Votre question

Rogue.agent, analyse.

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
24 Août 2011 14:24:39

Bonjour,
voilà depuis plus d'un mois j'ai des trojans, je les retire et il revienne au bout de quelque temps. (je ne vais pas sur des sites douteux pourtant)
bref le probleme aujourd'hui c'est le trojan rootkit (sur le C:/ et D:/ )que j'ai supprimé via superantispyware ainsi que Rogue.Agent/Gen-Nullo[DLL] que j'ai supprimé tout à l'heure et que superantispyware viens de detecter à nouveau. (emplacement C:WINDOWS\SYSTEM32\MSEF.DLL ) que je n'ai pas encore supprimé.

je viens de faire un scan hijack


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:08:54, on 24/08/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\System32\Ctxfihlp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Parental Filter 2\LaunchAppEpcp2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\SFR\Kit\9props.exe
C:\Users\luciole\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\SYSTEM32\CTXFISPI.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\luciole\AppData\Local\Google\Update\1.3.21.65\GoogleCrashHandler.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\mobsync.exe
C:\Users\luciole\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\luciole\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\luciole\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\luciole\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\luciole\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\luciole\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\luciole\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\luciole\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orroz.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MI1933~1\Office14\URLREDIR.DLL
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [LAUNCHER_FILTER] C:\Program Files\Parental Filter 2\LaunchAppEpcp2.exe
O4 - HKLM\..\Run: [LOGGING_FILTER] "C:\Program Files\Parental Filter 2\LoggingEpcp2.exe" start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
O4 - HKCU\..\Run: [Google Update] "C:\Users\luciole\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\RunOnce: [CTAutoUpdate] "C:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe" /RunFromInstaller (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [CTAutoUpdate] "C:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe" /RunFromInstaller (User 'Default user')
O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MI1933~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter 2\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter 2\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter 2\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter 2\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter 2\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter 2\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter 2\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter 2\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter 2\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter 2\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter 2\hooklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - https://www.virginmega.fr/DownloadManager/Release/Prod/...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\NETGEAR\WN111v2\jswpsapi.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Parental Filter 2 (ServiceFilterEpcp2) - Editions Profil - C:\Program Files\Parental Filter 2\ServiceEpcp2.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: Blue Coat K9 Web Protection (WebFilter) - Unknown owner - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe

--
End of file - 12045 bytes


merci de votre aide.

Autres pages sur : rogue agent analyse

24 Août 2011 21:33:42

Bonjour

1

Rends toi sur ce lien : Virus Total
  • Clique sur Parcourir

  • Analyse le fichier en gras et poste le rapport.

    C:WINDOWS\SYSTEM32\MSEF.DLL

  • Si une fenêtre indique que le fichier a déjà été analysé, clique sur réanalyser le fichier maintenant.

    Aide:
    http://forum.malekal.com/virustotal-comment-scanner-fic...


    2

    Télécharge DDS et sauvegarde-le sur ton bureau.
  • Désactive tout script bloquant, tels qu'un antivirus, un logiciel comme ad-block, noscript etc.
  • Double-clique sur dds.scr pour lancer l'outil.
  • Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
  • Clique Oui à la prochaine invite Optional Scan.
  • Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.

    <@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**
    25 Août 2011 10:43:36

    ça y est j'ai fais l'analyse...
    etrangement le fichier que j'ai trouvé date de 2004.



    0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
    File name: msef.dll
    Submission date: 2011-08-25 08:26:16 (UTC)
    Current status: finished
    Result: 1/ 44 (2.3%)
    VT Community

    not reviewed
    Safety score: -
    Compact
    Print results
    Antivirus Version Last Update Result
    AhnLab-V3 2011.08.25.00 2011.08.25 -
    AntiVir 7.11.13.221 2011.08.25 -
    Antiy-AVL 2.0.3.7 2011.08.25 -
    Avast 4.8.1351.0 2011.08.24 -
    Avast5 5.0.677.0 2011.08.24 -
    AVG 10.0.0.1190 2011.08.25 -
    BitDefender 7.2 2011.08.25 -
    ByteHero 1.0.0.1 2011.08.22 -
    CAT-QuickHeal 11.00 2011.08.24 -
    ClamAV 0.97.0.0 2011.08.25 -
    Commtouch 5.3.2.6 2011.08.25 -
    Comodo 9868 2011.08.25 -
    DrWeb 5.0.2.03300 2011.08.25 -
    Emsisoft 5.1.0.10 2011.08.25 -
    eSafe 7.0.17.0 2011.08.24 -
    eTrust-Vet 36.1.8521 2011.08.25 -
    F-Prot 4.6.2.117 2011.08.25 -
    F-Secure 9.0.16440.0 2011.08.25 -
    Fortinet 4.2.257.0 2011.08.24 -
    GData 22 2011.08.25 -
    Ikarus T3.1.1.107.0 2011.08.25 -
    Jiangmin 13.0.900 2011.08.24 -
    K7AntiVirus 9.111.5052 2011.08.24 -
    Kaspersky 9.0.0.837 2011.08.25 -
    McAfee 5.400.0.1158 2011.08.25 -
    McAfee-GW-Edition 2010.1D 2011.08.25 -
    Microsoft 1.7604 2011.08.25 -
    NOD32 6407 2011.08.25 -
    Norman 6.07.10 2011.08.24 -
    nProtect 2011-08-24.01 2011.08.24 -
    Panda 10.0.3.5 2011.08.24 -
    PCTools 8.0.0.5 2011.08.25 -
    Prevx 3.0 2011.08.25 -
    Rising 23.72.03.03 2011.08.25 -
    Sophos 4.68.0 2011.08.25 -
    SUPERAntiSpyware 4.40.0.1006 2011.08.24 Rogue.Agent/Gen-Nullo[DLL]
    Symantec 20111.2.0.82 2011.08.25 -
    TheHacker 6.7.0.1.284 2011.08.25 -
    TrendMicro 9.500.0.1008 2011.08.23 -
    TrendMicro-HouseCall 9.500.0.1008 2011.08.25 -
    VBA32 3.12.16.4 2011.08.24 -
    VIPRE 10262 2011.08.25 -
    ViRobot 2011.8.25.4638 2011.08.25 -
    VirusBuster 14.0.183.2 2011.08.24 -
    Additional informationShow all
    MD5 : 209ad5370ea89ca977426e1a3b943528
    SHA1 : 1396084e9474f3a586bef617a23cf0830fb73098
    SHA256: 6dd8a8ee22d5d4db5128d72546b885361313d08219dd59f4ad62813a59441d6c
    ssdeep: 12:co3Jiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii2:c6R
    File size : 50301 bytes
    First seen: 2011-08-25 08:26:16
    Last seen : 2011-08-25 08:26:16
    TrID:
    Unknown!
    sigcheck:
    publisher....: n/a
    copyright....: n/a
    product......: n/a
    description..: n/a
    original name: n/a
    internal name: n/a
    file version.: n/a
    comments.....: n/a
    signers......: -
    signing date.: -
    verified.....: Unsigned
    ExifTool:
    file metadata
    Error: File format error
    FileSize: 49 kB
    VT Community

    voilà , j'ai du faire un copier collé
    Contenus similaires
    25 Août 2011 10:44:06

    pour le 2, par contre ton lien est raté.
    25 Août 2011 10:47:16

    non c'est bon! je fais le scan. (j'ai du mal cliquer)


    .
    DDS (Ver_2011-06-23.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421
    Run by luciole at 10:46:16 on 2011-08-25
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3325.1678 [GMT 2:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: ZoneAlarm Firewall *Disabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
    .
    ============== Running Processes ===============
    .
    svchost.exe
    svchost.exe
    svchost.exe
    svchost.exe
    svchost.exe
    svchost.exe
    svchost.exe
    svchost.exe
    svchost.exe
    svchost.exe
    svchost.exe
    svchost.exe
    svchost.exe
    C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\mobsync.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\System32\wpcumi.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Windows\System32\Ctxfihlp.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\Parental Filter 2\LaunchAppEpcp2.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    C:\Program Files\SFR\Kit\9props.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Users\luciole\AppData\Local\Google\Update\1.3.21.65\GoogleCrashHandler.exe
    C:\Windows\SYSTEM32\CTXFISPI.EXE
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
    svchost.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Users\luciole\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\luciole\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\luciole\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\rundll32.exe
    C:\Users\luciole\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\luciole\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\luciole\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\luciole\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\conime.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.orroz.net/
    uWindow Title =
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: Search Class: {08c06d61-f1f3-4799-86f8-be1a89362c85} - c:\program files\orangehss\searchurlhook\SearchPageURL.dll
    BHO: Objet d'aide à la navigation SFR: {0f6e720a-1a6b-40e1-a294-1d4d19f156c8} - c:\program files\sfr\kit\SFRNavErrorHelper.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\mi1933~1\office14\URLREDIR.DLL
    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
    TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    uRun: [Connexion SFR 9props.exe] "c:\program files\sfr\kit\9props.exe" /trayicon
    uRun: [Google Update] "c:\users\luciole\appdata\local\google\update\GoogleUpdate.exe" /c
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
    mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
    mRun: [CTxfiHlp] CTXFIHLP.EXE
    mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
    mRun: [ISW] "c:\program files\checkpoint\zaforcefield\ForceField.exe" /icon="hidden"
    mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
    mRun: [LAUNCHER_FILTER] c:\program files\parental filter 2\LaunchAppEpcp2.exe
    mRun: [LOGGING_FILTER] "c:\program files\parental filter 2\LoggingEpcp2.exe" start
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
    dRunOnce: [CTAutoUpdate] "c:\program files\creative\shared files\software update\AutoUpdate.exe" /RunFromInstaller
    uPolicies-explorer: NoSMMyPictures = 0 (0x0)
    uPolicies-explorer: NoStartMenuMyMusic = 0 (0x0)
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: &Envoyer à OneNote - c:\progra~1\mi1933~1\office14\ONBttnIE.dll/105
    IE: E&xporter vers Microsoft Excel - c:\progra~1\mi1933~1\office14\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    LSP: c:\program files\parental filter 2\hooklib.dll
    LSP: c:\windows\system32\wpclsp.dll
    DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} - hxxps://www.virginmega.fr/DownloadManager/Release/Prod/DownMan....
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{948A112F-3AFB-4593-B086-6386F5559499} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{A2027EC2-8944-4C29-BA07-17AE6E656183} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{C34D5B12-74FB-4C81-86B0-D1D4378F5FB4} : DhcpNameServer = 192.168.1.1
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
    Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\luciole\appdata\roaming\mozilla\firefox\profiles\0tr1ls34.default\
    FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
    FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
    FF - plugin: c:\users\luciole\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AlfaFF;Alfa File System Mini-Filter;c:\windows\system32\drivers\AlfaFF.sys [2009-9-15 45256]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-7-9 441176]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-7-9 309848]
    R1 bckd;bckd;c:\windows\system32\drivers\bckd.sys [2011-6-10 86544]
    R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\drivers\jswpslwf.sys [2008-10-1 20384]
    R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;c:\windows\system32\drivers\RtlProt.sys [2007-4-23 25896]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-12 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
    R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-7-28 176128]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-7-9 19544]
    R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-7-9 54104]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-7-9 42184]
    R2 bckwfs;Blue Coat K9 Web Protection;c:\program files\blue coat k9 web protection\k9filter.exe [2007-2-8 1575184]
    R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2011-8-17 21992]
    R2 FontCache;Service de cache de police Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2011-7-9 21504]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2011-7-10 13592]
    R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2010-11-5 26872]
    R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2010-11-5 488952]
    R2 ServiceFilterEpcp2;Parental Filter 2;c:\program files\parental filter 2\serviceepcp2.exe [2011-8-6 17760]
    R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2011-7-29 8396800]
    R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-7-28 247296]
    R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH3.sys [2011-6-7 81936]
    R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [2009-6-3 171032]
    R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [2009-6-3 1324056]
    R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [2009-6-3 72728]
    R3 hcw85bda;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-11-27 1426560]
    R3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service;c:\windows\system32\drivers\WN111v2v.sys [2009-1-13 453120]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Service Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-1 135664]
    S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2011-7-9 79360]
    S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [2009-6-3 171032]
    S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [2009-6-3 1324056]
    S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [2009-6-3 72728]
    S3 DNIMp50;DNIMp50 NDIS Protocol Driver;c:\windows\system32\drivers\DNIMP50.sys [2006-11-16 21504]
    S3 DNISp50;DNISp50 NDIS Protocol Driver;c:\windows\system32\drivers\DNISP50.sys [2006-11-16 20480]
    S3 gupdatem;Service Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-1 135664]
    S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\netgear\wn111v2\jswpsapi.exe [2008-2-29 942080]
    S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-11-27 34248]
    S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-11-27 40552]
    S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
    S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\system32\drivers\PCAMp50.sys [2009-11-27 28224]
    S3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [2010-8-11 348160]
    S3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== Created Last 30 ================
    .
    2011-08-24 16:46:26 2048 ----a-w- c:\windows\system32\tzres.dll
    2011-08-24 14:01:07 -------- d-----w- c:\program files\Mass Effect 2
    2011-08-24 14:01:07 -------- d-----w- c:\program files\common files\BioWare
    2011-08-24 09:46:15 -------- d-----w- c:\program files\AMD APP
    2011-08-23 09:20:31 7152464 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{4ed2ddee-3919-4079-8f66-03293dcaf148}\mpengine.dll
    2011-08-17 17:07:30 -------- d-----w- C:\ATI
    2011-08-17 16:24:56 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
    2011-08-17 16:24:55 -------- d-----w- c:\program files\CPUID
    2011-08-13 14:01:11 -------- d-----w- c:\program files\VirginMega DownloadManager v3
    2011-08-12 22:25:45 -------- d-----w- c:\program files\iPod
    2011-08-12 22:23:36 -------- d-----w- c:\program files\Bonjour
    2011-08-11 06:21:44 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
    2011-08-11 06:21:43 375808 ----a-w- c:\windows\system32\winsrv.dll
    2011-08-11 06:21:42 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
    2011-08-11 06:21:38 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2011-08-11 06:21:38 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
    2011-08-11 06:21:37 913296 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2011-08-11 06:21:37 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
    2011-08-05 23:21:42 -------- d-----w- c:\programdata\Parental Filter 2
    2011-08-05 23:19:52 -------- d-----w- c:\program files\Parental Filter 2
    2011-07-28 22:22:04 8396800 ----a-w- c:\windows\system32\drivers\atikmdag.sys
    2011-07-28 21:44:06 18388480 ----a-w- c:\windows\system32\atioglxx.dll
    2011-07-28 21:40:58 151552 ----a-w- c:\windows\system32\atiapfxx.exe
    2011-07-28 21:40:44 726528 ----a-w- c:\windows\system32\aticfx32.dll
    2011-07-28 21:36:26 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
    2011-07-28 21:35:52 401408 ----a-w- c:\windows\system32\atieclxx.exe
    2011-07-28 21:35:24 176128 ----a-w- c:\windows\system32\atiesrxx.exe
    2011-07-28 21:34:10 159744 ----a-w- c:\windows\system32\atitmmxx.dll
    2011-07-28 21:33:54 356352 ----a-w- c:\windows\system32\atipdlxx.dll
    2011-07-28 21:33:42 278528 ----a-w- c:\windows\system32\Oemdspif.dll
    2011-07-28 21:33:34 20992 ----a-w- c:\windows\system32\atimuixx.dll
    2011-07-28 21:33:26 43520 ----a-w- c:\windows\system32\ati2edxx.dll
    2011-07-28 21:30:26 4198912 ----a-w- c:\windows\system32\atidxx32.dll
    2011-07-28 21:11:42 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
    2011-07-28 21:11:14 46080 ----a-w- c:\windows\system32\aticalrt.dll
    2011-07-28 21:11:02 44032 ----a-w- c:\windows\system32\aticalcl.dll
    2011-07-28 21:09:10 4256768 ----a-w- c:\windows\system32\atiumdag.dll
    2011-07-28 21:07:24 8247296 ----a-w- c:\windows\system32\aticaldd.dll
    2011-07-28 21:03:58 4056064 ----a-w- c:\windows\system32\atiumdva.dll
    2011-07-28 20:54:30 13312 ----a-w- c:\windows\system32\atiglpxx.dll
    2011-07-28 20:54:18 32768 ----a-w- c:\windows\system32\atigktxx.dll
    2011-07-28 20:53:46 247296 ----a-w- c:\windows\system32\drivers\atikmpag.sys
    2011-07-28 20:53:14 31744 ----a-w- c:\windows\system32\atiuxpag.dll
    2011-07-28 20:53:00 29184 ----a-w- c:\windows\system32\atiu9pag.dll
    2011-07-28 20:52:26 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
    2011-07-28 20:51:04 52736 ----a-w- c:\windows\system32\atimpc32.dll
    2011-07-28 20:51:04 52736 ----a-w- c:\windows\system32\amdpcom32.dll
    2011-07-28 15:49:12 53760 ----a-w- c:\windows\system32\OVDecode.dll
    2011-07-28 15:48:36 13555712 ----a-w- c:\windows\system32\amdocl.dll
    2011-07-28 07:47:41 -------- d-----w- c:\program files\Windows Portable Devices
    2011-07-27 09:37:42 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
    2011-07-27 09:37:42 4096 ----a-w- c:\windows\system32\oleaccrc.dll
    2011-07-27 09:37:42 234496 ----a-w- c:\windows\system32\oleacc.dll
    2011-07-27 08:43:07 -------- d-sh--w- c:\windows\system32\%APPDATA%
    2011-07-27 08:39:01 471552 ----a-w- c:\windows\system32\secproc_isv.dll
    2011-07-27 08:38:59 471552 ----a-w- c:\windows\system32\secproc.dll
    2011-07-27 08:38:38 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
    2011-07-27 08:38:30 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
    2011-07-27 08:38:30 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
    2011-07-27 08:38:29 518144 ----a-w- c:\windows\system32\RMActivate.exe
    2011-07-27 08:38:29 332288 ----a-w- c:\windows\system32\msdrm.dll
    2011-07-27 08:38:29 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
    2011-07-27 08:38:29 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
    2011-07-27 08:38:09 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe
    2011-07-27 08:38:07 310784 ----a-w- c:\windows\system32\unregmp2.exe
    2011-07-27 08:22:55 -------- d-----w- c:\program files\Microsoft Analysis Services
    2011-07-27 08:22:12 -------- d-----w- c:\users\luciole\appdata\local\Microsoft Help
    .
    ==================== Find3M ====================
    .
    2011-07-28 21:01:48 52736 ----a-w- c:\windows\system32\coinst.dll
    2011-07-28 20:54:42 266240 ----a-w- c:\windows\system32\atiadlxx.dll
    2011-07-28 20:52:38 37376 ----a-w- c:\windows\system32\atitmpxx.dll
    2011-07-22 02:54:43 1797632 ----a-w- c:\windows\system32\jscript9.dll
    2011-07-22 02:48:26 1126912 ----a-w- c:\windows\system32\wininet.dll
    2011-07-22 02:44:36 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2011-07-12 09:20:54 83816 ----a-w- c:\windows\system32\dns-sd.exe
    2011-07-12 09:20:54 73064 ----a-w- c:\windows\system32\dnssd.dll
    2011-07-12 09:20:54 178536 ----a-w- c:\windows\system32\dnssdX.dll
    2011-07-09 20:23:56 4096 ----a-w- c:\windows\system32\drivers\fr-fr\dxgkrnl.sys.mui
    2011-07-09 20:23:56 369664 ----a-w- c:\windows\system32\WMPhoto.dll
    2011-07-09 20:23:56 252928 ----a-w- c:\windows\system32\dxdiag.exe
    2011-07-09 20:23:56 195584 ----a-w- c:\windows\system32\dxdiagn.dll
    2011-07-09 20:23:55 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
    2011-07-09 20:23:55 519680 ----a-w- c:\windows\system32\d3d11.dll
    2011-07-09 20:23:55 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
    2011-07-09 20:23:55 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
    2011-07-09 20:12:18 444952 ----a-w- c:\windows\system32\wrap_oal.dll
    2011-07-09 20:12:18 109080 ----a-w- c:\windows\system32\OpenAL32.dll
    2011-07-09 19:05:05 101888 ----a-w- c:\windows\system32\ifxcardm.dll
    2011-07-09 19:05:02 82432 ----a-w- c:\windows\system32\axaltocm.dll
    2011-07-09 12:52:38 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-07-09 12:24:39 293376 ----a-w- c:\windows\system32\browserchoice.exe
    2011-07-06 17:52:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-07-06 17:52:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-07-04 11:43:53 40112 ----a-w- c:\windows\avastSS.scr
    2011-07-04 11:36:43 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2011-07-04 11:32:20 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2011-06-16 01:34:06 79872 ----a-w- c:\windows\system32\SlotMaximizerAg.dll
    2011-06-16 01:34:06 2117632 ----a-w- c:\windows\system32\SlotMaximizerBe.dll
    2011-06-10 21:41:02 86544 ----a-w- c:\windows\system32\drivers\bckd.sys
    2011-06-06 22:06:42 81936 ----a-w- c:\windows\system32\drivers\AtihdLH3.sys
    2011-06-02 13:34:49 2043392 ----a-w- c:\windows\system32\win32k.sys
    .
    ============= FINISH: 10:48:32,06 ===============
    25 Août 2011 14:04:24

    Bonjour
    c'est curieux, seul superantispyware le détecte, le md5 est inconnu, et Combofix le dégage:
    http://forums.cnetfrance.fr/topic/159091-virus-tempbexe...

    On va le supprimer:

    Désactive ton antivirus et tout autre type de protection.
    Télécharge ComboFix de sUBs : Combofix
    Sauvegarde-le sur ton bureau et pas ailleurs!

    Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
    clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

    viens sur le forum et édition "coller"

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer

    <@_@>

    +++++++++++++++++++++
    26 Août 2011 10:48:39

    voilà le scan est terminé.


    ComboFix 11-08-25.05 - luciole 26/08/2011 10:23:09.1.4 - x86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3325.1836 [GMT 2:00]
    Lancé depuis: c:\users\Dassoda\Desktop\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    FW: ZoneAlarm Firewall *Disabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files\steam\steam.exe
    c:\users\Public\cnc3_v109_fr.exe
    c:\users\Public\R212831.exe
    c:\users\Public\XPS420-A07.EXE
    c:\windows\msef.dll
    c:\windows\system32\comct332.ocx
    .
    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2011-07-26 au 2011-08-26 ))))))))))))))))))))))))))))))))))))
    .
    .
    2011-08-26 08:40 . 2011-08-26 08:40 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-08-26 08:17 . 2011-08-26 08:17 -------- d-----w- C:\32788R22FWJFW
    2011-08-24 16:46 . 2011-07-11 13:25 2048 ----a-w- c:\windows\system32\tzres.dll
    2011-08-24 14:01 . 2011-08-24 14:29 -------- d-----w- c:\program files\Common Files\BioWare
    2011-08-24 14:01 . 2011-08-24 14:17 -------- d-----w- c:\program files\Mass Effect 2
    2011-08-24 09:46 . 2011-08-24 09:46 -------- d-----w- c:\programdata\ATI
    2011-08-24 09:46 . 2011-08-24 09:46 -------- d-----w- c:\program files\AMD APP
    2011-08-23 09:20 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4ED2DDEE-3919-4079-8F66-03293DCAF148}\mpengine.dll
    2011-08-17 17:07 . 2011-08-17 17:07 -------- d-----w- C:\ATI
    2011-08-17 16:24 . 2010-11-09 13:35 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
    2011-08-17 16:24 . 2011-08-17 16:24 -------- d-----w- c:\program files\CPUID
    2011-08-13 14:01 . 2011-08-13 14:01 -------- d-----w- c:\users\Dassoda\AppData\Roaming\VirginMega.DownloadManager.v3.4AE6D9B37411D7D7A2C457954142B8FA4EE6E198.1
    2011-08-13 14:01 . 2011-08-13 14:01 -------- d-----w- c:\program files\VirginMega DownloadManager v3
    2011-08-13 14:01 . 2011-08-13 14:01 -------- d-----w- c:\program files\Common Files\Adobe AIR
    2011-08-12 22:25 . 2011-08-12 22:25 -------- d-----w- c:\program files\iPod
    2011-08-12 22:23 . 2011-08-12 22:23 -------- d-----w- c:\program files\Bonjour
    2011-08-11 06:59 . 2011-08-11 06:59 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
    2011-08-11 06:21 . 2011-07-06 15:31 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
    2011-08-11 06:21 . 2011-06-17 16:03 375808 ----a-w- c:\windows\system32\winsrv.dll
    2011-08-11 06:21 . 2011-06-06 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
    2011-08-11 06:21 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2011-08-11 06:21 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
    2011-08-11 06:21 . 2011-06-17 20:13 913296 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2011-08-11 06:21 . 2011-06-17 13:31 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
    2011-08-05 23:21 . 2011-08-26 08:02 -------- d-----w- c:\programdata\Parental Filter 2
    2011-08-05 23:19 . 2011-08-05 23:33 -------- d-----w- c:\program files\Parental Filter 2
    2011-07-28 22:22 . 2011-07-28 22:22 8396800 ----a-w- c:\windows\system32\drivers\atikmdag.sys
    2011-07-28 21:44 . 2011-07-28 21:44 18388480 ----a-w- c:\windows\system32\atioglxx.dll
    2011-07-28 21:40 . 2011-07-28 21:40 151552 ----a-w- c:\windows\system32\atiapfxx.exe
    2011-07-28 21:40 . 2011-07-28 21:40 726528 ----a-w- c:\windows\system32\aticfx32.dll
    2011-07-28 21:36 . 2011-07-28 21:36 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
    2011-07-28 21:35 . 2011-07-28 21:35 401408 ----a-w- c:\windows\system32\atieclxx.exe
    2011-07-28 21:35 . 2011-07-28 21:35 176128 ----a-w- c:\windows\system32\atiesrxx.exe
    2011-07-28 21:34 . 2011-07-28 21:34 159744 ----a-w- c:\windows\system32\atitmmxx.dll
    2011-07-28 21:33 . 2011-07-28 21:33 356352 ----a-w- c:\windows\system32\atipdlxx.dll
    2011-07-28 21:33 . 2011-07-28 21:33 278528 ----a-w- c:\windows\system32\Oemdspif.dll
    2011-07-28 21:33 . 2011-07-28 21:33 20992 ----a-w- c:\windows\system32\atimuixx.dll
    2011-07-28 21:33 . 2011-07-28 21:33 43520 ----a-w- c:\windows\system32\ati2edxx.dll
    2011-07-28 21:30 . 2011-07-28 21:30 4198912 ----a-w- c:\windows\system32\atidxx32.dll
    2011-07-28 21:11 . 2011-07-28 21:11 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
    2011-07-28 21:11 . 2011-07-28 21:11 46080 ----a-w- c:\windows\system32\aticalrt.dll
    2011-07-28 21:11 . 2011-07-28 21:11 44032 ----a-w- c:\windows\system32\aticalcl.dll
    2011-07-28 21:09 . 2011-07-28 21:09 4256768 ----a-w- c:\windows\system32\atiumdag.dll
    2011-07-28 21:07 . 2011-07-28 21:07 8247296 ----a-w- c:\windows\system32\aticaldd.dll
    2011-07-28 21:03 . 2011-07-28 21:03 4056064 ----a-w- c:\windows\system32\atiumdva.dll
    2011-07-28 20:54 . 2011-07-28 20:54 13312 ----a-w- c:\windows\system32\atiglpxx.dll
    2011-07-28 20:54 . 2011-07-28 20:54 32768 ----a-w- c:\windows\system32\atigktxx.dll
    2011-07-28 20:53 . 2011-07-28 20:53 247296 ----a-w- c:\windows\system32\drivers\atikmpag.sys
    2011-07-28 20:53 . 2011-07-28 20:53 31744 ----a-w- c:\windows\system32\atiuxpag.dll
    2011-07-28 20:53 . 2011-07-28 20:53 29184 ----a-w- c:\windows\system32\atiu9pag.dll
    2011-07-28 20:52 . 2011-07-28 20:52 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
    2011-07-28 20:51 . 2011-07-28 20:51 52736 ----a-w- c:\windows\system32\atimpc32.dll
    2011-07-28 20:51 . 2011-07-28 20:51 52736 ----a-w- c:\windows\system32\amdpcom32.dll
    2011-07-28 15:49 . 2011-07-28 15:49 53760 ----a-w- c:\windows\system32\OVDecode.dll
    2011-07-28 15:48 . 2011-07-28 15:48 13555712 ----a-w- c:\windows\system32\amdocl.dll
    2011-07-28 07:47 . 2011-07-28 07:47 -------- d-----w- c:\program files\Windows Portable Devices
    2011-07-27 09:37 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
    2011-07-27 09:37 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
    2011-07-27 09:37 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
    2011-07-27 08:43 . 2011-07-27 08:43 -------- d-sh--w- c:\windows\system32\%APPDATA%
    .
    .
    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-07-28 21:01 . 2011-04-06 01:28 52736 ----a-w- c:\windows\system32\coinst.dll
    2011-07-28 20:54 . 2011-04-06 01:22 266240 ----a-w- c:\windows\system32\atiadlxx.dll
    2011-07-28 20:52 . 2009-12-11 19:49 37376 ----a-w- c:\windows\system32\atitmpxx.dll
    2011-07-16 12:56 . 2009-08-18 09:30 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
    2011-07-16 12:56 . 2009-08-18 09:24 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2011-07-12 16:09 . 2011-07-12 16:09 14424 ----a-w- C:\UsbFix_Upload_Me_MAGI.zip
    2011-07-12 09:20 . 2011-07-12 09:20 83816 ----a-w- c:\windows\system32\dns-sd.exe
    2011-07-12 09:20 . 2011-07-12 09:20 73064 ----a-w- c:\windows\system32\dnssd.dll
    2011-07-12 09:20 . 2011-07-12 09:20 178536 ----a-w- c:\windows\system32\dnssdX.dll
    2011-07-09 20:25 . 2011-07-09 20:25 161792 ----a-w- c:\windows\system32\msls31.dll
    2011-07-09 20:25 . 2011-07-09 20:25 86528 ----a-w- c:\windows\system32\iesysprep.dll
    2011-07-09 20:25 . 2011-07-09 20:25 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
    2011-07-09 20:25 . 2011-07-09 20:25 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
    2011-07-09 20:25 . 2011-07-09 20:25 74752 ----a-w- c:\windows\system32\iesetup.dll
    2011-07-09 20:25 . 2011-07-09 20:25 63488 ----a-w- c:\windows\system32\tdc.ocx
    2011-07-09 20:25 . 2011-07-09 20:25 48640 ----a-w- c:\windows\system32\mshtmler.dll
    2011-07-09 20:25 . 2011-07-09 20:25 420864 ----a-w- c:\windows\system32\vbscript.dll
    2011-07-09 20:25 . 2011-07-09 20:25 367104 ----a-w- c:\windows\system32\html.iec
    2011-07-09 20:25 . 2011-07-09 20:25 23552 ----a-w- c:\windows\system32\licmgr10.dll
    2011-07-09 20:25 . 2011-07-09 20:25 152064 ----a-w- c:\windows\system32\wextract.exe
    2011-07-09 20:25 . 2011-07-09 20:25 150528 ----a-w- c:\windows\system32\iexpress.exe
    2011-07-09 20:25 . 2011-07-09 20:25 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
    2011-07-09 20:25 . 2011-07-09 20:25 35840 ----a-w- c:\windows\system32\imgutil.dll
    2011-07-09 20:25 . 2011-07-09 20:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2011-07-09 20:25 . 2011-07-09 20:25 11776 ----a-w- c:\windows\system32\mshta.exe
    2011-07-09 20:25 . 2011-07-09 20:25 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
    2011-07-09 20:25 . 2011-07-09 20:25 101888 ----a-w- c:\windows\system32\admparse.dll
    2011-07-09 20:25 . 2011-07-09 20:25 98816 ----a-w- c:\windows\system32\mfps.dll
    2011-07-09 20:25 . 2011-07-09 20:25 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
    2011-07-09 20:25 . 2011-07-09 20:25 586240 ----a-w- c:\windows\system32\stobject.dll
    2011-07-09 20:25 . 2011-07-09 20:25 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
    2011-07-09 20:25 . 2011-07-09 20:25 302592 ----a-w- c:\windows\system32\mfmp4src.dll
    2011-07-09 20:25 . 2011-07-09 20:25 2873344 ----a-w- c:\windows\system32\mf.dll
    2011-07-09 20:25 . 2011-07-09 20:25 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
    2011-07-09 20:25 . 2011-07-09 20:25 209920 ----a-w- c:\windows\system32\mfplat.dll
    2011-07-09 20:25 . 2011-07-09 20:25 683008 ----a-w- c:\windows\system32\d2d1.dll
    2011-07-09 20:25 . 2011-07-09 20:25 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
    2011-07-09 20:25 . 2011-07-09 20:25 847360 ----a-w- c:\windows\system32\OpcServices.dll
    2011-07-09 20:25 . 2011-07-09 20:25 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
    2011-07-09 20:25 . 2011-07-09 20:25 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
    2011-07-09 20:25 . 2011-07-09 20:25 486400 ----a-w- c:\windows\system32\d3d10level9.dll
    2011-07-09 20:25 . 2011-07-09 20:25 478720 ----a-w- c:\windows\system32\dxgi.dll
    2011-07-09 20:25 . 2011-07-09 20:25 37376 ----a-w- c:\windows\system32\cdd.dll
    2011-07-09 20:25 . 2011-07-09 20:25 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
    2011-07-09 20:25 . 2011-07-09 20:25 258048 ----a-w- c:\windows\system32\winspool.drv
    2011-07-09 20:25 . 2011-07-09 20:25 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
    2011-07-09 20:25 . 2011-07-09 20:25 189952 ----a-w- c:\windows\system32\d3d10core.dll
    2011-07-09 20:25 . 2011-07-09 20:25 160768 ----a-w- c:\windows\system32\d3d10_1.dll
    2011-07-09 20:25 . 2011-07-09 20:25 1554432 ----a-w- c:\windows\system32\xpsservices.dll
    2011-07-09 20:25 . 2011-07-09 20:25 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
    2011-07-09 20:25 . 2011-07-09 20:25 1029120 ----a-w- c:\windows\system32\d3d10.dll
    2011-07-09 20:23 . 2011-07-09 20:23 4096 ----a-w- c:\windows\system32\drivers\fr-FR\dxgkrnl.sys.mui
    2011-07-09 20:23 . 2011-07-09 20:23 369664 ----a-w- c:\windows\system32\WMPhoto.dll
    2011-07-09 20:23 . 2011-07-09 20:23 252928 ----a-w- c:\windows\system32\dxdiag.exe
    2011-07-09 20:23 . 2011-07-09 20:23 195584 ----a-w- c:\windows\system32\dxdiagn.dll
    2011-07-09 20:23 . 2011-07-09 20:23 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
    2011-07-09 20:23 . 2011-07-09 20:23 519680 ----a-w- c:\windows\system32\d3d11.dll
    2011-07-09 20:23 . 2011-07-09 20:23 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
    2011-07-09 20:23 . 2011-07-09 20:23 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
    2011-07-09 20:12 . 2011-07-09 12:27 444952 ----a-w- c:\windows\system32\wrap_oal.dll
    2011-07-09 20:12 . 2011-07-09 12:27 109080 ----a-w- c:\windows\system32\OpenAL32.dll
    2011-07-09 19:05 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
    2011-07-09 19:05 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
    2011-07-09 12:52 . 2011-07-09 12:52 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-07-09 12:25 . 2011-07-09 12:25 1808896 ----a-w- c:\windows\system32\NlsLexicons0046.dll
    2011-07-09 12:25 . 2011-07-09 12:25 1793536 ----a-w- c:\windows\system32\NlsLexicons0045.dll
    2011-07-09 12:25 . 2011-07-09 12:25 1558016 ----a-w- c:\windows\system32\NlsLexicons0049.dll
    2011-07-09 12:25 . 2011-07-09 12:25 1411072 ----a-w- c:\windows\system32\NlsLexicons0047.dll
    2011-07-09 12:25 . 2011-07-09 12:25 1236992 ----a-w- c:\windows\system32\NlsLexicons0020.dll
    2011-07-09 12:25 . 2011-07-09 12:25 7964672 ----a-w- c:\windows\system32\NlsLexicons0024.dll
    2011-07-09 12:25 . 2011-07-09 12:25 5499904 ----a-w- c:\windows\system32\NlsLexicons0022.dll
    2011-07-09 12:25 . 2011-07-09 12:25 2136064 ----a-w- c:\windows\system32\NlsLexicons0021.dll
    2011-07-09 12:25 . 2011-07-09 12:25 1782272 ----a-w- c:\windows\system32\NlsLexicons0039.dll
    2011-07-09 12:25 . 2011-07-09 12:25 5791232 ----a-w- c:\windows\system32\NlsLexicons0026.dll
    2011-07-09 12:25 . 2011-07-09 12:25 6224896 ----a-w- c:\windows\system32\NlsLexicons0027.dll
    2011-07-09 12:25 . 2011-07-09 12:25 4175872 ----a-w- c:\windows\system32\NlsLexicons0010.dll
    2011-07-09 12:25 . 2011-07-09 12:25 2466816 ----a-w- c:\windows\system32\NlsLexicons0011.dll
    2011-07-09 12:25 . 2011-07-09 12:25 4981248 ----a-w- c:\windows\system32\NlsLexicons0013.dll
    2011-07-09 12:25 . 2011-07-09 12:25 6781440 ----a-w- c:\windows\system32\NlsLexicons0019.dll
    2011-07-09 12:25 . 2011-07-09 12:25 3331072 ----a-w- c:\windows\system32\NlsLexicons0018.dll
    2011-07-09 12:25 . 2011-07-09 12:25 11722752 ----a-w- c:\windows\system32\NlsLexicons0001.dll
    2011-07-09 12:25 . 2011-07-09 12:25 4164096 ----a-w- c:\windows\system32\NlsLexicons0002.dll
    2011-07-09 12:25 . 2011-07-09 12:25 1452544 ----a-w- c:\windows\system32\NlsLexicons0003.dll
    2011-07-09 12:25 . 2011-07-09 12:25 4093440 ----a-w- c:\windows\system32\NlsLexicons004c.dll
    2011-07-09 12:25 . 2011-07-09 12:25 3419136 ----a-w- c:\windows\system32\NlsLexicons004a.dll
    2011-07-09 12:25 . 2011-07-09 12:25 1972736 ----a-w- c:\windows\system32\NlsLexicons004e.dll
    2011-07-09 12:25 . 2011-07-09 12:25 1702912 ----a-w- c:\windows\system32\NlsLexicons004b.dll
    2011-07-09 12:25 . 2011-07-09 12:25 4045824 ----a-w- c:\windows\system32\NlsLexicons003e.dll
    2011-07-09 12:25 . 2011-07-09 12:25 6585856 ----a-w- c:\windows\system32\NlsLexicons001b.dll
    2011-07-09 12:25 . 2011-07-09 12:25 6014976 ----a-w- c:\windows\system32\NlsLexicons001a.dll
    2011-07-09 12:25 . 2011-07-09 12:25 4096 ----a-w- c:\windows\system32\NlsLexicons002a.dll
    2011-07-09 12:25 . 2011-07-09 12:25 6346240 ----a-w- c:\windows\system32\NlsLexicons001d.dll
    2011-07-09 12:25 . 2011-07-09 12:25 9892864 ----a-w- c:\windows\system32\NlsLexicons000a.dll
    2011-07-09 12:25 . 2011-07-09 12:25 6237696 ----a-w- c:\windows\system32\NlsLexicons000c.dll
    2011-07-09 12:25 . 2011-07-09 12:25 1722368 ----a-w- c:\windows\system32\NlsLexicons000d.dll
    2011-07-09 12:25 . 2011-07-09 12:25 5654528 ----a-w- c:\windows\system32\NlsLexicons000f.dll
    2011-07-09 12:25 . 2011-07-09 12:25 5090816 ----a-w- c:\windows\system32\NlsLexicons0416.dll
    2011-07-09 12:25 . 2011-07-09 12:25 5031936 ----a-w- c:\windows\system32\NlsLexicons0816.dll
    2011-07-09 12:25 . 2011-07-09 12:25 4616192 ----a-w- c:\windows\system32\NlsLexicons0414.dll
    2011-07-09 12:25 . 2011-07-09 12:25 7042560 ----a-w- c:\windows\system32\NlsLexicons081a.dll
    2011-06-16 04:38 . 2011-07-09 17:44 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
    2010-07-19 16:32 165184 ----a-w- c:\program files\SFR\Kit\SFRNavErrorHelper.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
    "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-08-05 2424192]
    "Connexion SFR 9props.exe"="c:\program files\SFR\Kit\9props.exe" [2010-07-19 976192]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
    "CTxfiHlp"="CTXFIHLP.EXE" [2009-06-03 25600]
    "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-11-16 1043968]
    "ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2010-11-05 738808]
    "dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-06-03 206064]
    "LAUNCHER_FILTER"="c:\program files\Parental Filter 2\LaunchAppEpcp2.exe" [2010-01-13 13640]
    "LOGGING_FILTER"="c:\program files\Parental Filter 2\LoggingEpcp2.exe" [2011-08-05 16200]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-07-19 421736]
    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "CTAutoUpdate"="c:\program files\Creative\Shared Files\Software Update\AutoUpdate.exe" [2009-01-15 430968]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoSMMyPictures"= 0 (0x0)
    "NoStartMenuMyMusic"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Assistant SMART WIZARD NETGEAR pour WG111v3.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Assistant SMART WIZARD NETGEAR pour WG111v3.lnk
    backup=c:\windows\pss\Assistant SMART WIZARD NETGEAR pour WG111v3.lnk.CommonStartup
    backupExtension=.CommonStartup
    .
    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
    backup=c:\windows\pss\Logitech Desktop Messenger.lnk.CommonStartup
    backupExtension=.CommonStartup
    .
    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
    backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup
    backupExtension=.CommonStartup
    .
    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WG111v3 Smart Wizard.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk
    backup=c:\windows\pss\NETGEAR WG111v3 Smart Wizard.lnk.CommonStartup
    backupExtension=.CommonStartup
    .
    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WN111v2 Smart Wizard.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WN111v2 Smart Wizard.lnk
    backup=c:\windows\pss\NETGEAR WN111v2 Smart Wizard.lnk.CommonStartup
    backupExtension=.CommonStartup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bluetooth Connection Assistant]
    LBTWIZ.EXE -silent [X]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    2011-06-08 04:02 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
    2010-03-04 12:31 311296 ----a-w- c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dellsupportcenter]
    2009-06-03 13:46 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
    2010-03-01 20:16 135664 ----atw- c:\users\luciole\AppData\Local\Google\Update\GoogleUpdate.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
    2011-05-20 08:10 284440 ----a-w- c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    2011-07-19 16:29 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
    2007-09-21 02:10 55824 ----a-w- c:\windows\KHALMNPR.Exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
    2010-05-11 14:43 6061400 ----a-w- c:\program files\Logitech\Logitech Vid\Vid.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]
    2010-05-07 16:35 165208 ----a-w- c:\program files\Logitech\LWS\Webcam Software\LWS.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2405331893-417425587-1285169552-1000]
    "EnableNotifications"=dword:00000001
    "EnableNotificationsRef"=dword:00000001
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 135664]
    R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-07-09 79360]
    R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2009-06-03 171032]
    R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2009-06-03 1324056]
    R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2009-06-03 72728]
    R3 DNIMp50;DNIMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\DNIMp50.sys [2006-11-16 21504]
    R3 DNISp50;DNISp50 NDIS Protocol Driver;c:\windows\system32\Drivers\DNISp50.sys [2006-11-16 20480]
    R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 135664]
    R3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\NETGEAR\WN111v2\jswpsapi.exe [2008-02-29 942080]
    R3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50.sys [2006-11-28 28224]
    R3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v3.sys [2009-10-14 348160]
    R3 vsdatant7;vsdatant7;c:\windows\system32\drivers\vsdatant.win7.sys [x]
    R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
    S0 AlfaFF;Alfa File System Mini-Filter;c:\windows\System32\Drivers\AlfaFF.sys [2009-09-15 45256]
    S1 aswSnx;aswSnx; [x]
    S1 aswSP;aswSP; [x]
    S1 bckd;bckd;c:\windows\system32\drivers\bckd.sys [2011-06-10 86544]
    S1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwf.sys [2008-10-01 20384]
    S1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;c:\windows\system32\DRIVERS\rtlprot.sys [2007-04-23 25896]
    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-12 12880]
    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-28 176128]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
    S2 bckwfs;Blue Coat K9 Web Protection;c:\program files\Blue Coat K9 Web Protection\k9filter.exe [2011-06-10 1575184]
    S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
    S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2010-11-05 26872]
    S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2010-11-05 488952]
    S2 ServiceFilterEpcp2;Parental Filter 2;c:\program files\Parental Filter 2\ServiceEpcp2.exe [2011-08-05 17760]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-07-28 8396800]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-07-28 247296]
    S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH3.sys [2011-06-06 81936]
    S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [2009-06-03 171032]
    S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [2009-06-03 1324056]
    S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [2009-06-03 72728]
    S3 hcw85bda;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-01-13 1426560]
    S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
    S3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service;c:\windows\system32\DRIVERS\WN111v2v.sys [2009-01-13 453120]
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    Contenu du dossier 'Tâches planifiées'
    .
    2011-08-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 22:08]
    .
    2011-08-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 22:08]
    .
    2011-08-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2405331893-417425587-1285169552-1000Core.job
    - c:\users\luciole\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-01 20:16]
    .
    2011-08-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2405331893-417425587-1285169552-1000UA.job
    - c:\users\luciole\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-01 20:16]
    .
    2011-08-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2405331893-417425587-1285169552-1003Core.job
    - c:\users\Dassoda\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-06 20:36]
    .
    2011-08-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2405331893-417425587-1285169552-1003UA.job
    - c:\users\Dassoda\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-06 20:36]
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.orroz.net/
    uInternet Settings,ProxyOverride = *.local
    IE: &Envoyer à OneNote - c:\progra~1\MI1933~1\Office14\ONBttnIE.dll/105
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MI1933~1\Office14\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
    LSP: c:\program files\Parental Filter 2\hooklib.dll
    LSP: c:\windows\system32\wpclsp.dll
    TCP: DhcpNameServer = 192.168.1.1
    Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} - hxxps://www.virginmega.fr/DownloadManager/Release/Prod/DownMan....
    FF - ProfilePath - c:\users\luciole\AppData\Roaming\Mozilla\Firefox\Profiles\0tr1ls34.default\
    .
    - - - - ORPHELINS SUPPRIMES - - - -
    .
    MSConfigStartUp-Comrade - c:\program files\GameSpy\Comrade\Comrade.exe
    MSConfigStartUp-jswtrayutil - c:\program files\NETGEAR\WN111v2\jswtrayutil.exe
    MSConfigStartUp-Steam - c:\program files\steam\steam.exe
    AddRemove-Steam App 10180 - c:\program files\Steam\steam.exe
    AddRemove-Steam App 10190 - c:\program files\Steam\steam.exe
    AddRemove-Steam App 10500 - c:\program files\Steam\steam.exe
    AddRemove-Steam App 20540 - c:\program files\Steam\steam.exe
    AddRemove-Steam App 20570 - c:\program files\Steam\steam.exe
    AddRemove-Steam App 41500 - c:\program files\Steam\steam.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-08-26 10:40
    Windows 6.0.6002 Service Pack 2 NTFS
    .
    Recherche de processus cachés ...
    .
    Recherche d'éléments en démarrage automatique cachés ...
    .
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    CTxfiHlp = CTXFIHLP.EXE?
    .
    Recherche de fichiers cachés ...
    .
    .
    C:\## aswSnx private storage
    c:\users\luciole\AppData\Roaming\Delivery\docdatas\Dynamite_Girl : Body heat.data 101 bytes hidden from API
    .
    Scan terminé avec succès
    Fichiers cachés: 2
    .
    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
    @Denied: (2) (LocalSystem)
    "{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,
    8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12
    "{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
    27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
    "{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}"=hex:51,66,7a,6c,4c,1d,38,12,64,71,7d,
    0b,59,54,8f,05,dd,82,5e,0d,1c,af,12,dc
    "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
    1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
    "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
    94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
    "{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
    ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
    "{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
    aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
    "{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}"=hex:51,66,7a,6c,4c,1d,38,12,2d,dd,7a,
    ab,6a,33,56,03,c9,ec,8d,26,b0,f3,64,49
    "{32004B8A-44A9-43E7-84E9-808838809519}"=hex:51,66,7a,6c,4c,1d,38,12,e4,48,13,
    36,9b,0a,89,06,fb,ff,c3,c8,3d,de,d1,0d
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
    @Denied: (2) (LocalSystem)
    "Timestamp"=hex:2f,a3,4f,c5,e1,3e,cc,01
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
    @Denied: (2) (LocalSystem)
    "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,09,d0,29,d6,0f,e2,fb,48,bb,d0,f2,\
    "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,09,d0,29,d6,0f,e2,fb,48,bb,d0,f2,\
    .
    [HKEY_USERS\S-1-5-21-2405331893-417425587-1285169552-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    "??"=hex:36,a4,06,22,bc,af,5b,35,89,79,48,09,8d,a4,87,c2,16,44,f3,ef,0a,ed,07,
    84,e9,1d,4b,b4,4d,66,dd,e2,3e,79,be,d4,e7,75,42,ae,39,03,13,90,ed,f7,50,68,\
    "??"=hex:82,b7,e7,1e,96,85,a9,96,2f,f4,e6,7c,ea,c5,b0,a8
    .
    [HKEY_USERS\S-1-5-21-2405331893-417425587-1285169552-1000\Software\SecuROM\License information*]
    @Allowed: (Read) (RestrictedCode)
    "datasecu"=hex:47,a7,f0,b2,90,c9,17,7e,0a,0b,78,82,4f,90,8e,5b,73,a3,ee,7c,89,
    99,b1,14,f0,e7,ab,d2,d2,c7,a1,7f,68,f3,fa,77,4e,b5,82,7f,fb,0e,c5,3f,2c,dc,\
    "rkeysecu"=hex:9d,85,06,89,db,86,0d,97,8d,1b,91,81,ad,62,08,76
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------
    .
    - - - - - - - > 'Explorer.EXE'(3812)
    c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
    c:\program files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    c:\program files\7-Zip\7-zip.dll
    .
    Heure de fin: 2011-08-26 10:46:27
    ComboFix-quarantined-files.txt 2011-08-26 08:46
    .
    Avant-CF: 76 842 446 848 octets libres
    Après-CF: 76 774 346 752 octets libres
    .
    Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
    - - End Of File - - 049A7CDD026800C5834D15EDAAF3C44B

    merci

    26 Août 2011 21:14:31

    Bonsoir

    bizarre ça:
    Citation :
    c:\users\luciole\AppData\Roaming\Delivery\docdatas\Dynamite_Girl : Body heat.data 101 bytes hidden from API
    .


    Télécharge GMER à partir de ce lien : http://www.gmer.net/files.php – clic sur « Download EXE » et télécharge le fichier sur ton bureau.
    Voir le tutorial GMER, ça peut peut-être t’aider : http://www.malekal.com/tutorial_GMER.php

    Désactive tes logiciels de protection (antivirus, antispyware etc) et ferme tous les programmes ouverts.
    Double-clic sur le fichier GMER téléchargé.
    Une fois lancé, fais un clic droit sur le fond blanc (comme ci-dessus) et clic sur « Only Non MS files »
    Clic en bas à droite sur le bouton « Scan » pour lancer le scan.



    Lorsque le scan est terminé, clic sur « Copy »

    Ouvre le bloc-note et clic sur le Menu Edition / Coller
    Le rapport doit alors apparaître.
    Enregistre le fichier sur ton bureau et copie/colle le contenu ici.


    +++++++++++++++++++++++++++++++++++++
    27 Août 2011 11:14:33

    GMER 1.0.15.15627 - http://www.gmer.net
    Rootkit scan 2011-08-27 11:12:49
    Windows 6.0.6002 Service Pack 2
    Running: gmer.exe; Driver: C:\Users\luciole\AppData\Local\Temp\fxldypod.sys


    ---- Modules - GMER 1.0.15 ----

    Module \SystemRoot\System32\drivers\sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) 8338A000-83393000 (36864 bytes)
    Module \SystemRoot\system32\DRIVERS\iaStor.sys (Intel Rapid Storage Technology driver - x86/Intel Corporation) 83802000-83AB5000 (2830336 bytes)
    Module \SystemRoot\system32\drivers\iastorv.sys (Intel Matrix Storage Manager driver (base)/Intel Corporation) 83AB5000-83B56000 (659456 bytes)
    Module \SystemRoot\System32\Drivers\AlfaFF.sys (Windows 2000 Mini-Filter Monitor Network Edition/Alfa Corporation) 83B98000-83BA2000 (40960 bytes)
    Module \SystemRoot\System32\drivers\sfhlp02.sys (StarForce Protection Helper Driver/Protection Technology) 8C36B000-8C373000 (32768 bytes)
    Module \SystemRoot\system32\DRIVERS\atikmpag.sys (AMD multi-vendor Miniport Driver/Advanced Micro Devices, Inc.) 904D8000-90519000 (266240 bytes)
    Module \SystemRoot\system32\DRIVERS\atikmdag.sys (ATI Radeon Kernel Mode Driver/ATI Technologies Inc.) 90805000-91057000 (8724480 bytes)
    Module \SystemRoot\system32\DRIVERS\e1e6032.sys (Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver/Intel Corporation) 91190000-911CB000 (241664 bytes)
    Module \SystemRoot\system32\drivers\HCW85BDA.sys (CX23885 BDA driver/Hauppauge Computer Works) 91801000-9195E000 (1429504 bytes)
    Module \SystemRoot\system32\drivers\ctaud2k.sys (Creative WDM Audio Device Driver/Creative Technology Ltd) 90557000-905D7000 (524288 bytes)
    Module \SystemRoot\system32\drivers\ctoss2k.sys (Creative OS Services Driver (WDM)/Creative Technology Ltd.) 8C10D000-8C142000 (217088 bytes)
    Module \SystemRoot\system32\drivers\ctprxy2k.sys (Creative Proxy Device Driver (WDM)/Creative Technology Ltd) 919DD000-919E5000 (32768 bytes)
    Module \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc.) 919F5000-919FB000 (24576 bytes)
    Module \SystemRoot\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) 8C3F6000-8C400000 (40960 bytes)
    Module \SystemRoot\system32\drivers\ha20x2k.sys (Creative 20X HAL (WDM)/Creative Technology Ltd) 96203000-96326000 (1191936 bytes)
    Module \SystemRoot\system32\drivers\emupia2k.sys (E-mu Plug-in Architecture Driver (WDM)/Creative Technology Ltd) 96326000-96356000 (196608 bytes)
    Module \SystemRoot\system32\drivers\ctsfm2k.sys (SoundFont(R) Manager (WDM)/Creative Technology Ltd) 96356000-9637F000 (167936 bytes)
    Module \SystemRoot\system32\drivers\ctac32k.sys (Creative AC3 SW Decoder Device Driver (WDM)/Creative Technology Ltd) 9640F000-964AB000 (638976 bytes)
    Module \SystemRoot\System32\drivers\CTHWIUT.SYS (Creative Utility Effects/Creative Technology Ltd.) 964BC000-964D1000 (86016 bytes)
    Module \SystemRoot\System32\drivers\CT20XUT.SYS (Creative 20X Utility Effects/Creative Technology Ltd.) 964D1000-964FD000 (180224 bytes)
    Module \SystemRoot\System32\drivers\CTEXFIFX.SYS (Creative XFi Effects/Creative Technology Ltd.) 96808000-9694F000 (1339392 bytes)
    Module \SystemRoot\system32\drivers\AtihdLH3.sys (AMD High Definition Audio Function Driver/Advanced Micro Devices) 9694F000-96967000 (98304 bytes)
    Module \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) 96967000-969D7000 (458752 bytes)
    Module \SystemRoot\system32\drivers\rdpencdd.sys (RDP Miniport/Microsoft Corporation) 969EE000-969F6000 (32768 bytes)
    Module \SystemRoot\System32\Drivers\aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) 96562000-9656B000 (36864 bytes)
    Module \SystemRoot\system32\drivers\bckd.sys (K9 Web Protection Driver/Blue Coat Systems, Inc.) 9657F000-96593000 (81920 bytes)
    Module \SystemRoot\System32\Drivers\aswRdr.SYS (avast! TDI RDR Driver/AVAST Software) 965C5000-965CA000 (20480 bytes)
    Module \SystemRoot\system32\DRIVERS\rtlprot.sys (Realtek Utility I/O Driver/Windows (R) Codename Longhorn DDK provider) 965E9000-965F3000 (40960 bytes)
    Module \SystemRoot\system32\DRIVERS\jswpslwf.sys (Atheros Security NDIS 6.0 Filter Driver/Atheros Communications, Inc.) 965F3000-965F8000 (20480 bytes)
    Module \??\C:\Program_Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) 963DA000-963FC000 (139264 bytes)
    Module \??\C:\Program_Files\SUPERAntiSpyware\SASDIFSV.SYS (SASDIFSV.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) 965F8000-965FE000 (24576 bytes)
    Module \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) 9740A000-97454000 (303104 bytes)
    Module \SystemRoot\system32\DRIVERS\WN111v2v.sys (Atheros Extensible Wireless LAN device driver/Atheros Communications, Inc.) 97454000-974EF000 (634880 bytes)
    Module \SystemRoot\System32\Drivers\LUsbFilt.Sys (Logitech USB Filter Driver./Logitech, Inc.) 975A9000-975AF000 (24576 bytes)
    Module \SystemRoot\system32\DRIVERS\LHidFilt.Sys (Logitech HID Filter Driver./Logitech, Inc.) 975B7000-975BE000 (28672 bytes)
    Module \SystemRoot\system32\DRIVERS\LMouFilt.Sys (Logitech Mouse Filter Driver./Logitech, Inc.) 975BE000-975C6000 (32768 bytes)
    Module \SystemRoot\System32\TSDDD.dll (Framebuffer Display Driver/Microsoft Corporation) 9B890000-9B899000 (36864 bytes)
    Module \??\C:\Windows\system32\drivers\aswMonFlt.sys (avast! File System Minifilter for Windows 2003/Vista/AVAST Software) 833C8000-83400000 (229376 bytes)
    Module \SystemRoot\System32\Drivers\aswFsBlk.SYS (avast! File System Access Blocking Driver/AVAST Software) 97545000-97548000 (12288 bytes)
    Module \??\C:\Program_Files\CheckPoint\ZAForceField\ISWKL.sys (ZoneAlarm Browser Security/Check Point Software Technologies) A833F000-A8347000 (32768 bytes)
    Module \??\C:\Windows\system32\drivers\cpuz135_x32.sys (CPUID Driver/CPUID) AB311000-AB31A000 (36864 bytes)
    Module \SystemRoot\System32\Drivers\secdrv.SYS (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) 975EC000-975F6000 (40960 bytes)
    Module \SystemRoot\system32\Drivers\LVPr2Mon.sys ABE3D000-ABE42000 (20480 bytes)
    Module \??\C:\Users\luciole\AppData\Local\Temp\fxldypod.sys (GMER) ABE48000-ABE61000 (102400 bytes)

    ---- Processes - GMER 1.0.15 ----

    Process C:\Windows\System32\Ctxfihlp.exe (CTXfiHlp MFC Application/Creative Technology Ltd) 600
    Library C:\Windows\System32\Ctxfihlp.exe (CTXfiHlp MFC Application/Creative Technology Ltd) 0x01000000
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000
    Library C:\Windows\system32\cttele32.dll (Creative Common PS Module/Creative Technology Ltd) 0x10000000
    Library C:\Windows\System32\ctxfispk.dll (Ctxfispk.dll/Creative Technology Ltd) 0x00CC0000
    Library C:\Windows\System32\ctxfibtn.dll (CTXFIBTN DLL/Creative Technology Ltd) 0x00DA0000

    Process C:\Windows\system32\csrss.exe (Processus d'exécuttion client-serveur/Microsoft Corporation) 608
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000

    Process C:\Windows\system32\wininit.exe (Application de démarrage de Windows/Microsoft Corporation) 680
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75520000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000

    Process C:\Windows\system32\csrss.exe (Processus d'exécuttion client-serveur/Microsoft Corporation) 692
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000

    Process C:\Windows\system32\services.exe (Applications Services et Contrôleur/Microsoft Corporation) 728
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75520000
    Library C:\Program Files\Parental Filter 2\hooklib.dll 0x10000000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000

    Process C:\Windows\system32\lsass.exe (Processus de l’autorité de sécurité locale/Microsoft Corporation) 740
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75520000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000

    Process C:\Windows\system32\lsm.exe (Service du gestionnaire de session locale/Microsoft Corporation) 748
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75520000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000

    Process C:\Windows\SYSTEM32\CTXFISPI.EXE (SPI (Creative X-Fi Module)/Creative Technology Ltd) 812
    Library C:\Windows\SYSTEM32\CTXFISPI.EXE (SPI (Creative X-Fi Module)/Creative Technology Ltd) 0x01000000
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\SYSTEM32\ctosuser.dll (Creative OS Services Module/Creative Technology Ltd) 0x02000000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000
    Library C:\Windows\system32\cttele32.dll (Creative Common PS Module/Creative Technology Ltd) 0x10000000
    Library C:\Windows\SYSTEM32\CTDPROXY.DLL (Creative Audio Driver Proxy/Creative Technology Ltd) 0x00BB0000
    Library C:\Windows\SYSTEM32\PIAPROXY.DLL (E-mu Plug-in Architecture Device Driver Proxy/Creative Technology Ltd) 0x00F20000
    Library C:\Windows\SYSTEM32\APOMngr.DLL 0x67160000

    Process C:\Windows\system32\winlogon.exe (Application d'ouverture de session Windows/Microsoft Corporation) 864
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000

    Process C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 924
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75520000
    Library C:\Windows\System32\npmproxy.dll (Network List Manager Proxy/Microsoft Corporation) 0x6F0A0000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000
    Library C:\Program Files\Parental Filter 2\hooklib.dll 0x10000000

    Process C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 944
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75520000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000

    Process C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 1020
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75520000
    Library C:\Program Files\Parental Filter 2\hooklib.dll 0x10000000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000

    Process C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 1096
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Windows\System32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75520000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000

    Process C:\Windows\system32\atiesrxx.exe (AMD External Events Service Module/AMD) 1124
    Library C:\Windows\system32\atiesrxx.exe (AMD External Events Service Module/AMD) 0x00400000
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000

    Process C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 1156
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Windows\System32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75520000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000
    Library C:\Windows\system32\CTMLFX32.dll (CTMLFXxx.dll/Creative Technology Ltd) 0x73560000
    Library C:\Windows\system32\UDAAPO32.dll (Creative Audio Processing Object Module/Creative Technology Ltd.) 0x73680000

    Process C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 1192
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library c:\windows\system32\tabsvc.dll (Service Microsoft Panneau de saisie Tablet PC/Microsoft Corporation) 0x73510000
    Library c:\windows\system32\l2gpstore.dll (Policy Storage dll/Microsoft Corporation) 0x73460000
    Library C:\Windows\System32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75520000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000
    Library C:\Windows\System32\ACTIVEDS.dll (DLL de la couche de routage AD/Microsoft Corporation) 0x72130000
    Library C:\Program Files\Parental Filter 2\hooklib.dll 0x10000000

    Process C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 1204
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75520000
    Library C:\Program Files\Parental Filter 2\hooklib.dll 0x10000000
    Library C:\Windows\system32\ACTIVEDS.dll (DLL de la couche de routage AD/Microsoft Corporation) 0x72130000
    Library C:\Windows\system32\vsstrace.dll (DLL de suivi du demandeur/rédacteur de cliché instantané de volumes (VSS) Microsoft®/Microsoft Corporation) 0x70BF0000
    Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x74F10000
    Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x72660000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000
    Library C:\Windows\system32\wbem\ncprov.dll (Non-COM WMI Event Provision APIs/Microsoft Corporation) 0x744F0000
    Library C:\Windows\system32\bitsprx2.dll (Background Intelligent Transfer Service Proxy/Microsoft Corporation) 0x74670000

    Process C:\Program Files\Dell Support Center\bin\sprtcmd.exe (Dell Support Center Updates/SupportSoft, Inc.) 1256
    Library C:\Program Files\Dell Support Center\bin\sprtcmd.exe (Dell Support Center Updates/SupportSoft, Inc.) 0x00400000
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000
    Library C:\Program Files\Dell Support Center\bin\sprtmessage.dll (sprtmessage Dynamic Link Library/SupportSoft, Inc.) 0x10000000
    Library C:\Program Files\Dell Support Center\bin\sprtsched.dll (sprtsched/SupportSoft, Inc.) 0x62D20000
    Library C:\Program Files\Dell Support Center\bin\sprtevent.dll (SupportSoft, Inc.) 0x62BE0000
    Library C:\Program Files\Dell Support Center\bin\sprtfod.dll (sprtfod/SupportSoft, Inc.) 0x627C0000
    Library C:\Program Files\Dell Support Center\bin\LIBEAY32.dll (SSL Module/SupportSoft, Inc.) 0x61F30000
    Library C:\Program Files\Dell Support Center\bin\sprtsync.dll (sprtsync/SupportSoft, Inc.) 0x65700000
    Library C:\Program Files\Dell Support Center\bin\sprtui.dll (sprtui/SupportSoft, Inc.) 0x654B0000
    Library C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.SupportMessage.dll ( /SupportSoft, Inc.) 0x11000000
    Library C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.dll ( /SupportSoft, Inc.) 0x01D90000
    Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x72660000
    Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75520000
    Library C:\Windows\system32\bitsprx2.dll (Background Intelligent Transfer Service Proxy/Microsoft Corporation) 0x74670000
    Library C:\Program Files\AVAST Software\Avast\AhAScr.dll (avast! Script Blocking library for Windows Scripting Interface/AVAST Software) 0x65480000
    Library C:\PROGRA~1\AVASTS~1\Avast\aswCmnBS.dll (Common functions/AVAST Software) 0x730F0000
    Library C:\PROGRA~1\AVASTS~1\Avast\aswCmnOS.dll (Antivirus HW dependent library/AVAST Software) 0x730D0000
    Library C:\PROGRA~1\AVASTS~1\Avast\aswCmnIS.dll (Antivirus independent functions/AVAST Software) 0x730A0000
    Library C:\PROGRA~1\AVASTS~1\Avast\Aavm4h.dll (avast! Asynchronous Virus Monitor (AAVM)/AVAST Software) 0x65000000
    Library C:\PROGRA~1\AVASTS~1\Avast\AavmRpch.dll (avast! AAVM Remote Procedure Call Library/AVAST Software) 0x65400000
    Library C:\PROGRA~1\AVASTS~1\Avast\ashBase.dll (Basic Functionality Module/AVAST Software) 0x64500000
    Library C:\PROGRA~1\AVASTS~1\Avast\aswEngLdr.dll (Antivirus engine loader/AVAST Software) 0x64BC0000
    Library C:\PROGRA~1\AVASTS~1\Avast\ashTask.dll (Task Handling Module/AVAST Software) 0x64800000
    Library C:\PROGRA~1\AVASTS~1\Avast\aswAux.dll (avast! Auxiliary Library/AVAST Software) 0x64580000
    Library C:\PROGRA~1\AVASTS~1\Avast\aswProperty.dll (avast! Property Storage library/AVAST Software) 0x64740000
    Library C:\Program Files\Parental Filter 2\hooklib.dll 0x04940000
    Library C:\Program Files\Common Files\supportsoft\bin\tgctlsi.dll (tgctlsi Module/SupportSoft, Inc.) 0x66C50000

    Process C:\Windows\system32\AUDIODG.EXE (Isolation graphique de périphérique audio Windows /Microsoft Corporation) 1344
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Windows\system32\UDAAPO32.dll (Creative Audio Processing Object Module/Creative Technology Ltd.) 0x73680000
    Library C:\Windows\system32\CTMLFX32.dll (CTMLFXxx.dll/Creative Technology Ltd) 0x73560000

    Process C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Audio Service/Creative Technology Ltd) 1384
    Library C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Audio Service/Creative Technology Ltd) 0x00400000
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000

    Process C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 1400
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000

    Process C:\Windows\system32\SLsvc.exe (Service de gestion des licences Microsoft/Microsoft Corporation) 1432
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000

    Process C:\Windows\system32\rundll32.exe (Processus hôte Windows (Rundll32)/Microsoft Corporation) 1452
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x65B10000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000
    Library C:\Users\luciole\AppData\Local\Google\Chrome\APPLIC~1\130782~1.215\gcswf32.dll 0x5E870000

    Process C:\Windows\System32\wpcumi.exe (Notifications du contrôle parental Windows/Microsoft Corporation) 1488
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000

    Process C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 1512
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75520000
    Library c:\windows\system32\webclnt.dll (Fichier DLL du service DAV pour le Web/Microsoft Corporation) 0x72580000
    Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x72660000
    Library C:\Windows\System32\npmproxy.dll (Network List Manager Proxy/Microsoft Corporation) 0x6F0A0000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000
    Library c:\windows\system32\upnphost.dll (Hôte de périphérique UPnP/Microsoft Corporation) 0x67820000

    Process C:\Windows\system32\atieclxx.exe (AMD External Events Client Module/AMD) 1588
    Library C:\Windows\system32\atieclxx.exe (AMD External Events Client Module/AMD) 0x00400000
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Windows\system32\atiadlxx.dll (ADL/Advanced Micro Devices, Inc.) 0x10000000

    Process C:\Users\luciole\AppData\Local\Google\Chrome\Application\chrome.exe (Google Chrome/Google Inc.) 1616
    Library C:\Users\luciole\AppData\Local\Google\Chrome\Application\chrome.exe (Google Chrome/Google Inc.) 0x00A40000
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000
    Library C:\Users\luciole\AppData\Local\Google\Chrome\Application\13.0.782.215\chrome.dll (Google Chrome/Google Inc.) 0x59E10000
    Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x74F10000
    Library C:\Users\luciole\AppData\Local\Google\Chrome\Application\13.0.782.215\icudt.dll (ICU Data DLL/The ICU Project) 0x59560000
    Library C:\Users\luciole\AppData\Local\Google\Chrome\Application\13.0.782.215\pdf.dll 0x5C150000
    Library C:\Users\luciole\AppData\Local\Google\Chrome\Application\13.0.782.215\ppGoogleNaClPluginChrome.dll 0x5F240000
    Library C:\Users\luciole\AppData\Local\Google\Chrome\Application\13.0.782.215\avcodec-52.dll 0x5DEE0000
    Library C:\Users\luciole\AppData\Local\Google\Chrome\Application\13.0.782.215\avutil-50.dll 0x74210000
    Library C:\Users\luciole\AppData\Local\Google\Chrome\Application\13.0.782.215\avformat-52.dll 0x73BF0000

    Process C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech Bluetooth Service/Logitech, Inc.) 1636
    Library C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech Bluetooth Service/Logitech, Inc.) 0x00400000
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000

    Process C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 1752
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library c:\windows\system32\vsstrace.dll (DLL de suivi du demandeur/rédacteur de cliché instantané de volumes (VSS) Microsoft®/Microsoft Corporation) 0x70BF0000
    Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75520000
    Library c:\windows\system32\ACTIVEDS.dll (DLL de la couche de routage AD/Microsoft Corporation) 0x72130000
    Library C:\Windows\system32\ndptsp.tsp (Fournisseur de service TAPI proxy NDIS/Microsoft Corporation) 0x6DB70000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000
    Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x72660000

    Process C:\Windows\System32\spoolsv.exe (Application sous-système spouleur/Microsoft Corporation) 1768
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Windows\System32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75520000
    Library C:\Program Files\Parental Filter 2\hooklib.dll 0x10000000
    Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x72660000
    Library C:\Windows\System32\usbmon.dll (DLL du moniteur de port d’impression dynamique standard/Microsoft Corporation) 0x6BB80000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000

    Process C:\Windows\system32\WUDFHost.exe (Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur/Microsoft Corporation) 1884
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000

    Process C:\Program Files\AVAST Software\Avast\AvastSvc.exe (avast! Service/AVAST Software) 1928
    Library C:\Program Files\AVAST Software\Avast\AvastSvc.exe (avast! Service/AVAST Software) 0x00400000
    Library C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (Common functions/AVAST Software) 0x730F0000
    Library C:\Program Files\AVAST Software\Avast\aswCmnOS.dll (Antivirus HW dependent library/AVAST Software) 0x730D0000
    Library C:\Program Files\AVAST Software\Avast\aswCmnIS.dll (Antivirus independent functions/AVAST Software) 0x730A0000
    Library C:\Program Files\AVAST Software\Avast\ashBase.dll (Basic Functionality Module/AVAST Software) 0x64500000
    Library C:\Program Files\AVAST Software\Avast\aswEngLdr.dll (Antivirus engine loader/AVAST Software) 0x64BC0000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Program Files\AVAST Software\Avast\1036\Base.dll (avast! French Basic Module/AVAST Software) 0x66080000
    Library C:\Program Files\AVAST Software\Avast\ashServ.dll (avast! antivirus service/AVAST Software) 0x65080000
    Library C:\Program Files\AVAST Software\Avast\aswAux.dll (avast! Auxiliary Library/AVAST Software) 0x64580000
    Library C:\Program Files\AVAST Software\Avast\ashTask.dll (Task Handling Module/AVAST Software) 0x64800000
    Library C:\Program Files\AVAST Software\Avast\ashTaskEx.dll (avast! TaskEx library/AVAST Software) 0x72D00000
    Library C:\Program Files\AVAST Software\Avast\aswLog.dll (avast! Log library/AVAST Software) 0x64700000
    Library C:\Program Files\AVAST Software\Avast\aswSqLt.dll (avast! SQLite library/AVAST Software) 0x64840000
    Library C:\Program Files\AVAST Software\Avast\aswProperty.dll (avast! Property Storage library/AVAST Software) 0x64740000
    Library C:\Program Files\AVAST Software\Avast\Aavm4h.dll (avast! Asynchronous Virus Monitor (AAVM)/AVAST Software) 0x65000000
    Library C:\Program Files\AVAST Software\Avast\AavmRpch.dll (avast! AAVM Remote Procedure Call Library/AVAST Software) 0x65400000
    Library C:\Program Files\AVAST Software\Avast\aswIdle.dll (avast! Idle Hook Library/AVAST Software) 0x64A00000
    Library C:\Program Files\AVAST Software\Avast\aswDld.dll (aswDld Dynamic Link Library/AVAST Software) 0x646C0000
    Library C:\Windows\system32\FltLib.dll (Bibliothèque de filtres/Microsoft Corporation) 0x72AC0000
    Library C:\Program Files\AVAST Software\Avast\AhResBhv.dll (avast! Behavior Shield AAVM Provider Library/AVAST Software) 0x65920000
    Library C:\Program Files\AVAST Software\Avast\AhResJs.dll (avast! Script Blocking AAVM Provider Library/AVAST Software) 0x65860000
    Library C:\Program Files\AVAST Software\Avast\AhResMai.dll (avast! e-Mail Scanner AAVM Provider Library/AVAST Software) 0x65840000
    Library C:\Program Files\AVAST Software\Avast\AhResMes.dll (avast! Messenger scanner AAVM Provider Library/AVAST Software) 0x65880000
    Library C:\Program Files\AVAST Software\Avast\AhResNS.dll (avast! Network Shield AAVM Provider Library/AVAST Software) 0x658C0000
    Library C:\Program Files\AVAST Software\Avast\AhResP2P.dll (avast! P2P Shield AAVM Provider Library/AVAST Software) 0x658A0000
    Library C:\Program Files\AVAST Software\Avast\AhResStd.dll (avast! Standard Shield AAVM Provider Library/AVAST Software) 0x65800000
    Library C:\Program Files\AVAST Software\Avast\AhResWS.dll (avast! HTTP Scanner AAVM Provider Library/AVAST Software) 0x658E0000
    Library C:\Program Files\AVAST Software\Avast\ashMaiSv.dll (avast! e-Mail Scanner Service/AVAST Software) 0x65200000
    Library C:\Program Files\AVAST Software\Avast\ashWebSv.dll (avast! Web Scanner/AVAST Software) 0x65100000
    Library C:\Program Files\Parental Filter 2\hooklib.dll 0x10000000
    Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x72660000
    Library C:\Program Files\AVAST Software\Avast\ashWsFtr.dll (avast! Web Shield Filter Module/AVAST Software) 0x68300000
    Library C:\Program Files\AVAST Software\Avast\defs\11082601\aswEngin.dll (High level antivirus engine/AVAST Software) 0x5DA50000
    Library C:\Program Files\AVAST Software\Avast\defs\11082601\aswCmnOS.dll (Antivirus HW dependent library/AVAST Software) 0x66F70000
    Library C:\Program Files\AVAST Software\Avast\defs\11082601\aswCmnIS.dll (Antivirus independent functions/AVAST Software) 0x61D70000
    Library C:\Program Files\AVAST Software\Avast\defs\11082601\aswCmnBS.dll (Common functions/AVAST Software) 0x5E7C0000
    Library C:\Program Files\AVAST Software\Avast\defs\11082601\aswScan.dll (Low level antivirus engine/AVAST Software) 0x66E10000
    Library C:\Program Files\AVAST Software\Avast\defs\11082601\aswRep.dll 0x5EEA0000
    Library C:\Program Files\AVAST Software\Avast\defs\11082601\algo.dll 0x5C560000
    Library C:\Program Files\AVAST Software\Avast\defs\11082601\arPot.dll (ArPot usermode dll component/AVAST Software) 0x6EFF0000

    Process C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (ZoneAlarm Browser Security/Check Point Software Technologies) 1944
    Library C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (ZoneAlarm Browser Security/Check Point Software Technologies) 0x00400000
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Program Files\CheckPoint\ZAForceField\ISWUL.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x206D0000
    Library C:\Program Files\CheckPoint\ZAForceField\ISWRCS.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x203A0000
    Library C:\Program Files\CheckPoint\ZAForceField\ISWUILIB.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x205F0000
    Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x74F10000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWDMP.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x209B0000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWMENUS.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20B90000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSTATS.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20DE0000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWFWMON.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20AE0000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWUPD.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20E40000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000

    Process C:\Windows\system32\taskeng.exe (Moteur du Planificateur de tâches/Microsoft Corporation) 2016
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000

    Process C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (MobileDeviceService/Apple Inc.) 2244
    Library C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (MobileDeviceService/Apple Inc.) 0x010C0000
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll (Apple System Log/Apple, Inc.) 0x72050000
    Library C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll (Apple Mobile Device Service/Apple Inc.) 0x71FF0000
    Library C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll (CoreFoundation/Apple Inc.) 0x71F20000
    Library C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll (POSIX Threads for Windows32 Library/Open Source Software community project) 0x72090000
    Library C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll (Objective-C Runtime Library/Apple Inc.) 0x72030000
    Library C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll (Dispatch Runtime Library/Apple Inc.) 0x72020000
    Library C:\Program Files\Common Files\Apple\Apple Application Support\icuin40.dll (IBM ICU I18N DLL/IBM Corporation and others) 0x71E20000
    Library C:\Program Files\Common Files\Apple\Apple Application Support\icuuc40.dll (IBM ICU Common DLL/IBM Corporation and others) 0x71D30000
    Library C:\Program Files\Common Files\Apple\Apple Application Support\icudt40.dll (ICU Data DLL/IBM Corporation and others) 0x70FD0000
    Library C:\Program Files\Parental Filter 2\hooklib.dll 0x10000000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000

    Process C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe (K9 Web Protection Filter/Blue Coat Systems, Inc.) 2304
    Library C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe (K9 Web Protection Filter/Blue Coat Systems, Inc.) 0x00FF0000
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Program Files\Parental Filter 2\hooklib.dll 0x10000000
    Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x72660000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000

    Process C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe ( LVPrcSrv Module./Logitech Inc.) 2356
    Library C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe ( LVPrcSrv Module./Logitech Inc.) 0x00400000
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000
    Library C:\Windows\system32\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.) 0x00380000

    Process C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 2484
    Library C:\Program Files\AVAST Software\Avast\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Program Files\Parental Filter 2\hooklib.dll 0x10000000
    Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75520000
    Library C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) 0x20C70000

    Process C:\Program Files\Parental Filter 2\ServiceEpcp2.exe (Service Parental Filter 2/Editions Profil) 2508
    Library C:\Program Files\Parental Filter 2\ServiceEpcp2.exe (Service Parental Filter 2/Editions Profil) 0x013B0000
    Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
    Library C:\Program Files\Parental Filter 2\LocalUtils.dll 0x70AB0000
    Library C:\Program Files\Parental Filter 2\Profil.Logs.dll 0x70AA0000
    Library C:\Program Files\Parental Filter 2\CommonCollection.dll 0x70A80000
    Library C:\Program Files\Parental Filter 2\ServiceFilterHostLib.dll 0x708C0000
    Library C:\Program Files\Parental Filter 2\Profil.NoyauSecurite.dll 0x701C0000
    Library C:\
    27 Août 2011 11:16:44

    voilà.
    par contre le fichier que du a quoté c'est un fichier que j'avais supprimé. mais dont certaines parti sont resté apparement. (et que je ne peux pas supprimé)
    27 Août 2011 14:50:36

    re
    le rapport gmer est incomplet, utilise ceci pour me le poster:
    http://www.sendspace.com/

    Citation :
    c:\users\luciole\AppData\Roaming\Delivery\docdatas\Dynamite_Girl : Body heat.data 101 bytes hidden from API

    Citation :
    par contre le fichier que du a quoté c'est un fichier que j'avais supprimé. mais dont certaines parti sont resté apparement. (et que je ne peux pas supprimé)


    tu as essayé de supprimer le dossier docdatas?
    Je peux le supprimer où il y a d'autres trucs dedans?
    de toute façon, google ne me donne rien sur cette succession de dossiers:
    http://www.google.fr/search?q=Roaming\Delivery\docdatas&hl=fr&prmd=ivns&ei=7edYTpucFaT04QT80ICtBQ&start=0&sa=N

    27 Août 2011 15:51:13

    voilà

    http://www.sendspace.com/file/t8qgly

    oui j'ai essayé de le supprimer. (windows me dit que la destination est introuvable) , d'autre fichier me font le meme coup (comme windows.old)
    il n'y a rien dedans donc oui ça peut etre supprimé.
    cordialement,
    27 Août 2011 22:12:28

    re

    Copie (Ctrl+C) le texte ci-dessous :
    Folder::
    c:\users\luciole\AppData\Roaming\Delivery\docdatas



    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte que tu viens de copier.
    Sauvegarde ce fichier sous le nom de CFScript.txt

    Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture


  • Combofix se lance, laisse toi guider..

  • Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
    Ne touche à rien tant que le scan n'est pas terminé.
  • Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis

  • Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer

    ++++++++++++++++++****************
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS