007 Microsoft Office System Primary Interop Assemblies (Beta) Ad-Aware SE Personal Adobe Download Manager 2.0 (Supprimer uniquement) Adobe Flash Player 9 ActiveX Adobe Reader 7.0.8 - Français Adobe Shockwave Player Allok Video to FLV Converter 2.3.2 Application Suite Archiveur WinRAR ATI Catalyst Control Center ATI Display Driver avast! Antivirus Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR Beta Two Technical Refresh for Microsoft Office 2007 (KB000000): OfficeSPFullFile(12.0.4407.1005): B2TR CC_ccProxyExt ccCommon CCleaner (remove only) ccPxyCore Complément Office 2007 - Microsoft Enregistrer en tant que PDF (Beta) Complément Office 2007 - Microsoft Enregistrer en tant que PDF ou XPS (Beta) Correctif pour Windows XP (KB889527) Correctif pour Windows XP (KB893357) Correctif pour Windows XP (KB896256) Correctif pour Windows XP (KB898900) Correctif pour Windows XP (KB903234) Correctif pour Windows XP (KB904412) Correctif pour Windows XP (KB906569) Correctif pour Windows XP (KB907865) Correctif pour Windows XP (KB910728) Correctif pour Windows XP (KB912475) Correctif pour Windows XP (KB913538) Correctif pour Windows XP (KB914440) Correctif pour Windows XP (KB914841) Correctif pour Windows XP (KB918005) Correctif Windows XP - KB319740 Correctif Windows XP - KB873339 Correctif Windows XP - KB883529 Correctif Windows XP - KB883667 Correctif Windows XP - KB884575 Correctif Windows XP - KB884883 Correctif Windows XP - KB885523 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885855 Correctif Windows XP - KB885894 Correctif Windows XP - KB886677 Correctif Windows XP - KB886716 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB888402 Correctif Windows XP - KB889016 Correctif Windows XP - KB889673 Correctif Windows XP - KB890831 Correctif Windows XP - KB890859 Correctif Windows XP - KB891781 Correctif Windows XP - KB892627 Correctif Windows XP - KB893056 Correctif Windows XP - KB896626 Delivery Désinstallation du scanner Xerox WorkCentre C2424 DivX 5.0.2 Pro Bundle DivX Codec 3.1alpha release DivXG400 EasyPHP 1.8 Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français) FileZilla (remove only) GenCod Gimp pour Windows Google Earth High Definition Audio - KB888111 HijackThis 1.99.1 Hotfix for Microsoft .NET Framework 2.0 (KB916002) Hotfix for Windows Media Format SDK (KB902344) Hotfix for Windows XP (KB909394) Hotfix for Windows XP (KB915865) Hotfix for Windows XP (KB926239) iTunes J2SE Runtime Environment 5.0 Update 6 Lecteur Windows Media 11 LiveReg (Symantec Corporation) LiveUpdate 2.5 (Symantec Corporation) Macromedia Flash Player 8 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft .NET Framework 2.0 Microsoft ActiveSync 4.0 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2003 Web Components Microsoft Office Access MUI (French) 2007 (Beta) Microsoft Office Excel MUI (French) 2007 (Beta) Microsoft Office Groove 2007 (Beta) Microsoft Office Groove 2007 (Beta) Microsoft Office Groove MUI (French) 2007 (Beta) Microsoft Office InfoPath MUI (French) 2007 (Beta) Microsoft Office Outlook MUI (French) 2007 (Beta) Microsoft Office PowerPoint MUI (French) 2007 (Beta) Microsoft Office Professional Plus 2007 (Beta) Microsoft Office Professional Plus 2007 (Beta) Microsoft Office Project MUI (French) 2007 (Beta) Microsoft Office Project Professional 2007 (Beta) Microsoft Office Project Professional 2007 (Beta) Microsoft Office Proof (Arabic) 2007 (Beta) Microsoft Office Proof (Dutch) 2007 (Beta) Microsoft Office Proof (English) 2007 (Beta) Microsoft Office Proof (French) 2007 (Beta) Microsoft Office Proof (German) 2007 (Beta) Microsoft Office Proof (Spanish) 2007 (Beta) Microsoft Office Publisher MUI (French) 2007 (Beta) Microsoft Office Shared MUI (French) 2007 (Beta) Microsoft Office Small Business Connectivity Components Microsoft Office Visio MUI (French) 2007 (Beta) Microsoft Office Visio Professional 2007 (Beta) Microsoft Office Visio Professional 2007 (Beta) Microsoft Office Word MUI (French) 2007 (Beta) Microsoft SQL Server Native Client Microsoft SQL Server VSS Writer Microsoft User-Mode Driver Framework Feature Pack 1.0 Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899589) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901190) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912812) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour de sécurité pour Windows XP (KB918899) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920214) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour pour Windows XP (KB896427) Mise à jour pour Windows XP (KB897663) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB904942) Mise à jour pour Windows XP (KB908521) Mise à jour pour Windows XP (KB908531) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA Motorola SM56 Data Fax Modem MSXML 6.0 Parser (KB927977) MUTAVISION © Nero BurnRights Nero Digital Nero OEM NeroVision Express Content Norton AntiSpam Norton AntiSpam Norton AntiSpam Norton AntiSpam Norton AntiSpam Norton AntiSpam Norton AntiSpam (Symantec Corporation) Norton AntiSpam Help O2Micro Flash Memory Card Windows Driver V2.04 OpenOffice.org 2.0 Package de base Microsoft de service de chiffrement pour cartes à puce Photorécit 3 pour Windows PowerDVD Questionnaire MUTAVISION © Questionnaire MUTAVISION © (C:\Program Files\Projet1\) QuickTime RealPlayer Realtek High Definition Audio Driver Rippack v3 beta 16.1 Security Update for Microsoft .NET Framework 2.0 (KB917283) Security Update pour Microsoft .NET Framework 2.0 (KB922770) Ski Park Manager Skype™ for Pocket PC 2.0 Spybot - Search & Destroy 1.4 SymNet TopStyle Lite (Version 3.0) VisualGPSce VNC Free Edition 4.1.2 VPN Client Windows Desktop Search Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows Live Messenger Windows Live Sign-in Assistant Windows Media Connect Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Format SDK Hotfix - KB891122 Windows Media Player 10 Hotfix - KB888656 Windows Media Player 10 Hotfix - KB894476 Windows Media Player 11 Windows Messenger 5.1 Windows Messenger 5.1 MUI Pack

Bonjour, Je galère depuis 2 jours avec cette contamination. Sel spybot detecte ce malware mais la réparation ne change rien. J'ai essayé smiifraudfix en mode dans echec sans résultats. voici le rapport merci de votre aide. Logfile of HijackThis v1.99.1 Scan saved at 01:18:23, on 10/12/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\o2flash.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\sm56hlpr.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Microsoft Office\OFFICE12\OUTLOOK.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\DOCUME~1\OLIVIE~1\LOCALS~1\Temp\Répertoire temporaire 1 pour KillBox.zip\KillBox.exe C:\Program Files\Fichiers communs\Microsoft Shared\office12\offlb.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe C:\Documents and Settings\Olivier Kerr\Mes documents\test.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - C:\WINDOWS\system32\kvcvkugb.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: (no name) - {7411F8BA-29A3-3216-9DE7-024AC0AAB9F6} - C:\WINDOWS\system32\viyjhai.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [sMSERIAL] sm56hlpr.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [Xerox_WorkCenter_C2424] "C:\Program Files\Xerox\WorkCentre C2424\xc24bgts.exe" 1 O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] "C:\PROGRA~1\SYMNET~1\SNDMon.exe" /Consumer O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2454079 2 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe" O4 - Global Startup: Croix Rouge Française Connexion VPN Intranet.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200609...ex/qtplugin.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1156334769656 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jin...indows-i586.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: OdysseyClient - C:\WINDOWS\ O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing) [/u] Rapport fait à 18:07:38,35, 09/12/2006 Executé à partir de C:\Documents and Settings\Olivier Kerr\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin