Se connecter / S'enregistrer
Votre question

J'envoie des mails publicitaires a mes proches ! comment arreter ça !!

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
29 Décembre 2007 12:35:28

Bonjour,

Je vous ecris car je suis confronté a un gros probleme de spam je pense. Depuis quelque mois mes proches recoivent de ma part ( de ma propre adresse mail) des mails publicitaires a frequence de 2 a 3 par semaine ! Hors ce n'est pas moi qui les envoie je pense que c'est un virus ou un logiciel malveillant !!!

Pouvez ous me dire si vous avez deja rencontré ce rpobleme et ou comment s'en debarrasser une bonnefois pour toute svp !

Etant vos reponses car je suis a bout !

Merci

Autres pages sur : envoie mails publicitaires proches arreter

29 Décembre 2007 20:22:22

Voici le rapport d'Hijackthis comme tu me l'as demandé:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:23:59, on 29/12/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Documents and Settings\Alex\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F3 - REG:win.ini: load=C:\WINDOWS\System32\mllmk.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [e072610c] rundll32.exe "C:\WINDOWS\System32\waobglch.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger les tous avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{83AAB61E-ED3D-426F-AF5F-CD046D755757}: NameServer = 212.27.54.252,212.27.53.252
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

--
End of file - 5134 bytes
a b 8 Sécurité
30 Décembre 2007 20:12:16

Bonjour,

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
  • Double-clique VundoFix.exe afin de le lancer
  • Clique sur le bouton Scan for Vundo
  • Lorsque le scan est complété, clique sur le bouton Remove Vundo
  • Une invite te demandera si tu veux supprimer les fichiers, clique YES
  • Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
  • Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
  • Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse
    Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
    30 Décembre 2007 22:22:14

    Rapport de VUndo :


    VundoFix V6.5.10

    Checking Java version...

    Scan started at 12:15:55 23/10/2007

    Listing files found while scanning....

    C:\windows\system32\hspaiwoj.dll
    C:\windows\system32\jowiapsh.ini
    C:\WINDOWS\System32\kqhuhfca.dll
    C:\windows\system32\lnvcajsm.dll
    C:\windows\system32\msjacvnl.ini
    C:\WINDOWS\System32\usxgvjyw.dll

    Beginning removal...

    Attempting to delete C:\windows\system32\hspaiwoj.dll
    C:\windows\system32\hspaiwoj.dll Has been deleted!

    Attempting to delete C:\windows\system32\jowiapsh.ini
    C:\windows\system32\jowiapsh.ini Has been deleted!

    Attempting to delete C:\WINDOWS\System32\kqhuhfca.dll
    C:\WINDOWS\System32\kqhuhfca.dll Has been deleted!

    Attempting to delete C:\windows\system32\lnvcajsm.dll
    C:\windows\system32\lnvcajsm.dll Has been deleted!

    Attempting to delete C:\windows\system32\msjacvnl.ini
    C:\windows\system32\msjacvnl.ini Has been deleted!

    Attempting to delete C:\WINDOWS\System32\usxgvjyw.dll
    C:\WINDOWS\System32\usxgvjyw.dll Has been deleted!

    Performing Repairs to the registry.
    Done!

    VundoFix V6.7.7

    Checking Java version...

    Scan started at 21:09:22 30/12/2007

    Listing files found while scanning....

    C:\WINDOWS\system32\gyxtwmcx.dll
    C:\WINDOWS\system32\kmllm.ini
    C:\WINDOWS\system32\kmllm.ini2
    C:\WINDOWS\system32\mllmk.dll
    C:\WINDOWS\system32\mllmk.exe
    C:\WINDOWS\system32\waobglch.dll

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\gyxtwmcx.dll
    C:\WINDOWS\system32\gyxtwmcx.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\kmllm.ini
    C:\WINDOWS\system32\kmllm.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\kmllm.ini2
    C:\WINDOWS\system32\kmllm.ini2 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\mllmk.dll
    C:\WINDOWS\system32\mllmk.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\mllmk.exe
    C:\WINDOWS\system32\mllmk.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\waobglch.dll
    C:\WINDOWS\system32\waobglch.dll Has been deleted!

    Performing Repairs to the registry.
    Done!




    Rapport de Hisjackthis :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:23:09, on 30/12/2007
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray .exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Documents and Settings\Alex\Bureau\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    F3 - REG:win.ini: load=C:\WINDOWS\System32\mllmk.exe
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: (no name) - {AB9D98F7-8F43-4661-BA94-5A8B8B4F4E57} - C:\WINDOWS\System32\mllmk.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
    O2 - BHO: {32905043-5cb4-d58b-9d04-5ca6bcbfadcf} - {fcdafbcb-6ac5-40d9-b85d-4bc534050923} - C:\WINDOWS\System32\gyxtwmcx.dll (file missing)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [e072610c] rundll32.exe "C:\WINDOWS\System32\waobglch.dll",b
    O4 - HKLM\..\Run: [SBCSTray] C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Télécharger les tous avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{83AAB61E-ED3D-426F-AF5F-CD046D755757}: NameServer = 212.27.54.252,212.27.53.252
    O20 - Winlogon Notify: desmon - C:\WINDOWS\
    O20 - Winlogon Notify: dx7til - dx7til.dll (file missing)
    O20 - Winlogon Notify: efccbba - C:\WINDOWS\
    O20 - Winlogon Notify: khfffgf - khfffgf.dll (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

    --
    End of file - 6654 bytes
    a b 8 Sécurité
    31 Décembre 2007 12:04:56

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]

  • Télécharge Combofix.exe ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique combofix.exe.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt
    31 Décembre 2007 12:34:46

    Re


    Voici le rapport demandé :


    ComboFix 07-12-31.4 - Alex 2007-12-31 12:22:10.2 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.0.1252.1.1036.18.216 [GMT 1:00]
    Running from: C:\Documents and Settings\Alex\Bureau\ComboFix.exe
    * Created a new restore point
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\QuickTime\QTTask .exe
    C:\Program Files\QuickTime\QTTask .exe
    C:\Program Files\QuickTime\QTTask .exe
    C:\Program Files\QuickTime\QTTask .exe
    C:\Program Files\QuickTime\QTTask .exe
    C:\Program Files\QuickTime\QTTask .exe
    C:\Program Files\QuickTime\QTTask .exe
    C:\Program Files\QuickTime\QTTask .exe
    C:\Program Files\QuickTime\QTTask .exe
    C:\Program Files\QuickTime\QTTask .exe
    C:\Program Files\QuickTime\QTTask .exe
    C:\Program Files\QuickTime\QTTask .exe
    C:\Program Files\QuickTime\QTTask .exe
    C:\Program Files\QuickTime\QTTask .exe
    C:\Program Files\QuickTime\QTTask .exe
    C:\Program Files\QuickTime\QTTask .exe
    C:\Program Files\QuickTime\QTTask .exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe
    C:\WINDOWS\system32\arvatonf.ini
    C:\WINDOWS\system32\assvguct.ini
    C:\WINDOWS\system32\bfecjtdv.ini
    C:\WINDOWS\system32\bfpiyfms.ini
    C:\WINDOWS\system32\bnivicad.ini
    C:\WINDOWS\system32\bodcmbss.ini
    C:\WINDOWS\system32\boicsakf.ini
    C:\WINDOWS\system32\cffaoehd.ini
    C:\WINDOWS\system32\cibgxbir.ini
    C:\WINDOWS\system32\cjmoeqhl.ini
    C:\WINDOWS\system32\csllauee.ini
    C:\WINDOWS\system32\ctccqytb.ini
    C:\WINDOWS\system32\ctfmon.exe.tmp
    C:\WINDOWS\system32\ctgggkdm.ini
    C:\WINDOWS\system32\cvafhevg.ini
    C:\WINDOWS\system32\cykwmxup.ini
    C:\WINDOWS\system32\dvfjxplv.ini
    C:\WINDOWS\system32\egymautc.ini
    C:\WINDOWS\system32\eiqkhmsd.ini
    C:\WINDOWS\system32\fblfject.ini
    C:\WINDOWS\system32\fgpsjpjt.ini
    C:\WINDOWS\system32\frdmstws.ini
    C:\WINDOWS\system32\gdfjjpie.ini
    C:\WINDOWS\system32\gkkmyblf.ini
    C:\WINDOWS\system32\glsbwixp.ini
    C:\WINDOWS\system32\gxsjatln.ini
    C:\WINDOWS\system32\gxtxlqct.ini
    C:\WINDOWS\system32\hmuoglxk.ini
    C:\WINDOWS\system32\holwwpfh.ini
    C:\WINDOWS\system32\hpnkgeii.ini
    C:\WINDOWS\system32\hrtsdepa.ini
    C:\WINDOWS\system32\httefifv.ini
    C:\WINDOWS\system32\hyxhixeo.ini
    C:\WINDOWS\system32\ifquifvj.ini
    C:\WINDOWS\system32\ijynexer.ini
    C:\WINDOWS\system32\ilksiwlw.ini
    C:\WINDOWS\system32\isgahkrf.ini
    C:\WINDOWS\system32\jfsntedn.ini
    C:\WINDOWS\system32\jjxmrapd.ini
    C:\WINDOWS\system32\jkpwhjcd.ini
    C:\WINDOWS\system32\jpguhype.ini
    C:\WINDOWS\system32\kadlaxgs.ini
    C:\WINDOWS\system32\kedpgsfx.ini
    C:\WINDOWS\system32\kfgcceeu.ini
    C:\WINDOWS\system32\kmllm.ini
    C:\WINDOWS\system32\kmllm.ini2
    C:\WINDOWS\system32\kwosiykf.ini
    C:\WINDOWS\system32\kxxahidu.ini
    C:\WINDOWS\system32\lbqwnjwn.ini
    C:\WINDOWS\system32\lwhutpcq.ini
    C:\WINDOWS\system32\lycyxbxh.ini
    C:\WINDOWS\system32\mcrh.tmp
    C:\WINDOWS\system32\mkrxmmaa.ini
    C:\WINDOWS\system32\mllmk.dll
    C:\WINDOWS\system32\mllmk.exe
    C:\WINDOWS\system32\nhcsunwk.ini
    C:\WINDOWS\system32\obowwtsw.ini
    C:\WINDOWS\system32\oolacjuq.ini
    C:\WINDOWS\system32\pdnsbrkb.ini
    C:\WINDOWS\system32\plrmpqqb.ini
    C:\WINDOWS\system32\pofavgvh.ini
    C:\WINDOWS\system32\pxkpygcp.ini
    C:\WINDOWS\system32\qheedcbj.ini
    C:\WINDOWS\system32\qmtkxqop.ini
    C:\WINDOWS\system32\qssgblxa.ini
    C:\WINDOWS\system32\reikyvco.ini
    C:\WINDOWS\system32\rfnkjdhw.ini
    C:\WINDOWS\system32\riqxhxqc.ini
    C:\WINDOWS\system32\rpltkhiy.ini
    C:\WINDOWS\system32\sdmoiuir.ini
    C:\WINDOWS\system32\srkespuf.ini
    C:\WINDOWS\system32\sttwymvf.ini
    C:\WINDOWS\system32\tkkmnyun.ini
    C:\WINDOWS\system32\tqhtfylm.ini
    C:\WINDOWS\system32\tulycpsw.ini
    C:\WINDOWS\system32\ujyokebe.ini
    C:\WINDOWS\system32\uksdnaog.ini
    C:\WINDOWS\system32\vjrjsanf.ini
    C:\WINDOWS\system32\vxbhbmff.ini
    C:\WINDOWS\system32\whgqkbvu.ini
    C:\WINDOWS\system32\wnlsoucs.ini
    C:\WINDOWS\system32\wqbgfufd.ini
    C:\WINDOWS\system32\wriwtxml.ini
    C:\WINDOWS\system32\wscdttjh.ini
    C:\WINDOWS\system32\wyjvgxsu.ini
    C:\WINDOWS\system32\xbyafxft.ini
    C:\WINDOWS\system32\xjarwemw.ini
    C:\WINDOWS\system32\xlaemnft.ini
    C:\WINDOWS\system32\xnobvauk.ini
    C:\WINDOWS\system32\xobepbvg.ini
    C:\WINDOWS\system32\xqlhgkwe.ini
    C:\WINDOWS\system32\yeevbcoi.ini
    C:\WINDOWS\system32\ymcawsxd.ini
    C:\WINDOWS\system32\yvcrvjnr.ini

    .
    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-28 to 2007-12-31 ))))))))))))))))))))))))))))))))))))
    .

    2007-12-31 12:20 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2007-12-30 17:52 . 2007-12-30 17:52 335,360 --a------ C:\WINDOWS\system32\RCX16.tmp
    2007-12-30 16:47 . 2007-12-30 16:47 <REP> d-------- C:\Program Files\Trend Micro
    2007-12-30 15:02 . 2007-12-30 17:57 54,584 --a------ C:\WINDOWS\system32\drivers\sbapifs.sys
    2007-12-30 15:02 . 2007-12-30 15:02 15,544 --a------ C:\WINDOWS\system32\drivers\sbhr.sys
    2007-12-30 15:01 . 2007-12-30 15:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sunbelt Software
    2007-12-30 15:01 . 2007-12-30 15:01 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Sunbelt Software
    2007-12-30 11:52 . 2007-12-30 11:52 335,360 --a------ C:\WINDOWS\system32\RCX15.tmp
    2007-12-29 16:38 . 2007-12-29 16:38 67 --a------ C:\WINDOWS\system32\drivers\fwdrv.err
    2007-12-29 16:24 . 2007-12-29 16:24 335,360 --a------ C:\WINDOWS\system32\RCX14.tmp
    2007-12-29 11:07 . 2007-12-29 11:07 335,360 --a------ C:\WINDOWS\system32\RCX10.tmp
    2007-12-29 11:02 . 2007-12-29 11:02 335,360 --a------ C:\WINDOWS\system32\RCXD.tmp
    2007-12-28 23:18 . 2007-12-28 23:18 <REP> d-------- C:\Program Files\Comptes et Budget Free V5.0
    2007-12-28 23:18 . 2007-12-28 23:18 <REP> d-------- C:\Documents and Settings\Alex\Application Data\AlauxSoft
    2007-12-27 19:38 . 2007-12-30 17:52 1,031,499 ---hs---- C:\WINDOWS\system32\hclgboaw.ini
    2007-12-27 13:18 . 2007-12-30 15:00 <REP> d-------- C:\Program Files\Sunbelt Software
    2007-12-26 18:08 . 2007-12-26 18:08 335,360 --a------ C:\WINDOWS\system32\RCX19.tmp
    2007-12-26 17:39 . 2007-12-26 17:39 335,360 --a------ C:\WINDOWS\system32\RCX13.tmp
    2007-12-26 11:53 . 2007-12-26 11:53 335,360 --a------ C:\WINDOWS\system32\RCX12.tmp
    2007-12-25 19:31 . 2007-12-25 19:31 8,192 --ahs---- C:\WINDOWS\system32\Thumbs.db
    2007-12-25 16:43 . 2006-03-16 11:19 54,960 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
    2007-12-25 16:43 . 2007-12-25 16:53 41,201 --a------ C:\WINDOWS\system32\vsconfig.xml
    2007-12-24 11:31 . 2007-12-24 11:31 335,360 --a------ C:\WINDOWS\system32\RCX11.tmp
    2007-12-23 23:37 . 2007-12-23 23:37 <REP> d-------- C:\Program Files\Freeplayer-Win32-20070531
    2007-12-23 18:49 . 2007-12-23 18:49 335,360 --a------ C:\WINDOWS\system32\RCXB.tmp
    2007-12-23 18:44 . 2007-12-23 18:44 335,360 --a------ C:\WINDOWS\system32\RCXA.tmp
    2007-12-23 18:38 . 2007-12-23 18:38 335,360 --a------ C:\WINDOWS\system32\RCXF.tmp
    2007-12-23 18:38 . 2007-12-23 18:38 0 --a------ C:\WINDOWS\system32\inflist.dat
    2007-12-23 18:37 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
    2007-12-23 18:37 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
    2007-12-23 18:37 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
    2007-12-23 18:37 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
    2007-12-23 18:37 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
    2007-12-23 18:37 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
    2007-12-23 18:37 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
    2007-12-23 18:37 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
    2007-12-23 18:26 . 2007-12-23 18:26 335,360 --a------ C:\WINDOWS\system32\RCXE.tmp
    2007-12-23 18:24 . 2007-12-23 18:24 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Comodo
    2007-12-23 18:20 . 2007-12-23 18:20 335,360 --a------ C:\WINDOWS\system32\RCXC.tmp
    2007-12-23 18:18 . 2007-12-23 18:18 <REP> d-------- C:\Program Files\Trustix
    2007-12-23 18:18 . 2006-05-03 12:09 73,728 --a------ C:\WINDOWS\system32\CavEmLSP.dll
    2007-12-23 18:17 . 2007-12-23 18:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Comodo
    2007-12-23 18:16 . 2007-12-23 18:16 <REP> d-------- C:\WINDOWS\Downloaded Installations
    2007-12-23 17:21 . 2007-12-23 17:21 335,360 --a------ C:\WINDOWS\system32\RCX8.tmp
    2007-12-23 17:06 . 2007-12-23 17:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
    2007-12-23 17:01 . 2007-12-23 17:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
    2007-12-23 16:35 . 2007-12-23 16:35 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
    2007-12-23 11:56 . 2007-12-23 11:56 268 --ah----- C:\sqmdata08.sqm
    2007-12-23 11:56 . 2007-12-23 11:56 244 --ah----- C:\sqmnoopt08.sqm
    2007-12-22 11:19 . 2002-11-14 20:43 221,184 --a------ C:\WINDOWS\system32\srrstr.dll
    2007-12-22 11:19 . 2002-11-14 20:43 221,184 --a--c--- C:\WINDOWS\system32\dllcache\srrstr.dll
    2007-12-22 11:18 . 2007-12-22 11:18 <REP> d-------- C:\Program Files\MSXML 4.0
    2007-12-20 23:51 . 2007-12-20 23:51 73 --a------ C:\WINDOWS\system32\i
    2007-12-20 21:34 . 2007-12-20 21:34 30,945,280 --a------ C:\upload_moi.tar
    2007-12-20 21:21 . 2007-12-20 21:21 1,635 --a------ C:\WINDOWS\system32\khyd.exe
    2007-12-20 21:09 . 2007-12-23 17:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
    2007-12-20 20:58 . 2004-07-01 23:08 360,960 --a--c--- C:\WINDOWS\system32\dllcache\qmgr.dll
    2007-12-20 20:58 . 2004-07-01 23:08 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
    2007-12-20 20:58 . 2004-07-01 23:08 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
    2007-12-20 20:58 . 2004-07-01 23:08 17,408 --a--c--- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
    2007-12-20 20:53 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
    2007-12-20 20:53 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
    2007-12-20 20:53 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
    2007-12-20 20:53 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
    2007-12-20 13:19 . 2007-12-20 13:19 244 --ah----- C:\sqmnoopt07.sqm
    2007-12-20 13:19 . 2007-12-20 13:19 232 --ah----- C:\sqmdata07.sqm
    2007-12-20 13:12 . 2007-12-20 13:12 0 --a------ C:\WINDOWS\system32\bya.exe
    2007-12-20 13:02 . 2007-12-20 13:02 244 --ah----- C:\sqmnoopt06.sqm
    2007-12-20 13:02 . 2007-12-20 13:02 232 --ah----- C:\sqmdata06.sqm
    2007-12-20 07:42 . 2007-12-30 11:22 13,312 --a------ C:\WINDOWS\system32\ctfmon .exe
    2007-12-20 07:17 . 2007-12-20 07:17 1,635 --a------ C:\WINDOWS\system32\sdbdmau.exe
    2007-12-20 07:17 . 2007-12-20 07:17 1,635 --a------ C:\WINDOWS\system32\kifyptv.exe
    2007-12-19 22:49 . 2007-12-19 22:49 1,635 --a------ C:\WINDOWS\system32\rybeul.exe
    2007-12-19 22:24 . 2007-12-19 22:24 1,635 --a------ C:\WINDOWS\system32\vqmepih.exe
    2007-12-19 22:24 . 2007-12-19 22:24 1,635 --a------ C:\WINDOWS\system32\hauoyq.exe
    2007-12-19 21:34 . 2007-12-19 21:34 1,635 --a------ C:\WINDOWS\system32\wjmq.exe
    2007-12-19 21:34 . 2007-12-19 21:34 1,635 --a------ C:\WINDOWS\system32\iixsvf.exe
    2007-12-19 21:26 . 2007-12-19 21:26 1,635 --a------ C:\WINDOWS\system32\wrozlopw.exe
    2007-12-19 21:26 . 2007-12-19 21:26 1,635 --a------ C:\WINDOWS\system32\bfgm.exe
    2007-12-19 21:09 . 2007-12-19 21:09 1,635 --a------ C:\WINDOWS\system32\gkdinsmb.exe
    2007-12-19 21:09 . 2007-12-19 21:09 1,635 --a------ C:\WINDOWS\system32\ajlkvmqc.exe
    2007-12-19 20:52 . 2007-12-19 20:52 1,635 --a------ C:\WINDOWS\system32\texk.exe
    2007-12-19 20:52 . 2007-12-19 20:52 1,635 --a------ C:\WINDOWS\system32\slfwqois.exe
    2007-12-19 20:11 . 2007-12-19 20:11 118 --a------ C:\WINDOWS\system32\ysryk.bat
    2007-12-19 20:10 . 2007-12-19 20:10 0 --ah----- C:\WINDOWS\system32\nnzl.exe
    2007-12-19 19:00 . 2007-12-19 19:00 127 --a------ C:\WINDOWS\system32\kydky.bat
    2007-12-19 19:00 . 2007-12-19 19:00 126 --a------ C:\WINDOWS\system32\thjo.bat
    2007-12-19 19:00 . 2007-12-19 19:00 123 --a------ C:\WINDOWS\system32\ngknuci.bat
    2007-12-19 18:56 . 2007-12-19 18:56 1,635 --a------ C:\WINDOWS\system32\ppbqo.exe
    2007-12-19 18:43 . 2007-12-19 18:43 244 --ah----- C:\sqmnoopt05.sqm
    2007-12-19 18:43 . 2007-12-19 18:43 232 --ah----- C:\sqmdata05.sqm
    2007-12-19 18:39 . 2007-12-19 18:39 1,635 --a------ C:\WINDOWS\system32\hqlnopib.exe
    2007-12-19 18:39 . 2007-12-19 18:39 1,635 --a------ C:\WINDOWS\system32\devdmwws.exe
    2007-12-19 18:32 . 2007-12-19 18:32 244 --ah----- C:\sqmnoopt04.sqm
    2007-12-19 18:32 . 2007-12-19 18:32 232 --ah----- C:\sqmdata04.sqm
    2007-12-19 18:31 . 2007-12-19 18:31 1,635 --a------ C:\WINDOWS\system32\zsmvmr.exe

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-12-31 11:28 --------- d-----w C:\Documents and Settings\Alex\Application Data\Free Download Manager
    2007-12-31 11:19 --------- d-----w C:\Program Files\Mozilla Thunderbird
    2007-12-30 16:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
    2007-12-30 13:50 --------- d-----w C:\Program Files\eMule
    2007-12-29 22:57 --------- d-----w C:\Documents and Settings\Alex\Application Data\uTorrent
    2007-12-26 17:08 147,968 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\MSConfig .exe
    2007-12-23 17:16 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2007-12-22 10:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2007-12-20 19:03 --------- d-----w C:\Program Files\Navilog1
    2007-12-19 11:37 134,656 ----a-w C:\WINDOWS\system32\sfc_os.dll
    2007-12-17 19:16 --------- d-----w C:\Documents and Settings\Alex\Application Data\vlc
    2007-12-15 23:25 12,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
    2007-12-15 19:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-11-30 17:39 --------- d-----w C:\Program Files\adslTV
    2007-11-05 06:52 --------- d-----w C:\Program Files\Maïdo Production
    2007-10-31 19:52 --------- d-----w C:\Program Files\Google
    2007-10-31 17:28 39,424 ----a-w C:\WINDOWS\zipinst.exe
    2007-10-20 09:31 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    2007-10-20 00:56 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-10-20 00:56 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2007-10-10 18:44 18,312 ----a-w C:\Documents and Settings\Alex\Application Data\GDIPFONTCACHEV1.DAT
    2007-07-31 17:31 65,273 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_07_31_13_38_26_small.dmp.zip
    .
    1. ----a-w 79,224 2007-12-31 09:05:51 C:\Program Files\Alwil Software\Avast4\ashDisp .exe
    2. ----a-w 45,056 2007-12-22 16:04:25 C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon .exe
    3. ----a-w 68,856 2007-12-22 16:04:38 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier .exe
    4. ----a-w 6,731,312 2007-12-22 11:00:41 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
    5. ----a-w 6,731,312 2007-12-22 19:26:14 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
    6. ----a-w 579,072 2007-12-22 16:06:09 C:\Program Files\Grisoft\AVG7\avgcc .exe
    7. ----a-w 146,432 2007-12-22 11:30:16 C:\Program Files\Grisoft\AVG7\avgw .exe
    8. ----a-w 267,048 2007-12-22 16:04:27 C:\Program Files\iTunes\iTunesHelper .exe
    9. ----a-w 1,077,277 2007-12-20 18:43:49 C:\Program Files\Messenger\msmsgs .exe
    10. ----a-w 698,864 2007-12-30 21:22:24 C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray .exe
    11. ----a-w 147,968 2007-12-26 17:08:11 C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\MSConfig .exe
    12. ----a-w 13,312 2007-12-30 10:22:40 C:\WINDOWS\system32\ctfmon .exe



    ((((((((((((((((((((((((((((( snapshot@2007-12-20_20.08.55.60 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2003-07-05 11:14:12 1,120,256 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB823980\ole32.dll
    + 2003-07-05 11:14:14 504,320 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB823980\rpcrt4.dll
    + 2003-07-05 11:14:14 202,752 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB823980\rpcss.dll
    + 2003-05-09 20:03:50 7,680 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB823980\spmsg.dll
    + 2003-05-11 15:26:36 90,112 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB823980\spuninst.exe
    + 2003-05-11 15:26:36 18,944 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB823980\update\spcustom.dll
    + 2003-05-09 20:03:50 420,864 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB823980\update\update.exe
    + 2004-03-06 02:17:16 225,280 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\catsrv.dll
    + 2004-03-06 02:17:16 594,944 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\catsrvut.dll
    + 2004-03-06 02:17:16 110,080 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\clbcatex.dll
    + 2004-03-06 02:17:16 499,712 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\clbcatq.dll
    + 2004-03-06 02:17:16 64,512 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\colbact.dll
    + 2004-03-06 02:17:16 187,904 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\comadmin.dll
    + 2004-02-17 18:49:58 8,192 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\comrepl.exe
    + 2004-03-06 02:17:16 1,194,496 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\comsvcs.dll
    + 2004-03-06 02:17:16 499,200 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\comuid.dll
    + 2004-03-06 02:17:16 226,816 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\es.dll
    + 2004-02-17 18:50:10 6,656 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\migregdb.exe
    + 2004-03-06 02:17:16 367,616 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\msdtcprx.dll
    + 2004-03-06 02:17:16 977,920 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\msdtctm.dll
    + 2004-03-06 02:17:16 150,528 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\msdtcuiu.dll
    + 2004-03-06 02:17:16 64,512 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\mtxclu.dll
    + 2004-03-06 02:17:16 82,432 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\mtxoci.dll
    + 2004-03-06 02:17:17 1,183,744 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\ole32.dll
    + 2004-03-06 02:17:16 535,552 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\rpcrt4.dll
    + 2004-03-06 02:17:16 263,680 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\rpcss.dll
    + 2004-01-09 22:46:53 7,680 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\spmsg.dll
    + 2004-01-10 05:11:16 141,824 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\spuninst.exe
    + 2004-03-06 02:17:16 97,280 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\txflog.dll
    + 2004-01-10 05:11:14 22,016 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\update\spcustom.dll
    + 2004-01-09 22:46:53 580,096 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB828741\update\update.exe
    + 2004-03-30 01:49:43 364,544 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB835732\callcont.dll
    + 2004-03-30 01:49:42 40,960 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB835732\evtgprov.dll
    + 2004-03-30 01:49:43 257,536 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB835732\gdi32.dll
    + 2004-03-30 01:49:42 593,408 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB835732\h323msp.dll
    + 2004-03-30 01:34:15 741,376 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB835732\helpctr.exe
    + 2004-03-30 01:49:42 441,344 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB835732\ipnathlp.dll
    + 2004-03-30 01:49:43 674,304 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB835732\lsasrv.dll
    + 2004-03-30 01:49:43 36,864 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB835732\mf3216.dll
    + 2004-03-30 01:49:43 51,712 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB835732\msasn1.dll
    + 2004-03-30 01:49:43 980,992 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB835732\msgina.dll
    + 2004-03-30 01:49:43 253,952 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB835732\mst120.dll
    + 2004-03-30 01:49:42 306,176 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB835732\netapi32.dll
    + 2004-03-30 01:49:42 73,728 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB835732\nmcom.dll
    + 2004-03-30 01:49:42 552,448 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB835732\rtcdll.dll
    + 2004-03-30 01:49:43 136,704 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB835732\schannel.dll
    + 2004-01-09 22:46:53 7,680 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB835732\spmsg.dll
    + 2004-01-10 05:11:16 141,824 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB835732\spuninst.exe
    + 2004-01-10 05:11:14 22,016 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB835732\update\spcustom.dll
    + 2004-01-09 22:46:53 580,096 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB835732\update\update.exe
    + 2004-03-10 18:01:07 608,256 -c--a-w C:\WINDOWS\$xpsp1hfm$\KB835732\xpsp2res.dll
    + 2002-09-06 14:54:04 5,632 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329048\spmsg.dll
    + 2002-09-21 11:44:08 47,104 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329048\spuninst.exe
    + 2002-09-21 11:44:08 10,752 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329048\update\spcustom.dll
    + 2002-09-21 11:44:10 282,624 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329048\update\update.exe
    + 2002-09-25 14:19:10 319,488 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329048\zipfldr.dll
    + 2002-11-14 09:01:18 5,632 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329170\spmsg.dll
    + 2002-12-17 12:32:18 88,064 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329170\spuninst.exe
    + 2002-12-20 11:36:00 322,048 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329170\srv.sys
    + 2002-12-17 12:32:16 18,432 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329170\update\spcustom.dll
    + 2002-11-14 09:01:18 418,816 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329170\update\update.exe
    + 2002-09-30 09:58:30 126,464 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329390\shmedia.dll
    + 2002-09-06 14:54:04 5,632 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329390\spmsg.dll
    + 2002-09-21 11:44:08 47,104 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329390\spuninst.exe
    + 2002-09-21 11:44:08 10,752 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329390\update\spcustom.dll
    + 2002-09-21 11:44:10 282,624 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329390\update\update.exe
    + 2003-07-15 00:41:14 7,680 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329441\spmsg.dll
    + 2003-08-02 04:14:59 101,888 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329441\spuninst.exe
    + 2002-11-18 22:14:00 229,376 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329441\srrstr.dll
    + 2003-08-02 04:14:58 22,016 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329441\update\spcustom.dll
    + 2003-07-15 00:41:14 441,856 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329441\update\update.exe
    + 2002-10-01 16:52:30 46,208 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329834\raspptp.sys
    + 2002-09-06 14:54:04 5,632 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329834\spmsg.dll
    + 2002-09-21 11:44:08 47,104 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329834\spuninst.exe
    + 2002-09-21 11:44:08 10,752 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329834\update\spcustom.dll
    + 2002-09-21 11:44:10 282,624 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329834\update\update.exe
    + 2002-11-18 10:27:40 392,576 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q810577\mrxsmb.sys
    + 2002-11-14 09:01:18 5,632 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q810577\spmsg.dll
    + 2002-11-14 09:04:56 88,064 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q810577\spuninst.exe
    + 2002-11-14 09:04:54 18,432 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q810577\update\spcustom.dll
    + 2002-11-14 09:01:18 418,816 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q810577\update\update.exe
    + 2002-12-03 17:50:10 68,608 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q810833\locator.exe
    + 2002-11-14 09:01:18 5,632 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q810833\spmsg.dll
    + 2002-11-14 09:04:56 88,064 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q810833\spuninst.exe
    + 2002-11-14 09:04:54 18,432 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q810833\update\spcustom.dll
    + 2002-11-14 09:01:18 418,816 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q810833\update\update.exe
    + 2002-12-17 16:43:00 10,752 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q811630\hh.exe
    + 2003-01-10 13:44:32 37,888 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q811630\hhsetup.dll
    + 2003-01-10 13:44:34 143,872 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q811630\itircl.dll
    + 2003-01-10 13:44:34 122,368 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q811630\itss.dll
    + 2002-11-14 09:01:18 5,632 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q811630\spmsg.dll
    + 2002-12-17 12:32:18 88,064 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q811630\spuninst.exe
    + 2002-12-17 12:32:16 18,432 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q811630\update\spcustom.dll
    + 2002-11-14 09:01:18 418,816 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q811630\update\update.exe
    + 2003-05-01 15:57:24 679,424 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q815021\ntdll.dll
    + 2003-03-21 15:55:08 7,680 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q815021\spmsg.dll
    + 2003-03-21 15:56:54 90,112 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q815021\spuninst.exe
    + 2003-03-21 15:56:54 18,944 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q815021\update\spcustom.dll
    + 2003-03-21 15:55:08 420,864 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q815021\update\update.exe
    + 2002-11-18 10:17:00 391,936 ------w C:\WINDOWS\Driver Cache\i386\mrxsmb.sys
    - 2007-03-13 09:57:10 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
    + 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
    - 2001-08-28 12:00:00 26,647 ----a-w C:\WINDOWS\hh.exe
    + 2002-09-21 19:13:26 10,752 ----a-w C:\WINDOWS\hh.exe
    + 2007-12-30 14:01:00 19,230 ----a-r C:\WINDOWS\Installer\{B0EB7BCE-1779-46D7-A27C-41D1457F7958}\ARPPRODUCTICON.exe
    + 2007-12-29 10:06:06 18,718 ----a-r C:\WINDOWS\Installer\{BFD080F6-3BF0-40E1-9507-9CA969C35870}\ARPPRODUCTICON.exe
    + 2007-12-29 10:06:07 18,718 ----a-r C:\WINDOWS\Installer\{BFD080F6-3BF0-40E1-9507-9CA969C35870}\NewShortcut1_E659E0EE10E649B7869660F38D0EB174.exe
    + 2007-12-29 10:06:07 18,718 ----a-r C:\WINDOWS\Installer\{BFD080F6-3BF0-40E1-9507-9CA969C35870}\NewShortcut2_8315396A5EA1419DBEC4978284BDF556.exe
    - 2001-08-28 12:00:00 692,224 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\HelpCtr.exe
    + 2004-02-05 22:14:57 727,040 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\helpctr.exe
    + 2004-07-01 22:08:13 360,960 ------w C:\WINDOWS\system32\bits\qmgr.dll
    - 2001-08-28 12:00:00 49,152 ----a-w C:\WINDOWS\system32\browser.dll
    + 2004-03-30 01:26:49 48,640 ----a-w C:\WINDOWS\system32\browser.dll
    + 2006-12-28 15:13:52 516,832 ----a-w C:\WINDOWS\system32\capicom.dll
    - 2001-08-28 12:00:00 215,040 ----a-w C:\WINDOWS\system32\catsrv.dll
    + 2004-03-06 02:07:30 225,280 ----a-w C:\WINDOWS\system32\catsrv.dll
    - 2001-08-28 12:00:00 583,168 ----a-w C:\WINDOWS\system32\catsrvut.dll
    + 2004-03-06 02:07:31 596,480 ----a-w C:\WINDOWS\system32\catsrvut.dll
    - 2005-05-26 02:16:24 75,544 ----a-w C:\WINDOWS\system32\cdm.dll
    + 2007-07-30 18:19:20 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
    - 2001-08-28 12:00:00 100,864 ----a-w C:\WINDOWS\system32\clbcatex.dll
    + 2004-03-06 02:07:32 110,080 ----a-w C:\WINDOWS\system32\clbcatex.dll
    - 2001-08-28 12:00:00 468,480 ----a-w C:\WINDOWS\system32\clbcatq.dll
    + 2004-03-05 17:07:34 499,712 ----a-w C:\WINDOWS\system32\clbcatq.dll
    + 1998-07-12 23:00:00 89,600 ----a-w C:\WINDOWS\system32\CMCTLFR.DLL
    + 2003-04-23 13:03:00 159,744 ----a-w C:\WINDOWS\system32\cNewMenu6.dll
    - 2001-08-28 12:00:00 56,832 ----a-w C:\WINDOWS\system32\colbact.dll
    + 2004-03-06 02:07:34 64,512 ----a-w C:\WINDOWS\system32\colbact.dll
    - 2001-08-28 12:00:00 186,880 ----a-w C:\WINDOWS\system32\Com\comadmin.dll
    + 2004-03-06 02:07:35 187,904 ----a-w C:\WINDOWS\system32\Com\comadmin.dll
    - 2001-08-28 12:00:00 8,192 ----a-w C:\WINDOWS\system32\Com\comrepl.exe
    + 2004-02-17 18:49:58 8,192 ----a-w C:\WINDOWS\system32\Com\comrepl.exe
    - 2001-08-28 12:00:00 1,139,200 ----a-w C:\WINDOWS\system32\comsvcs.dll
    + 2004-03-06 02:07:36 1,177,088 ----a-w C:\WINDOWS\system32\comsvcs.dll
    - 2001-08-28 12:00:00 495,616 ----a-w C:\WINDOWS\system32\comuid.dll
    + 2004-03-06 02:07:37 499,200 ----a-w C:\WINDOWS\system32\comuid.dll
    + 2007-12-22 10:18:55 32,768 ----a-r C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Installer\{3E908702-AF35-4611-9518-955DA24B7E07}\icon.exe
    - 2007-12-20 11:45:51 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
    + 2007-12-25 14:43:05 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
    - 2007-12-20 11:45:51 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
    + 2007-12-25 14:43:05 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
    - 2007-12-20 11:45:51 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    + 2007-12-25 14:43:05 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    - 2007-12-20 19:04:50 270,336 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
    + 2007-12-31 11:21:51 270,336 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
    - 2001-08-28 12:00:00 561,664 ----a-w C:\WINDOWS\system32\crypt32.dll
    + 2002-09-23 14:10:48 551,424 ----a-w C:\WINDOWS\system32\crypt32.dll
    - 2007-12-20 19:08:23 350,208 ----a-w C:\WINDOWS\system32\ctfmon.exe
    + 2001-08-28 12:00:00 13,312 ----a-w C:\WINDOWS\system32\ctfmon.exe
    - 2001-08-28 12:00:00 49,152 -c--a-w C:\WINDOWS\system32\dllcache\browser.dll
    + 2004-03-30 01:26:49 48,640 -c--a-w C:\WINDOWS\system32\dllcache\browser.dll
    - 2001-08-28 12:00:00 360,448 -c--a-w C:\WINDOWS\system32\dllcache\callcont.dll
    + 2004-03-30 01:26:50 364,544 -c--a-w C:\WINDOWS\system32\dllcache\callcont.dll
    - 2001-08-28 12:00:00 215,040 -c--a-w C:\WINDOWS\system32\dllcache\catsrv.dll
    + 2004-03-06 02:07:30 225,280 -c--a-w C:\WINDOWS\system32\dllcache\catsrv.dll
    - 2001-08-28 12:00:00 583,168 -c--a-w C:\WINDOWS\system32\dllcache\catsrvut.dll
    + 2004-03-06 02:07:31 596,480 -c--a-w C:\WINDOWS\system32\dllcache\catsrvut.dll
    - 2005-05-26 02:16:24 75,544 -c--a-w C:\WINDOWS\system32\dllcache\cdm.dll
    + 2007-07-30 18:19:20 92,504 -c--a-w C:\WINDOWS\system32\dllcache\cdm.dll
    - 2001-08-28 12:00:00 100,864 -c--a-w C:\WINDOWS\system32\dllcache\clbcatex.dll
    + 2004-03-06 02:07:32 110,080 -c--a-w C:\WINDOWS\system32\dllcache\clbcatex.dll
    - 2001-08-28 12:00:00 468,480 -c--a-w C:\WINDOWS\system32\dllcache\clbcatq.dll
    + 2004-03-05 17:07:34 499,712 -c--a-w C:\WINDOWS\system32\dllcache\clbcatq.dll
    - 2001-08-28 12:00:00 56,832 -c--a-w C:\WINDOWS\system32\dllcache\colbact.dll
    + 2004-03-06 02:07:34 64,512 -c--a-w C:\WINDOWS\system32\dllcache\colbact.dll
    - 2001-08-28 12:00:00 186,880 -c--a-w C:\WINDOWS\system32\dllcache\comadmin.dll
    + 2004-03-06 02:07:35 187,904 -c--a-w C:\WINDOWS\system32\dllcache\comadmin.dll
    - 2001-08-28 12:00:00 8,192 -c--a-w C:\WINDOWS\system32\dllcache\comrepl.exe
    + 2004-02-17 18:49:58 8,192 -c--a-w C:\WINDOWS\system32\dllcache\comrepl.exe
    - 2001-08-28 12:00:00 1,139,200 -c--a-w C:\WINDOWS\system32\dllcache\comsvcs.dll
    + 2004-03-06 02:07:36 1,177,088 -c--a-w C:\WINDOWS\system32\dllcache\comsvcs.dll
    - 2001-08-28 12:00:00 495,616 -c--a-w C:\WINDOWS\system32\dllcache\comuid.dll
    + 2004-03-06 02:07:37 499,200 -c--a-w C:\WINDOWS\system32\dllcache\comuid.dll
    - 2001-08-28 12:00:00 561,664 -c--a-w C:\WINDOWS\system32\dllcache\crypt32.dll
    + 2002-09-23 14:10:48 551,424 -c--a-w C:\WINDOWS\system32\dllcache\crypt32.dll
    - 2001-08-28 12:00:00 224,768 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
    + 2004-03-06 02:07:38 226,816 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
    - 2001-08-28 12:00:00 34,304 -c--a-w C:\WINDOWS\system32\dllcache\evtgprov.dll
    + 2004-03-30 01:26:51 40,960 -c--a-w C:\WINDOWS\system32\dllcache\evtgprov.dll
    - 2001-08-28 12:00:00 250,880 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
    + 2004-03-30 01:26:51 241,664 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
    - 2001-08-28 12:00:00 592,896 -c--a-w C:\WINDOWS\system32\dllcache\h323msp.dll
    + 2004-03-30 01:26:53 593,408 -c--a-w C:\WINDOWS\system32\dllcache\h323msp.dll
    - 2001-08-28 12:00:00 692,224 -c--a-w C:\WINDOWS\system32\dllcache\helpctr.exe
    + 2004-02-05 22:14:57 727,040 -c--a-w C:\WINDOWS\system32\dllcache\helpctr.exe
    - 2001-08-28 12:00:00 26,647 -c--a-w C:\WINDOWS\system32\dllcache\hh.exe
    + 2002-09-21 19:13:26 10,752 -c--a-w C:\WINDOWS\system32\dllcache\hh.exe
    - 2001-08-28 12:00:00 67,612 -c--a-w C:\WINDOWS\system32\dllcache\hhsetup.dll
    + 2003-01-13 09:28:28 37,888 -c--a-w C:\WINDOWS\system32\dllcache\hhsetup.dll
    - 2001-08-28 12:00:00 455,168 -c--a-w C:\WINDOWS\system32\dllcache\ipnathlp.dll
    + 2004-03-30 01:26:55 456,192 -c--a-w C:\WINDOWS\system32\dllcache\ipnathlp.dll
    - 2001-08-28 12:00:00 155,552 -c--a-w C:\WINDOWS\system32\dllcache\itircl.dll
    + 2003-01-13 09:28:28 143,872 -c--a-w C:\WINDOWS\system32\dllcache\itircl.dll
    - 2001-08-28 12:00:00 138,048 -c--a-w C:\WINDOWS\system32\dllcache\itss.dll
    + 2003-01-13 09:28:30 122,368 -c--a-w C:\WINDOWS\system32\dllcache\itss.dll
    - 2001-08-28 12:00:00 593,948 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
    + 2003-01-13 13:57:58 589,881 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
    - 2001-08-28 12:00:00 68,096 -c--a-w C:\WINDOWS\system32\dllcache\locator.exe
    + 2002-12-03 17:55:20 68,608 -c--a-w C:\WINDOWS\system32\dllcache\locator.exe
    - 2001-08-28 12:00:00 676,352 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
    + 2004-03-29 16:26:58 654,848 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
    - 2001-08-28 12:00:00 35,328 -c--a-w C:\WINDOWS\system32\dllcache\mf3216.dll
    + 2004-03-30 01:26:56 36,864 -c--a-w C:\WINDOWS\system32\dllcache\mf3216.dll
    - 2001-08-28 12:00:00 6,656 -c--a-w C:\WINDOWS\system32\dllcache\migregdb.exe
    + 2004-02-17 18:50:10 6,656 -c--a-w C:\WINDOWS\system32\dllcache\migregdb.exe
    - 2001-08-28 12:00:00 407,680 -c--a-w C:\WINDOWS\system32\dllcache\mrxsmb.sys
    + 2002-11-18 10:17:00 391,936 -c--a-w C:\WINDOWS\system32\dllcache\mrxsmb.sys
    - 2001-08-28 12:00:00 51,200 -c--a-w C:\WINDOWS\system32\dllcache\msasn1.dll
    + 2004-03-30 01:26:57 51,712 -c--a-w C:\WINDOWS\system32\dllcache\msasn1.dll
    - 2001-08-28 12:00:00 360,960 -c--a-w C:\WINDOWS\system32\dllcache\msdtcprx.dll
    + 2004-03-06 02:07:40 365,568 -c--a-w C:\WINDOWS\system32\dllcache\msdtcprx.dll
    - 2001-08-28 12:00:00 869,376 -c--a-w C:\WINDOWS\system32\dllcache\msdtctm.dll
    + 2004-03-06 02:07:41 977,920 -c--a-w C:\WINDOWS\system32\dllcache\msdtctm.dll
    - 2001-08-28 12:00:00 151,040 -c--a-w C:\WINDOWS\system32\dllcache\msdtcuiu.dll
    + 2004-03-06 02:07:42 150,528 -c--a-w C:\WINDOWS\system32\dllcache\msdtcuiu.dll
    - 2001-08-28 12:00:00 977,408 -c--a-w C:\WINDOWS\system32\dllcache\msgina.dll
    + 2004-03-30 01:26:59 978,944 -c--a-w C:\WINDOWS\system32\dllcache\msgina.dll
    - 2001-08-28 12:00:00 249,856 -c--a-w C:\WINDOWS\system32\dllcache\mst120.dll
    + 2004-03-30 01:26:59 253,952 -c--a-w C:\WINDOWS\system32\dllcache\mst120.dll
    - 2001-08-28 12:00:00 61,440 -c--a-w C:\WINDOWS\system32\dllcache\mtxclu.dll
    + 2004-03-06 02:07:43 64,512 -c--a-w C:\WINDOWS\system32\dllcache\mtxclu.dll
    - 2001-08-28 12:00:00 83,968 -c--a-w C:\WINDOWS\system32\dllcache\mtxoci.dll
    + 2004-03-06 02:07:43 82,432 -c--a-w C:\WINDOWS\system32\dllcache\mtxoci.dll
    - 2001-08-28 12:00:00 309,760 -c--a-w C:\WINDOWS\system32\dllcache\netapi32.dll
    + 2004-03-30 01:26:49 301,568 -c--a-w C:\WINDOWS\system32\dllcache\netapi32.dll
    - 2001-08-28 12:00:00 69,632 -c--a-w C:\WINDOWS\system32\dllcache\nmcom.dll
    + 2004-03-30 01:27:00 73,728 -c--a-w C:\WINDOWS\system32\dllcache\nmcom.dll
    - 2001-08-28 12:00:00 699,392 -c--a-w C:\WINDOWS\system32\dllcache\ntdll.dll
    + 2003-05-02 10:04:40 676,352 -c--a-w C:\WINDOWS\system32\dllcache\ntdll.dll
    - 2001-08-28 12:00:00 1,141,248 -c--a-w C:\WINDOWS\system32\dllcache\ole32.dll
    + 2004-03-06 02:07:45 1,105,408 -c--a-w C:\WINDOWS\system32\dllcache\ole32.dll
    - 2001-08-28 12:00:00 46,464 -c--a-w C:\WINDOWS\system32\dllcache\raspptp.sys
    + 2002-10-01 17:43:52 46,208 -c--a-w C:\WINDOWS\system32\dllcache\raspptp.sys
    - 2001-08-28 12:00:00 463,872 -c--a-w C:\WINDOWS\system32\dllcache\rpcrt4.dll
    + 2004-03-06 02:07:46 442,880 -c--a-w C:\WINDOWS\system32\dllcache\rpcrt4.dll
    - 2001-08-28 12:00:00 259,072 -c--a-w C:\WINDOWS\system32\dllcache\rpcss.dll
    + 2004-03-06 02:07:47 214,528 -c--a-w C:\WINDOWS\system32\dllcache\rpcss.dll
    - 2001-08-28 12:00:00 554,496 -c--a-w C:\WINDOWS\system32\dllcache\rtcdll.dll
    + 2004-03-30 01:27:01 554,496 -c--a-w C:\WINDOWS\system32\dllcache\rtcdll.dll
    - 2001-08-28 12:00:00 133,632 -c--a-w C:\WINDOWS\system32\dllcache\schannel.dll
    + 2004-03-30 01:27:02 136,704 -c--a-w C:\WINDOWS\system32\dllcache\schannel.dll
    - 2001-08-28 12:00:00 127,488 -c--a-w C:\WINDOWS\system32\dllcache\shmedia.dll
    + 2002-09-19 10:28:54 127,488 -c--a-w C:\WINDOWS\system32\dllcache\shmedia.dll
    - 2001-08-28 12:00:00 330,368 -c--a-w C:\WINDOWS\system32\dllcache\srv.sys
    + 2002-10-31 13:45:16 322,304 -c--a-w C:\WINDOWS\system32\dllcache\srv.sys
    - 2001-08-28 12:00:00 90,624 -c--a-w C:\WINDOWS\system32\dllcache\txflog.dll
    + 2004-03-06 02:07:48 97,280 -c--a-w C:\WINDOWS\system32\dllcache\txflog.dll
    - 2005-05-26 02:16:30 125,720 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
    + 2007-07-30 18:19:16 53,080 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
    - 2005-05-26 02:16:30 1,343,768 -c--a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
    + 2007-07-30 18:19:42 1,712,984 -c--a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
    - 2001-08-28 12:00:00 320,512 -c--a-w C:\WINDOWS\system32\dllcache\zipfldr.dll
    + 2002-09-25 11:23:16 319,488 -c--a-w C:\WINDOWS\system32\dllcache\zipfldr.dll
    + 2007-04-26 09:21:30 302,000 ----a-w C:\WINDOWS\system32\drivers\fwdrv.sys
    + 2007-04-26 09:21:34 72,624 ----a-w C:\WINDOWS\system32\drivers\khips.sys
    - 2001-08-28 12:00:00 407,680 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
    + 2002-11-18 10:17:00 391,936 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
    - 2001-08-28 12:00:00 46,464 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
    + 2002-10-01 17:43:52 46,208 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
    + 2006-10-30 09:30:30 10,032 ----a-w C:\WINDOWS\system32\drivers\SBTEDrv.sys
    - 2001-08-28 12:00:00 330,368 ----a-w C:\WINDOWS\system32\drivers\srv.sys
    + 2002-10-31 13:45:16 322,304 ----a-w C:\WINDOWS\system32\drivers\srv.sys
    - 2001-08-28 12:00:00 224,768 ----a-w C:\WINDOWS\system32\es.dll
    + 2004-03-06 02:07:38 226,816 ----a-w C:\WINDOWS\system32\es.dll
    - 2001-08-28 12:00:00 250,880 ----a-w C:\WINDOWS\system32\gdi32.dll
    + 2004-03-30 01:26:51 241,664 ----a-w C:\WINDOWS\system32\gdi32.dll
    - 2001-08-28 12:00:00 592,896 ----a-w C:\WINDOWS\system32\h323msp.dll
    + 2004-03-30 01:26:53 593,408 ----a-w C:\WINDOWS\system32\h323msp.dll
    - 2001-08-28 12:00:00 67,612 ----a-w C:\WINDOWS\system32\hhsetup.dll
    + 2003-01-13 09:28:28 37,888 ----a-w C:\WINDOWS\system32\hhsetup.dll
    - 2001-08-28 12:00:00 455,168 ----a-w C:\WINDOWS\system32\ipnathlp.dll
    + 2004-03-30 01:26:55 456,192 ----a-w C:\WINDOWS\system32\ipnathlp.dll
    - 2001-08-28 12:00:00 155,552 ----a-w C:\WINDOWS\system32\itircl.dll
    + 2003-01-13 09:28:28 143,872 ----a-w C:\WINDOWS\system32\itircl.dll
    - 2001-08-28 12:00:00 138,048 ----a-w C:\WINDOWS\system32\itss.dll
    + 2003-01-13 09:28:30 122,368 ----a-w C:\WINDOWS\system32\itss.dll
    - 2001-08-28 12:00:00 593,948 ----a-w C:\WINDOWS\system32\jscript.dll
    + 2003-01-13 13:57:58 589,881 ----a-w C:\WINDOWS\system32\jscript.dll
    + 2005-05-16 18:34:48 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
    + 2006-03-20 12:17:24 65,536 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
    + 2006-03-20 12:17:20 798,720 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
    - 2001-08-28 12:00:00 68,096 ----a-w C:\WINDOWS\system32\locator.exe
    + 2002-12-03 17:55:20 68,608 ----a-w C:\WINDOWS\system32\locator.exe
    - 2001-08-28 12:00:00 676,352 ----a-w C:\WINDOWS\system32\lsasrv.dll
    + 2004-03-29 16:26:58 654,848 ----a-w C:\WINDOWS\system32\lsasrv.dll
    + 2005-11-02 09:39:14 131,072 ----a-w C:\WINDOWS\system32\MD5.dll
    - 2001-08-28 12:00:00 35,328 ----a-w C:\WINDOWS\system32\mf3216.dll
    + 2004-03-30 01:26:56 36,864 ----a-w C:\WINDOWS\system32\mf3216.dll
    + 2007-12-02 14:00:06 18,684,536 ----a-w C:\WINDOWS\system32\MRT.exe
    - 2001-08-28 12:00:00 51,200 ----a-w C:\WINDOWS\system32\msasn1.dll
    + 2004-03-30 01:26:57 51,712 ----a-w C:\WINDOWS\system32\msasn1.dll
    - 2001-08-28 12:00:00 360,960 ----a-w C:\WINDOWS\system32\msdtcprx.dll
    + 2004-03-06 02:07:40 365,568 ----a-w C:\WINDOWS\system32\msdtcprx.dll
    - 2001-08-28 12:00:00 869,376 ----a-w C:\WINDOWS\system32\msdtctm.dll
    + 2004-03-06 02:07:41 977,920 ----a-w C:\WINDOWS\system32\msdtctm.dll
    - 2001-08-28 12:00:00 151,040 ----a-w C:\WINDOWS\system32\msdtcuiu.dll
    + 2004-03-06 02:07:42 150,528 ----a-w C:\WINDOWS\system32\msdtcuiu.dll
    - 2001-08-28 12:00:00 977,408 ----a-w C:\WINDOWS\system32\msgina.dll
    + 2004-03-30 01:26:59 978,944 ----a-w C:\WINDOWS\system32\msgina.dll
    - 2001-08-28 12:00:00 61,440 ----a-w C:\WINDOWS\system32\mtxclu.dll
    + 2004-03-06 02:07:43 64,512 ----a-w C:\WINDOWS\system32\mtxclu.dll
    - 2001-08-28 12:00:00 83,968 ----a-w C:\WINDOWS\system32\mtxoci.dll
    + 2004-03-06 02:07:43 82,432 ----a-w C:\WINDOWS\system32\mtxoci.dll
    - 2001-08-28 12:00:00 309,760 ----a-w C:\WINDOWS\system32\netapi32.dll
    + 2004-03-30 01:26:49 301,568 ----a-w C:\WINDOWS\system32\netapi32.dll
    - 2001-08-28 12:00:00 699,392 ----a-w C:\WINDOWS\system32\ntdll.dll
    + 2003-05-02 10:04:40 676,352 ----a-w C:\WINDOWS\system32\ntdll.dll
    - 2001-08-28 12:00:00 1,141,248 ----a-w C:\WINDOWS\system32\ole32.dll
    + 2004-03-06 02:07:45 1,105,408 ----a-w C:\WINDOWS\system32\ole32.dll
    + 2005-11-02 09:39:16 24,924 ----a-w C:\WINDOWS\system32\openports.dll
    - 2001-08-28 12:00:00 180,736 ----a-w C:\WINDOWS\system32\qmgr.dll
    + 2004-07-01 22:08:13 360,960 ----a-w C:\WINDOWS\system32\qmgr.dll
    + 2003-02-21 06:16:08 49,152 ----a-w C:\WINDOWS\system32\REGTLIB.EXE
    - 2001-08-28 12:00:00 463,872 ----a-w C:\WINDOWS\system32\rpcrt4.dll
    + 2004-03-06 02:07:46 442,880 ----a-w C:\WINDOWS\system32\rpcrt4.dll
    - 2001-08-28 12:00:00 259,072 ----a-w C:\WINDOWS\system32\rpcss.dll
    + 2004-03-06 02:07:47 214,528 ----a-w C:\WINDOWS\system32\rpcss.dll
    - 2001-08-28 12:00:00 554,496 ----a-w C:\WINDOWS\system32\rtcdll.dll
    + 2004-03-30 01:27:01 554,496 ----a-w C:\WINDOWS\system32\rtcdll.dll
    + 2007-08-27 09:26:10 27,120 ----a-w C:\WINDOWS\system32\SBBD.exe
    - 2001-08-28 12:00:00 133,632 ----a-w C:\WINDOWS\system32\schannel.dll
    + 2004-03-30 01:27:02 136,704 ----a-w C:\WINDOWS\system32\schannel.dll
    + 2005-11-02 09:39:16 40,960 ----a-w C:\WINDOWS\system32\SDelete.dll
    - 2001-08-28 12:00:00 127,488 ----a-w C:\WINDOWS\system32\shmedia.dll
    + 2002-09-19 10:28:54 127,488 ----a-w C:\WINDOWS\system32\shmedia.dll
    + 2007-07-30 18:18:40 33,624 ----a-w C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.0.6000.381\wups.dll
    + 2007-07-30 18:19:12 43,352 ----a-w C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.0.6000.381\wups2.dll
    - 2004-04-27 02:40:52 11,264 ----a-w C:\WINDOWS\system32\SpOrder.dll
    + 2005-04-03 12:08:46 8,464 ----a-w C:\WINDOWS\system32\sporder.dll
    + 2003-01-26 12:41:00 40,960 ----a-w C:\WINDOWS\system32\SSubTmr6.dll
    - 2007-12-13 20:26:50 156,160 ----a-w C:\WINDOWS\system32\swreg.exe
    + 2000-08-31 07:00:00 156,160 ----a-w C:\WINDOWS\system32\swreg.exe
    - 2001-08-28 12:00:00 90,624 ----a-w C:\WINDOWS\system32\txflog.dll
    + 2004-03-06 02:07:48 97,280 ----a-w C:\WINDOWS\system32\txflog.dll
    + 2006-03-16 10:33:00 372,824 ----a-w C:\WINDOWS\system32\vsdatant.sys
    + 2006-03-16 10:33:08 141,080 ----a-w C:\WINDOWS\system32\vsinit.dll
    + 2006-03-16 10:33:16 104,216 ----a-w C:\WINDOWS\system32\vsmonapi.dll
    + 2006-03-16 10:33:20 227,096 ----a-w C:\WINDOWS\system32\vspubapi.dll
    + 2006-03-16 10:33:24 71,448 ----a-w C:\WINDOWS\system32\vsregexp.dll
    + 2006-03-16 10:33:36 382,744 ----a-w C:\WINDOWS\system32\vsutil.dll
    - 2001-08-28 12:00:00 34,304 ----a-w C:\WINDOWS\system32\wbem\CmdEvTgProv.dll
    + 2004-03-30 01:26:51 40,960 ----a-w C:\WINDOWS\system32\wbem\cmdevtgprov.dll
    + 2001-09-07 10:41:56 290,816 ----a-w C:\WINDOWS\system32\WINHTTP5.DLL
    - 2005-05-26 02:16:30 467,224 ----a-w C:\WINDOWS\system32\wuapi.dll
    + 2007-07-30 18:19:36 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
    - 2005-05-26 02:16:30 125,720 ----a-w C:\WINDOWS\system32\wuauclt.exe
    + 2007-07-30 18:19:16 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
    - 2005-05-26 02:16:30 1,343,768 ----a-w C:\WINDOWS\system32\wuaueng.dll
    + 2007-07-30 18:19:42 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
    - 2005-05-26 02:16:32 128,792 ----a-w C:\WINDOWS\system32\wucltui.dll
    + 2007-07-30 18:19:32 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
    - 2005-05-26 02:16:30 41,240 ----a-w C:\WINDOWS\system32\wups.dll
    + 2007-07-30 18:18:40 33,624 ----a-w C:\WINDOWS\system32\wups.dll
    - 2005-05-26 02:16:30 18,200 ----a-w C:\WINDOWS\system32\wups2.dll
    + 2007-07-30 18:19:12 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
    - 2005-05-26 02:19:32 173,536 ----a-w C:\WINDOWS\system32\wuweb.dll
    + 2007-07-30 18:19:28 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
    - 2006-11-16 14:51:08 426,664 ----a-w C:\WINDOWS\system32\XceedZip.dll
    + 2006-06-22 13:40:28 493,400 ----a-w C:\WINDOWS\system32\XceedZip.dll
    + 2004-06-30 16:00:00 185,344 ------w C:\WINDOWS\system32\xpob2res.dll
    + 2004-01-10 05:11:10 26,112 ----a-w C:\WINDOWS\system32\xpsp1hfm.exe
    - 2001-08-28 12:00:00 320,512 ----a-w C:\WINDOWS\system32\zipfldr.dll
    + 2002-09-25 11:23:16 319,488 ----a-w C:\WINDOWS\system32\zipfldr.dll
    + 2006-03-16 10:34:04 79,640 ----a-w C:\WINDOWS\system32\zlcomm.dll
    + 2006-03-16 10:34:08 71,448 ----a-w C:\WINDOWS\system32\zlcommdb.dll
    - 2007-05-05 16:45:39 4,212 ---h--w C:\WINDOWS\system32\zllictbl.dat
    + 2007-12-25 15:43:25 4,212 ---h--w C:\WINDOWS\system32\zllictbl.dat
    + 2007-12-31 11:29:47 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_4c0.dat
    + 2007-12-22 10:18:52 1,229,312 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.0.2.0_x-ww_702998db\msxml4.dll
    + 2007-12-22 10:18:52 96,256 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.0.2.0_x-ww_e6d36d6b\msxml4r.dll
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fcdafbcb-6ac5-40d9-b85d-4bc534050923}]
    C:\WINDOWS\System32\gyxtwmcx.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-08-28 13:00 13312]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [ ]
    "e072610c"="C:\WINDOWS\System32\waobglch.dll" [ ]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-08-28 13:00 13312]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
    avldr.dll 2007-02-15 19:02 50736 C:\WINDOWS\system32\avldr.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\desmon]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dx7til]
    dx7til.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efccbba]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\khfffgf]
    khfffgf.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBCSTray]
    C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe

    R0 SBHR;SBHR;C:\WINDOWS\System32\drivers\sbhr.sys [2007-12-30 15:02]
    R0 viasraid;viasraid;C:\WINDOWS\System32\DRIVERS\viasraid.sys [2003-06-12 17:31]
    R1 fwdrv;Firewall Driver;C:\WINDOWS\System32\drivers\fwdrv.sys [2007-04-26 10:21]
    R1 khips;Kerio HIPS Driver;C:\WINDOWS\System32\drivers\khips.sys [2007-04-26 10:21]
    R2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\System32\DRIVERS\nvcap.sys [2003-09-08 13:52]
    R2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\System32\DRIVERS\NVxbar.sys [2003-09-08 13:52]
    R2 SBAPIFS;CounterSpy Filter Driver;C:\WINDOWS\System32\Drivers\Sbapifs.sys [2007-12-30 17:57]
    R2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 10:21]
    R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2001-08-28 13:00]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    .
    Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
    "2007-12-25 14:43:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2007-12-31 11:00:00 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
    - C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
    "2007-12-28 16:29:03 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
    - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-31 12:30:43
    Windows 5.1.2600 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-12-31 12:33:22 - machine was rebooted
    C:\qoobox\ComboFix-quarantined-files.txt 2007-12-31 11:33:15
    C:\qoobox\ComboFix2.txt 2007-12-20 19:10:33
    .
    2007-12-22 10:27:53 --- E O F ---
    a b 8 Sécurité
    31 Décembre 2007 12:45:34

    AVG Antispyware fonctionne encore ?
    a b 8 Sécurité
    31 Décembre 2007 14:32:21

    Supprime ta version de Combofix pour utiliser celle-ci :
    http://download.bleepingcomputer.com/sUBs/Beta/ComboFix...

  • Télécharge RenV ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique RenV.exe, patiente pendant la durée du scan.
  • Un rapport Log.txt apparaîtra, sauvegarde-le sur ton Bureau.
  • Poste le contenu de ce rapport dans ta prochaine réponse.
    31 Décembre 2007 15:47:12

    Non avg ne fonctionne plus. Enfin normallement...
    31 Décembre 2007 15:49:04

    Voici le rapport de RenV.exe :


    1. Ran on 31/12/2007 - 15:47:48,67
    2.  
    3. ----a-w 79,224 2007-12-31 09:05:51 C:\Program Files\Alwil Software\Avast4\ashDisp .exe
    4. ----a-w 45,056 2007-12-22 16:04:25 C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon .exe
    5. ----a-w 68,856 2007-12-22 16:04:38 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier .exe
    6. ----a-w 6,731,312 2007-12-22 11:00:41 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
    7. ----a-w 6,731,312 2007-12-22 19:26:14 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
    8. ----a-w 579,072 2007-12-22 16:06:09 C:\Program Files\Grisoft\AVG7\avgcc .exe
    9. ----a-w 146,432 2007-12-22 11:30:16 C:\Program Files\Grisoft\AVG7\avgw .exe
    10. ----a-w 267,048 2007-12-22 16:04:27 C:\Program Files\iTunes\iTunesHelper .exe
    11. ----a-w 1,077,277 2007-12-20 18:43:49 C:\Program Files\Messenger\msmsgs .exe
    12. ----a-w 698,864 2007-12-30 21:22:24 C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray .exe
    13. ----a-w 147,968 2007-12-26 17:08:11 C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\MSConfig .exe
    14. ----a-w 13,312 2007-12-30 10:22:40 C:\WINDOWS\system32\ctfmon .exe
    15.  
    16. Entries: 12 (12)
    17. Directories: 0 Files: 12
    18. Bytes: 16,585,733 Blocks: 32,398

    31 Décembre 2007 15:59:43

    Et voici un autre rapport de conbofix avec la version nouvelle que tu m'as donné :

    ComboFix 07-12-31.4 - Alex 2007-12-31 15:50:02.3 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.0.1252.1.1036.18.271 [GMT 1:00]
    Running from: C:\Documents and Settings\Alex\Bureau\ComboFix.exe
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2007-11-28 to 2007-12-31 ))))))))))))))))))))))))))))))))))))
    .

    2007-12-31 12:20 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2007-12-30 17:52 . 2007-12-30 17:52 335,360 --a------ C:\WINDOWS\system32\RCX16.tmp
    2007-12-30 16:47 . 2007-12-30 16:47 <REP> d-------- C:\Program Files\Trend Micro
    2007-12-30 15:02 . 2007-12-30 17:57 54,584 --a------ C:\WINDOWS\system32\drivers\sbapifs.sys
    2007-12-30 15:02 . 2007-12-30 15:02 15,544 --a------ C:\WINDOWS\system32\drivers\sbhr.sys
    2007-12-30 15:01 . 2007-12-30 15:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sunbelt Software
    2007-12-30 15:01 . 2007-12-30 15:01 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Sunbelt Software
    2007-12-30 11:52 . 2007-12-30 11:52 335,360 --a------ C:\WINDOWS\system32\RCX15.tmp
    2007-12-29 16:38 . 2007-12-29 16:38 67 --a------ C:\WINDOWS\system32\drivers\fwdrv.err
    2007-12-29 16:24 . 2007-12-29 16:24 335,360 --a------ C:\WINDOWS\system32\RCX14.tmp
    2007-12-29 11:07 . 2007-12-29 11:07 335,360 --a------ C:\WINDOWS\system32\RCX10.tmp
    2007-12-29 11:02 . 2007-12-29 11:02 335,360 --a------ C:\WINDOWS\system32\RCXD.tmp
    2007-12-28 23:18 . 2007-12-28 23:18 <REP> d-------- C:\Program Files\Comptes et Budget Free V5.0
    2007-12-28 23:18 . 2007-12-28 23:18 <REP> d-------- C:\Documents and Settings\Alex\Application Data\AlauxSoft
    2007-12-27 19:38 . 2007-12-30 17:52 1,031,499 ---hs---- C:\WINDOWS\system32\hclgboaw.ini
    2007-12-27 13:18 . 2007-12-30 15:00 <REP> d-------- C:\Program Files\Sunbelt Software
    2007-12-26 18:08 . 2007-12-26 18:08 335,360 --a------ C:\WINDOWS\system32\RCX19.tmp
    2007-12-26 17:39 . 2007-12-26 17:39 335,360 --a------ C:\WINDOWS\system32\RCX13.tmp
    2007-12-26 11:53 . 2007-12-26 11:53 335,360 --a------ C:\WINDOWS\system32\RCX12.tmp
    2007-12-25 19:31 . 2007-12-25 19:31 8,192 --ahs---- C:\WINDOWS\system32\Thumbs.db
    2007-12-25 16:43 . 2006-03-16 11:19 54,960 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
    2007-12-25 16:43 . 2007-12-25 16:53 41,201 --a------ C:\WINDOWS\system32\vsconfig.xml
    2007-12-24 11:31 . 2007-12-24 11:31 335,360 --a------ C:\WINDOWS\system32\RCX11.tmp
    2007-12-23 23:37 . 2007-12-23 23:37 <REP> d-------- C:\Program Files\Freeplayer-Win32-20070531
    2007-12-23 18:49 . 2007-12-23 18:49 335,360 --a------ C:\WINDOWS\system32\RCXB.tmp
    2007-12-23 18:44 . 2007-12-23 18:44 335,360 --a------ C:\WINDOWS\system32\RCXA.tmp
    2007-12-23 18:38 . 2007-12-23 18:38 335,360 --a------ C:\WINDOWS\system32\RCXF.tmp
    2007-12-23 18:38 . 2007-12-23 18:38 0 --a------ C:\WINDOWS\system32\inflist.dat
    2007-12-23 18:37 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
    2007-12-23 18:37 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
    2007-12-23 18:37 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
    2007-12-23 18:37 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
    2007-12-23 18:37 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
    2007-12-23 18:37 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
    2007-12-23 18:37 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
    2007-12-23 18:37 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
    2007-12-23 18:26 . 2007-12-23 18:26 335,360 --a------ C:\WINDOWS\system32\RCXE.tmp
    2007-12-23 18:24 . 2007-12-23 18:24 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Comodo
    2007-12-23 18:20 . 2007-12-23 18:20 335,360 --a------ C:\WINDOWS\system32\RCXC.tmp
    2007-12-23 18:18 . 2007-12-23 18:18 <REP> d-------- C:\Program Files\Trustix
    2007-12-23 18:18 . 2006-05-03 12:09 73,728 --a------ C:\WINDOWS\system32\CavEmLSP.dll
    2007-12-23 18:17 . 2007-12-23 18:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Comodo
    2007-12-23 18:16 . 2007-12-23 18:16 <REP> d-------- C:\WINDOWS\Downloaded Installations
    2007-12-23 17:21 . 2007-12-23 17:21 335,360 --a------ C:\WINDOWS\system32\RCX8.tmp
    2007-12-23 17:06 . 2007-12-23 17:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
    2007-12-23 17:01 . 2007-12-23 17:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
    2007-12-23 16:35 . 2007-12-23 16:35 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
    2007-12-23 11:56 . 2007-12-23 11:56 268 --ah----- C:\sqmdata08.sqm
    2007-12-23 11:56 . 2007-12-23 11:56 244 --ah----- C:\sqmnoopt08.sqm
    2007-12-22 11:19 . 2002-11-14 20:43 221,184 --a------ C:\WINDOWS\system32\srrstr.dll
    2007-12-22 11:19 . 2002-11-14 20:43 221,184 --a--c--- C:\WINDOWS\system32\dllcache\srrstr.dll
    2007-12-22 11:18 . 2007-12-22 11:18 <REP> d-------- C:\Program Files\MSXML 4.0
    2007-12-20 23:51 . 2007-12-20 23:51 73 --a------ C:\WINDOWS\system32\i
    2007-12-20 21:34 . 2007-12-20 21:34 30,945,280 --a------ C:\upload_moi.tar
    2007-12-20 21:21 . 2007-12-20 21:21 1,635 --a------ C:\WINDOWS\system32\khyd.exe
    2007-12-20 21:09 . 2007-12-23 17:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
    2007-12-20 20:58 . 2004-07-01 23:08 360,960 --a--c--- C:\WINDOWS\system32\dllcache\qmgr.dll
    2007-12-20 20:58 . 2004-07-01 23:08 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
    2007-12-20 20:58 . 2004-07-01 23:08 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
    2007-12-20 20:58 . 2004-07-01 23:08 17,408 --a--c--- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
    2007-12-20 20:53 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
    2007-12-20 20:53 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
    2007-12-20 20:53 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
    2007-12-20 20:53 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
    2007-12-20 13:19 . 2007-12-20 13:19 244 --ah----- C:\sqmnoopt07.sqm
    2007-12-20 13:19 . 2007-12-20 13:19 232 --ah----- C:\sqmdata07.sqm
    2007-12-20 13:12 . 2007-12-20 13:12 0 --a------ C:\WINDOWS\system32\bya.exe
    2007-12-20 13:02 . 2007-12-20 13:02 244 --ah----- C:\sqmnoopt06.sqm
    2007-12-20 13:02 . 2007-12-20 13:02 232 --ah----- C:\sqmdata06.sqm
    2007-12-20 07:42 . 2007-12-30 11:22 13,312 --a------ C:\WINDOWS\system32\ctfmon .exe
    2007-12-20 07:17 . 2007-12-20 07:17 1,635 --a------ C:\WINDOWS\system32\sdbdmau.exe
    2007-12-20 07:17 . 2007-12-20 07:17 1,635 --a------ C:\WINDOWS\system32\kifyptv.exe
    2007-12-19 22:49 . 2007-12-19 22:49 1,635 --a------ C:\WINDOWS\system32\rybeul.exe
    2007-12-19 22:24 . 2007-12-19 22:24 1,635 --a------ C:\WINDOWS\system32\vqmepih.exe
    2007-12-19 22:24 . 2007-12-19 22:24 1,635 --a------ C:\WINDOWS\system32\hauoyq.exe
    2007-12-19 21:34 . 2007-12-19 21:34 1,635 --a------ C:\WINDOWS\system32\wjmq.exe
    2007-12-19 21:34 . 2007-12-19 21:34 1,635 --a------ C:\WINDOWS\system32\iixsvf.exe
    2007-12-19 21:26 . 2007-12-19 21:26 1,635 --a------ C:\WINDOWS\system32\wrozlopw.exe
    2007-12-19 21:26 . 2007-12-19 21:26 1,635 --a------ C:\WINDOWS\system32\bfgm.exe
    2007-12-19 21:09 . 2007-12-19 21:09 1,635 --a------ C:\WINDOWS\system32\gkdinsmb.exe
    2007-12-19 21:09 . 2007-12-19 21:09 1,635 --a------ C:\WINDOWS\system32\ajlkvmqc.exe
    2007-12-19 20:52 . 2007-12-19 20:52 1,635 --a------ C:\WINDOWS\system32\texk.exe
    2007-12-19 20:52 . 2007-12-19 20:52 1,635 --a------ C:\WINDOWS\system32\slfwqois.exe
    2007-12-19 20:11 . 2007-12-19 20:11 118 --a------ C:\WINDOWS\system32\ysryk.bat
    2007-12-19 20:10 . 2007-12-19 20:10 0 --ah----- C:\WINDOWS\system32\nnzl.exe
    2007-12-19 19:00 . 2007-12-19 19:00 127 --a------ C:\WINDOWS\system32\kydky.bat
    2007-12-19 19:00 . 2007-12-19 19:00 126 --a------ C:\WINDOWS\system32\thjo.bat
    2007-12-19 19:00 . 2007-12-19 19:00 123 --a------ C:\WINDOWS\system32\ngknuci.bat
    2007-12-19 18:56 . 2007-12-19 18:56 1,635 --a------ C:\WINDOWS\system32\ppbqo.exe
    2007-12-19 18:43 . 2007-12-19 18:43 244 --ah----- C:\sqmnoopt05.sqm
    2007-12-19 18:43 . 2007-12-19 18:43 232 --ah----- C:\sqmdata05.sqm
    2007-12-19 18:39 . 2007-12-19 18:39 1,635 --a------ C:\WINDOWS\system32\hqlnopib.exe
    2007-12-19 18:39 . 2007-12-19 18:39 1,635 --a------ C:\WINDOWS\system32\devdmwws.exe
    2007-12-19 18:32 . 2007-12-19 18:32 244 --ah----- C:\sqmnoopt04.sqm
    2007-12-19 18:32 . 2007-12-19 18:32 232 --ah----- C:\sqmdata04.sqm
    2007-12-19 18:31 . 2007-12-19 18:31 1,635 --a------ C:\WINDOWS\system32\zsmvmr.exe

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-12-31 14:52 --------- d-----w C:\Documents and Settings\Alex\Application Data\Free Download Manager
    2007-12-31 11:19 --------- d-----w C:\Program Files\Mozilla Thunderbird
    2007-12-30 16:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
    2007-12-30 13:50 --------- d-----w C:\Program Files\eMule
    2007-12-29 22:57 --------- d-----w C:\Documents and Settings\Alex\Application Data\uTorrent
    2007-12-26 17:08 147,968 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\MSConfig .exe
    2007-12-23 17:16 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2007-12-22 10:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2007-12-20 19:03 --------- d-----w C:\Program Files\Navilog1
    2007-12-19 11:37 134,656 ----a-w C:\WINDOWS\system32\sfc_os.dll
    2007-12-17 19:16 --------- d-----w C:\Documents and Settings\Alex\Application Data\vlc
    2007-12-15 23:25 12,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
    2007-12-15 19:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-11-30 17:39 --------- d-----w C:\Program Files\adslTV
    2007-10-31 19:52 --------- d-----w C:\Program Files\Google
    2007-10-31 17:28 39,424 ----a-w C:\WINDOWS\zipinst.exe
    2007-10-20 09:31 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    2007-10-20 00:56 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-10-20 00:56 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2007-10-10 18:44 18,312 ----a-w C:\Documents and Settings\Alex\Application Data\GDIPFONTCACHEV1.DAT
    2007-07-31 17:31 65,273 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_07_31_13_38_26_small.dmp.zip
    .
    1. ----a-w 79,224 2007-12-31 09:05:51 C:\Program Files\Alwil Software\Avast4\ashDisp .exe
    2. ----a-w 45,056 2007-12-22 16:04:25 C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon .exe
    3. ----a-w 68,856 2007-12-22 16:04:38 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier .exe
    4. ----a-w 6,731,312 2007-12-22 11:00:41 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
    5. ----a-w 6,731,312 2007-12-22 19:26:14 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
    6. ----a-w 579,072 2007-12-22 16:06:09 C:\Program Files\Grisoft\AVG7\avgcc .exe
    7. ----a-w 146,432 2007-12-22 11:30:16 C:\Program Files\Grisoft\AVG7\avgw .exe
    8. ----a-w 267,048 2007-12-22 16:04:27 C:\Program Files\iTunes\iTunesHelper .exe
    9. ----a-w 1,077,277 2007-12-20 18:43:49 C:\Program Files\Messenger\msmsgs .exe
    10. ----a-w 698,864 2007-12-30 21:22:24 C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray .exe
    11. ----a-w 147,968 2007-12-26 17:08:11 C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\MSConfig .exe
    12. ----a-w 13,312 2007-12-30 10:22:40 C:\WINDOWS\system32\ctfmon .exe



    ((((((((((((((((((((((((((((( snapshot_2007-12-31_12.32.25.65 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2007-12-31 14:40:44 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_4cc.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fcdafbcb-6ac5-40d9-b85d-4bc534050923}]
    C:\WINDOWS\System32\gyxtwmcx.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-08-28 13:00 13312]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [ ]
    "e072610c"="C:\WINDOWS\System32\waobglch.dll" [ ]
    "MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2001-08-28 13:00 147968]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-08-28 13:00 13312]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 08:01:04]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
    avldr.dll 2007-02-15 19:02 50736 C:\WINDOWS\system32\avldr.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\desmon]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dx7til]
    dx7til.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efccbba]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\khfffgf]
    khfffgf.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBCSTray]
    C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe

    R0 SBHR;SBHR;C:\WINDOWS\System32\drivers\sbhr.sys [2007-12-30 15:02]
    R0 viasraid;viasraid;C:\WINDOWS\System32\DRIVERS\viasraid.sys [2003-06-12 17:31]
    R1 fwdrv;Firewall Driver;C:\WINDOWS\System32\drivers\fwdrv.sys [2007-04-26 10:21]
    R1 khips;Kerio HIPS Driver;C:\WINDOWS\System32\drivers\khips.sys [2007-04-26 10:21]
    R2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\System32\DRIVERS\nvcap.sys [2003-09-08 13:52]
    R2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\System32\DRIVERS\NVxbar.sys [2003-09-08 13:52]
    R2 SBAPIFS;CounterSpy Filter Driver;C:\WINDOWS\System32\Drivers\Sbapifs.sys [2007-12-30 17:57]
    R2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 10:21]
    R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2001-08-28 13:00]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2007-12-25 14:43:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2007-12-31 11:00:00 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
    - C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
    "2007-12-28 16:29:03 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
    - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-31 15:53:38
    Windows 5.1.2600 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-12-31 15:55:13
    C:\qoobox\ComboFix-quarantined-files.txt 2007-12-31 14:55:06
    C:\qoobox\ComboFix2.txt 2007-12-31 11:33:23
    C:\qoobox\ComboFix3.txt 2007-12-20 19:10:33
    .
    2007-12-22 10:27:53 --- E O F ---
    a b 8 Sécurité
    31 Décembre 2007 16:43:40

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    File::
    C:\WINDOWS\system32\RCX15.tmp
    C:\WINDOWS\system32\RCX14.tmp
    C:\WINDOWS\system32\RCX10.tmp
    C:\WINDOWS\system32\RCXD.tmp
    C:\WINDOWS\system32\hclgboaw.ini
    C:\WINDOWS\system32\RCX19.tmp
    C:\WINDOWS\system32\RCX13.tmp
    C:\WINDOWS\system32\RCX12.tmp
    C:\WINDOWS\system32\RCX11.tmp
    C:\WINDOWS\system32\RCXB.tmp
    C:\WINDOWS\system32\RCXA.tmp
    C:\WINDOWS\system32\RCXF.tmp
    C:\WINDOWS\system32\RCXC.tmp
    C:\WINDOWS\system32\RCX8.tmp
    C:\upload_moi.tar
    C:\WINDOWS\system32\khyd.exe
    C:\WINDOWS\system32\bya.exe
    C:\WINDOWS\system32\sdbdmau.exe
    C:\WINDOWS\system32\kifyptv.exe
    C:\WINDOWS\system32\rybeul.exe
    C:\WINDOWS\system32\vqmepih.exe
    C:\WINDOWS\system32\hauoyq.exe
    C:\WINDOWS\system32\wjmq.exe
    C:\WINDOWS\system32\iixsvf.exe
    C:\WINDOWS\system32\wrozlopw.exe
    C:\WINDOWS\system32\bfgm.exe
    C:\WINDOWS\system32\gkdinsmb.exe
    C:\WINDOWS\system32\ajlkvmqc.exe
    C:\WINDOWS\system32\texk.exe
    C:\WINDOWS\system32\slfwqois.exe
    C:\WINDOWS\system32\ysryk.bat
    C:\WINDOWS\system32\nnzl.exe
    C:\WINDOWS\system32\kydky.bat
    C:\WINDOWS\system32\thjo.bat
    C:\WINDOWS\system32\ngknuci.bat
    C:\WINDOWS\system32\ppbqo.exe
    C:\WINDOWS\system32\hqlnopib.exe
    C:\WINDOWS\system32\devdmwws.exe
    C:\WINDOWS\system32\zsmvmr.exe

    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fcdafbcb-6ac5-40d9-b85d-4bc534050923}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "e072610c"=-


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]

    &

    Glisse maintenant le fichier Log.txt dans RenV.exe comme ci-dessous :

    Cela va relancer RenV, poste le contenu du nouveau rapport Log.txt.
    1 Janvier 2008 13:35:31

    Bonjour a toi et BONNE ANNEE !!!

    Voici le rapport de combofix :

    ComboFix 07-12-31.4 - Alex 2008-01-01 13:21:52.6 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.0.1252.1.1036.18.252 [GMT 1:00]
    Running from: C:\Documents and Settings\Alex\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Alex\Bureau\CFScript.txt
    * Created a new restore point

    FILE
    C:\upload_moi.tar
    C:\WINDOWS\system32\ajlkvmqc.exe
    C:\WINDOWS\system32\bfgm.exe
    C:\WINDOWS\system32\bya.exe
    C:\WINDOWS\system32\devdmwws.exe
    C:\WINDOWS\system32\gkdinsmb.exe
    C:\WINDOWS\system32\hauoyq.exe
    C:\WINDOWS\system32\hclgboaw.ini
    C:\WINDOWS\system32\hqlnopib.exe
    C:\WINDOWS\system32\iixsvf.exe
    C:\WINDOWS\system32\khyd.exe
    C:\WINDOWS\system32\kifyptv.exe
    C:\WINDOWS\system32\kydky.bat
    C:\WINDOWS\system32\ngknuci.bat
    C:\WINDOWS\system32\nnzl.exe
    C:\WINDOWS\system32\ppbqo.exe
    C:\WINDOWS\system32\RCX10.tmp
    C:\WINDOWS\system32\RCX11.tmp
    C:\WINDOWS\system32\RCX12.tmp
    C:\WINDOWS\system32\RCX13.tmp
    C:\WINDOWS\system32\RCX14.tmp
    C:\WINDOWS\system32\RCX15.tmp
    C:\WINDOWS\system32\RCX19.tmp
    C:\WINDOWS\system32\RCX8.tmp
    C:\WINDOWS\system32\RCXA.tmp
    C:\WINDOWS\system32\RCXB.tmp
    C:\WINDOWS\system32\RCXC.tmp
    C:\WINDOWS\system32\RCXD.tmp
    C:\WINDOWS\system32\RCXF.tmp
    C:\WINDOWS\system32\rybeul.exe
    C:\WINDOWS\system32\sdbdmau.exe
    C:\WINDOWS\system32\slfwqois.exe
    C:\WINDOWS\system32\texk.exe
    C:\WINDOWS\system32\thjo.bat
    C:\WINDOWS\system32\vqmepih.exe
    C:\WINDOWS\system32\wjmq.exe
    C:\WINDOWS\system32\wrozlopw.exe
    C:\WINDOWS\system32\ysryk.bat
    C:\WINDOWS\system32\zsmvmr.exe
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2007-12-01 to 2008-01-01 ))))))))))))))))))))))))))))))))))))
    .

    2007-12-31 12:20 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2007-12-30 17:52 . 2007-12-30 17:52 335,360 --a------ C:\WINDOWS\system32\RCX16.tmp
    2007-12-30 16:47 . 2007-12-30 16:47 <REP> d-------- C:\Program Files\Trend Micro
    2007-12-30 15:02 . 2007-12-30 17:57 54,584 --a------ C:\WINDOWS\system32\drivers\sbapifs.sys
    2007-12-30 15:02 . 2007-12-30 15:02 15,544 --a------ C:\WINDOWS\system32\drivers\sbhr.sys
    2007-12-30 15:01 . 2007-12-30 15:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sunbelt Software
    2007-12-30 15:01 . 2007-12-30 15:01 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Sunbelt Software
    2007-12-29 16:38 . 2007-12-29 16:38 67 --a------ C:\WINDOWS\system32\drivers\fwdrv.err
    2007-12-28 23:18 . 2007-12-28 23:18 <REP> d-------- C:\Program Files\Comptes et Budget Free V5.0
    2007-12-28 23:18 . 2007-12-28 23:18 <REP> d-------- C:\Documents and Settings\Alex\Application Data\AlauxSoft
    2007-12-27 13:18 . 2007-12-30 15:00 <REP> d-------- C:\Program Files\Sunbelt Software
    2007-12-25 19:31 . 2007-12-25 19:31 8,192 --ahs---- C:\WINDOWS\system32\Thumbs.db
    2007-12-25 16:43 . 2006-03-16 11:19 54,960 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
    2007-12-25 16:43 . 2007-12-25 16:53 41,201 --a------ C:\WINDOWS\system32\vsconfig.xml
    2007-12-23 23:37 . 2007-12-23 23:37 <REP> d-------- C:\Program Files\Freeplayer-Win32-20070531
    2007-12-23 18:38 . 2007-12-23 18:38 0 --a------ C:\WINDOWS\system32\inflist.dat
    2007-12-23 18:37 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
    2007-12-23 18:37 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
    2007-12-23 18:37 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
    2007-12-23 18:37 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
    2007-12-23 18:37 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
    2007-12-23 18:37 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
    2007-12-23 18:37 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
    2007-12-23 18:37 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
    2007-12-23 18:26 . 2007-12-23 18:26 335,360 --a------ C:\WINDOWS\system32\RCXE.tmp
    2007-12-23 18:24 . 2007-12-23 18:24 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Comodo
    2007-12-23 18:18 . 2007-12-23 18:18 <REP> d-------- C:\Program Files\Trustix
    2007-12-23 18:18 . 2006-05-03 12:09 73,728 --a------ C:\WINDOWS\system32\CavEmLSP.dll
    2007-12-23 18:17 . 2007-12-23 18:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Comodo
    2007-12-23 18:16 . 2007-12-23 18:16 <REP> d-------- C:\WINDOWS\Downloaded Installations
    2007-12-23 17:06 . 2007-12-23 17:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
    2007-12-23 17:01 . 2007-12-23 17:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
    2007-12-23 16:35 . 2007-12-23 16:35 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
    2007-12-23 11:56 . 2007-12-23 11:56 268 --ah----- C:\sqmdata08.sqm
    2007-12-23 11:56 . 2007-12-23 11:56 244 --ah----- C:\sqmnoopt08.sqm
    2007-12-22 11:19 . 2002-11-14 20:43 221,184 --a------ C:\WINDOWS\system32\srrstr.dll
    2007-12-22 11:19 . 2002-11-14 20:43 221,184 --a--c--- C:\WINDOWS\system32\dllcache\srrstr.dll
    2007-12-22 11:18 . 2007-12-22 11:18 <REP> d-------- C:\Program Files\MSXML 4.0
    2007-12-20 23:51 . 2007-12-20 23:51 73 --a------ C:\WINDOWS\system32\i
    2007-12-20 21:09 . 2007-12-23 17:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
    2007-12-20 20:58 . 2004-07-01 23:08 360,960 --a--c--- C:\WINDOWS\system32\dllcache\qmgr.dll
    2007-12-20 20:58 . 2004-07-01 23:08 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
    2007-12-20 20:58 . 2004-07-01 23:08 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
    2007-12-20 20:58 . 2004-07-01 23:08 17,408 --a--c--- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
    2007-12-20 20:53 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
    2007-12-20 20:53 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
    2007-12-20 20:53 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
    2007-12-20 20:53 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
    2007-12-20 13:19 . 2007-12-20 13:19 244 --ah----- C:\sqmnoopt07.sqm
    2007-12-20 13:19 . 2007-12-20 13:19 232 --ah----- C:\sqmdata07.sqm
    2007-12-20 13:02 . 2007-12-20 13:02 244 --ah----- C:\sqmnoopt06.sqm
    2007-12-20 13:02 . 2007-12-20 13:02 232 --ah----- C:\sqmdata06.sqm
    2007-12-20 07:42 . 2007-12-30 11:22 13,312 --a------ C:\WINDOWS\system32\ctfmon .exe
    2007-12-19 18:43 . 2007-12-19 18:43 244 --ah----- C:\sqmnoopt05.sqm
    2007-12-19 18:43 . 2007-12-19 18:43 232 --ah----- C:\sqmdata05.sqm
    2007-12-19 18:32 . 2007-12-19 18:32 244 --ah----- C:\sqmnoopt04.sqm
    2007-12-19 18:32 . 2007-12-19 18:32 232 --ah----- C:\sqmdata04.sqm
    2007-12-19 18:31 . 2007-12-19 18:31 1,635 --a------ C:\WINDOWS\system32\qcfknick.exe
    2007-12-19 18:30 . 2007-12-19 18:30 1,635 --a------ C:\WINDOWS\system32\nhrdqdgi.exe
    2007-12-19 18:30 . 2007-12-19 18:30 129 --a------ C:\WINDOWS\system32\khtqtcn.bat
    2007-12-19 18:24 . 2007-12-19 18:24 244 --ah----- C:\sqmnoopt03.sqm
    2007-12-19 18:24 . 2007-12-19 18:24 232 --ah----- C:\sqmdata03.sqm
    2007-12-19 18:23 . 2007-12-19 18:23 1,635 --a------ C:\WINDOWS\system32\pzwvfj.exe
    2007-12-19 18:19 . 2007-12-19 18:19 1,635 --a------ C:\WINDOWS\system32\kwjuy.exe
    2007-12-19 18:11 . 2007-12-19 18:11 244 --ah----- C:\sqmnoopt02.sqm
    2007-12-19 18:11 . 2007-12-19 18:11 232 --ah----- C:\sqmdata02.sqm
    2007-12-18 17:37 . 2007-12-19 18:50 <REP> d-------- C:\Program Files\Freeplayer(2)
    2007-12-16 19:50 . 2007-12-16 19:50 <REP> d-------- C:\Program Files\Maxis
    2007-12-15 17:36 . 2007-12-26 18:32 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2007-12-15 17:36 . 2007-12-15 17:36 1,409 --a------ C:\WINDOWS\QTFont.for
    2007-12-13 19:52 . 2007-12-16 15:58 764 --a------ C:\WINDOWS\eReg.dat
    2007-12-10 21:21 . 2007-12-10 21:21 <REP> d-------- C:\Program Files\Elaborate Bytes
    2007-12-09 22:31 . 2003-05-30 09:00 1,962,496 --a------ C:\WINDOWS\system32\quartz.dll
    2007-12-09 14:32 . 2007-12-09 14:32 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Snapfish
    2007-12-08 17:59 . 2007-12-08 17:59 <REP> d-------- C:\Program Files\iPod
    2007-12-08 17:59 . 2007-12-15 17:37 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Apple Computer
    2007-12-08 17:58 . 2007-12-31 12:27 <REP> d-------- C:\Program Files\iTunes
    2007-12-08 17:57 . 2007-12-31 12:27 <REP> d-------- C:\Program Files\QuickTime
    2007-12-08 17:57 . 2007-12-08 17:57 <REP> d-------- C:\Program Files\Apple Software Update
    2007-12-08 17:57 . 2007-12-08 17:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
    2007-12-08 17:57 . 2007-12-08 17:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
    2007-12-06 22:10 . 2007-12-20 07:31 <REP> d-------- C:\Program Files\Spyware Doctor
    2007-12-06 22:10 . 2007-12-06 22:10 <REP> d-------- C:\Documents and Settings\Alex\Application Data\PC Tools
    2007-12-06 22:10 . 2007-10-04 17:10 79,688 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
    2007-12-06 22:10 . 2007-10-04 17:10 62,280 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
    2007-12-06 22:10 . 2007-10-04 17:10 41,288 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
    2007-12-06 22:10 . 2007-10-04 17:11 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
    2007-12-05 07:33 . 2007-12-05 07:33 37,473 --a------ C:\WINDOWS\system32\muzika.xm
    2007-12-02 20:34 . 2007-12-02 20:34 <REP> d-------- C:\Program Files\DivX

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-12-31 17:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
    2007-12-31 14:56 --------- d-----w C:\Documents and Settings\Alex\Application Data\Free Download Manager
    2007-12-31 11:19 --------- d-----w C:\Program Files\Mozilla Thunderbird
    2007-12-30 16:20 --------- d-----w C:\Program Files\ViOrb
    2007-12-30 13:50 --------- d-----w C:\Program Files\eMule
    2007-12-29 22:57 --------- d-----w C:\Documents and Settings\Alex\Application Data\uTorrent
    2007-12-26 17:08 147,968 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\MSConfig .exe
    2007-12-23 17:16 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2007-12-22 10:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2007-12-20 19:03 --------- d-----w C:\Program Files\Navilog1
    2007-12-19 11:37 134,656 ----a-w C:\WINDOWS\system32\sfc_os.dll
    2007-12-17 19:16 --------- d-----w C:\Documents and Settings\Alex\Application Data\vlc
    2007-12-15 23:25 12,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
    2007-12-15 19:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-11-30 17:39 --------- d-----w C:\Program Files\adslTV
    2007-11-16 12:20 --------- d-----w C:\Program Files\SopCast
    2007-11-10 12:54 15,872 ------w C:\WINDOWS\system32\winskfr.dll
    2007-11-05 06:52 --------- d-----w C:\Program Files\Maïdo Production
    2007-11-05 06:52 --------- d-----w C:\Program Files\Common~1
    2007-11-04 10:07 --------- d-----w C:\Documents and Settings\Alex\Application Data\MechCAD
    2007-10-31 17:28 39,424 ----a-w C:\WINDOWS\zipinst.exe
    2007-10-20 09:31 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    2007-10-20 00:56 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-10-20 00:56 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2007-10-10 18:44 18,312 ----a-w C:\Documents and Settings\Alex\Application Data\GDIPFONTCACHEV1.DAT
    2007-07-31 17:31 65,273 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_07_31_13_38_26_small.dmp.zip
    .
    1. ----a-w 79,224 2007-12-31 09:05:51 C:\Program Files\Alwil Software\Avast4\ashDisp .exe
    2. ----a-w 45,056 2007-12-22 16:04:25 C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon .exe
    3. ----a-w 68,856 2007-12-22 16:04:38 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier .exe
    4. ----a-w 6,731,312 2007-12-22 11:00:41 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
    5. ----a-w 6,731,312 2007-12-22 19:26:14 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
    6. ----a-w 579,072 2007-12-22 16:06:09 C:\Program Files\Grisoft\AVG7\avgcc .exe
    7. ----a-w 146,432 2007-12-22 11:30:16 C:\Program Files\Grisoft\AVG7\avgw .exe
    8. ----a-w 267,048 2007-12-22 16:04:27 C:\Program Files\iTunes\iTunesHelper .exe
    9. ----a-w 1,077,277 2007-12-20 18:43:49 C:\Program Files\Messenger\msmsgs .exe
    10. ----a-w 698,864 2007-12-30 21:22:24 C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray .exe
    11. ----a-w 147,968 2007-12-26 17:08:11 C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\MSConfig .exe
    12. ----a-w 13,312 2007-12-30 10:22:40 C:\WINDOWS\system32\ctfmon .exe



    ((((((((((((((((((((((((((((( snapshot_2007-12-31_12.32.25.65 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2007-12-31 11:21:51 270,336 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
    + 2008-01-01 12:08:30 270,336 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
    + 2008-01-01 12:16:57 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_4b8.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-08-28 13:00 13312]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-08-28 13:00 13312]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 08:01:04]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
    avldr.dll 2007-02-15 19:02 50736 C:\WINDOWS\system32\avldr.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\desmon]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dx7til]
    dx7til.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efccbba]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\khfffgf]
    khfffgf.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBCSTray]
    C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe

    R0 SBHR;SBHR;C:\WINDOWS\System32\drivers\sbhr.sys [2007-12-30 15:02]
    R0 viasraid;viasraid;C:\WINDOWS\System32\DRIVERS\viasraid.sys [2003-06-12 17:31]
    R1 fwdrv;Firewall Driver;C:\WINDOWS\System32\drivers\fwdrv.sys [2007-04-26 10:21]
    R1 khips;Kerio HIPS Driver;C:\WINDOWS\System32\drivers\khips.sys [2007-04-26 10:21]
    R2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\System32\DRIVERS\nvcap.sys [2003-09-08 13:52]
    R2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\System32\DRIVERS\NVxbar.sys [2003-09-08 13:52]
    R2 SBAPIFS;CounterSpy Filter Driver;C:\WINDOWS\System32\Drivers\Sbapifs.sys [2007-12-30 17:57]
    R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2001-08-28 13:00]
    S2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 10:21]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2007-12-25 14:43:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2007-12-31 15:00:00 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
    - C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
    "2007-12-28 16:29:03 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
    - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-01 13:25:27
    Windows 5.1.2600 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2008-01-01 13:26:53
    C:\qoobox\ComboFix-quarantined-files.txt 2008-01-01 12:26:47
    C:\qoobox\ComboFix2.txt 2007-12-31 11:33:23
    C:\qoobox\ComboFix3.txt 2007-12-20 19:10:33
    .
    2008-01-01 11:34:47 --- E O F ---
    1 Janvier 2008 13:36:26

    Ci joit le rapport Hisjackthis :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:28:31, on 01/01/2008
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Télécharger les tous avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{83AAB61E-ED3D-426F-AF5F-CD046D755757}: NameServer = 212.27.54.252,212.27.53.252
    O20 - Winlogon Notify: desmon - C:\WINDOWS\
    O20 - Winlogon Notify: dx7til - dx7til.dll (file missing)
    O20 - Winlogon Notify: efccbba - C:\WINDOWS\
    O20 - Winlogon Notify: khfffgf - khfffgf.dll (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

    --
    End of file - 5885 bytes
    1 Janvier 2008 13:37:56

    En revanche j'ai rencontré un souci lors de l'application de renv.exe !
    J'ai gliséé le fichier log.txt comme tu l'avais dit
    le programme renv.exe s'est lancé et au cours du processus il me dit qu'il manque une extenseion d'application .dll et que je devais le trouvé avec l'onglet OUVRIR AVEC
    mais je sais pas du tout ce que c'est !
    a b 8 Sécurité
    1 Janvier 2008 14:14:21

    Quelle .dll ?
    a b 8 Sécurité
    1 Janvier 2008 14:48:07

    Refais un scan Combofix pour voir.
    Je faire une recherche de mon côté.
    1 Janvier 2008 15:07:09

    Voici le rapport de combofix come tu me l'as demandé :


    ComboFix 07-12-31.4 - Alex 2008-01-01 14:57:23.7 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.0.1252.1.1036.18.307 [GMT 1:00]
    Running from: C:\Documents and Settings\Alex\Bureau\ComboFix.exe
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2007-12-01 to 2008-01-01 ))))))))))))))))))))))))))))))))))))
    .

    2008-01-01 14:57 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2008-01-01 14:25 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
    2008-01-01 13:29 . 2008-01-01 13:32 98,816 --a------ C:\sed.exe
    2008-01-01 13:29 . 2008-01-01 13:33 48,677 --a------ C:\temp00.cmd
    2008-01-01 13:29 . 2008-01-01 13:32 27,136 --a------ C:\nircmd.exe
    2008-01-01 13:29 . 2008-01-01 13:33 16,779 --a------ C:\temp00
    2007-12-30 16:47 . 2007-12-30 16:47 <REP> d-------- C:\Program Files\Trend Micro
    2007-12-30 15:02 . 2007-12-30 17:57 54,584 --a------ C:\WINDOWS\system32\drivers\sbapifs.sys
    2007-12-30 15:02 . 2007-12-30 15:02 15,544 --a------ C:\WINDOWS\system32\drivers\sbhr.sys
    2007-12-30 15:01 . 2007-12-30 15:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sunbelt Software
    2007-12-30 15:01 . 2007-12-30 15:01 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Sunbelt Software
    2007-12-29 16:38 . 2007-12-29 16:38 67 --a------ C:\WINDOWS\system32\drivers\fwdrv.err
    2007-12-28 23:18 . 2007-12-28 23:18 <REP> d-------- C:\Program Files\Comptes et Budget Free V5.0
    2007-12-28 23:18 . 2007-12-28 23:18 <REP> d-------- C:\Documents and Settings\Alex\Application Data\AlauxSoft
    2007-12-27 13:18 . 2007-12-30 15:00 <REP> d-------- C:\Program Files\Sunbelt Software
    2007-12-25 19:31 . 2007-12-25 19:31 8,192 --ahs---- C:\WINDOWS\system32\Thumbs.db
    2007-12-25 16:43 . 2006-03-16 11:19 54,960 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
    2007-12-25 16:43 . 2007-12-25 16:53 41,201 --a------ C:\WINDOWS\system32\vsconfig.xml
    2007-12-23 23:37 . 2007-12-23 23:37 <REP> d-------- C:\Program Files\Freeplayer-Win32-20070531
    2007-12-23 18:38 . 2007-12-23 18:38 0 --a------ C:\WINDOWS\system32\inflist.dat
    2007-12-23 18:37 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
    2007-12-23 18:37 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
    2007-12-23 18:37 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
    2007-12-23 18:37 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
    2007-12-23 18:37 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
    2007-12-23 18:37 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
    2007-12-23 18:37 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
    2007-12-23 18:24 . 2007-12-23 18:24 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Comodo
    2007-12-23 18:18 . 2007-12-23 18:18 <REP> d-------- C:\Program Files\Trustix
    2007-12-23 18:18 . 2006-05-03 12:09 73,728 --a------ C:\WINDOWS\system32\CavEmLSP.dll
    2007-12-23 18:17 . 2007-12-23 18:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Comodo
    2007-12-23 18:16 . 2007-12-23 18:16 <REP> d-------- C:\WINDOWS\Downloaded Installations
    2007-12-23 17:06 . 2007-12-23 17:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
    2007-12-23 17:01 . 2007-12-23 17:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
    2007-12-23 16:35 . 2007-12-23 16:35 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
    2007-12-23 11:56 . 2007-12-23 11:56 268 --ah----- C:\sqmdata08.sqm
    2007-12-23 11:56 . 2007-12-23 11:56 244 --ah----- C:\sqmnoopt08.sqm
    2007-12-22 11:19 . 2002-11-14 20:43 221,184 --a------ C:\WINDOWS\system32\srrstr.dll
    2007-12-22 11:19 . 2002-11-14 20:43 221,184 --a--c--- C:\WINDOWS\system32\dllcache\srrstr.dll
    2007-12-22 11:18 . 2007-12-22 11:18 <REP> d-------- C:\Program Files\MSXML 4.0
    2007-12-20 23:51 . 2007-12-20 23:51 73 --a------ C:\WINDOWS\system32\i
    2007-12-20 21:09 . 2007-12-23 17:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
    2007-12-20 20:58 . 2004-07-01 23:08 360,960 --a--c--- C:\WINDOWS\system32\dllcache\qmgr.dll
    2007-12-20 20:58 . 2004-07-01 23:08 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
    2007-12-20 20:58 . 2004-07-01 23:08 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
    2007-12-20 20:58 . 2004-07-01 23:08 17,408 --a--c--- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
    2007-12-20 20:53 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
    2007-12-20 20:53 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
    2007-12-20 20:53 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
    2007-12-20 20:53 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
    2007-12-20 13:19 . 2007-12-20 13:19 244 --ah----- C:\sqmnoopt07.sqm
    2007-12-20 13:19 . 2007-12-20 13:19 232 --ah----- C:\sqmdata07.sqm
    2007-12-20 13:02 . 2007-12-20 13:02 244 --ah----- C:\sqmnoopt06.sqm
    2007-12-20 13:02 . 2007-12-20 13:02 232 --ah----- C:\sqmdata06.sqm
    2007-12-20 07:42 . 2007-12-30 11:22 13,312 --a------ C:\WINDOWS\system32\ctfmon .exe
    2007-12-19 18:43 . 2007-12-19 18:43 244 --ah----- C:\sqmnoopt05.sqm
    2007-12-19 18:43 . 2007-12-19 18:43 232 --ah----- C:\sqmdata05.sqm
    2007-12-19 18:32 . 2007-12-19 18:32 244 --ah----- C:\sqmnoopt04.sqm
    2007-12-19 18:32 . 2007-12-19 18:32 232 --ah----- C:\sqmdata04.sqm
    2007-12-19 18:31 . 2007-12-19 18:31 1,635 --a------ C:\WINDOWS\system32\qcfknick.exe
    2007-12-19 18:30 . 2007-12-19 18:30 1,635 --a------ C:\WINDOWS\system32\nhrdqdgi.exe
    2007-12-19 18:30 . 2007-12-19 18:30 129 --a------ C:\WINDOWS\system32\khtqtcn.bat
    2007-12-19 18:24 . 2007-12-19 18:24 244 --ah----- C:\sqmnoopt03.sqm
    2007-12-19 18:24 . 2007-12-19 18:24 232 --ah----- C:\sqmdata03.sqm
    2007-12-19 18:23 . 2007-12-19 18:23 1,635 --a------ C:\WINDOWS\system32\pzwvfj.exe
    2007-12-19 18:19 . 2007-12-19 18:19 1,635 --a------ C:\WINDOWS\system32\kwjuy.exe
    2007-12-19 18:11 . 2007-12-19 18:11 244 --ah----- C:\sqmnoopt02.sqm
    2007-12-19 18:11 . 2007-12-19 18:11 232 --ah----- C:\sqmdata02.sqm
    2007-12-18 17:37 . 2007-12-19 18:50 <REP> d-------- C:\Program Files\Freeplayer(2)
    2007-12-16 19:50 . 2007-12-16 19:50 <REP> d-------- C:\Program Files\Maxis
    2007-12-15 17:36 . 2007-12-26 18:32 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2007-12-15 17:36 . 2007-12-15 17:36 1,409 --a------ C:\WINDOWS\QTFont.for
    2007-12-13 19:52 . 2007-12-16 15:58 764 --a------ C:\WINDOWS\eReg.dat
    2007-12-10 21:21 . 2007-12-10 21:21 <REP> d-------- C:\Program Files\Elaborate Bytes
    2007-12-09 22:31 . 2003-05-30 09:00 1,962,496 --a------ C:\WINDOWS\system32\quartz.dll
    2007-12-09 14:32 . 2007-12-09 14:32 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Snapfish
    2007-12-08 17:59 . 2007-12-08 17:59 <REP> d-------- C:\Program Files\iPod
    2007-12-08 17:59 . 2007-12-15 17:37 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Apple Computer
    2007-12-08 17:58 . 2007-12-31 12:27 <REP> d-------- C:\Program Files\iTunes
    2007-12-08 17:57 . 2007-12-31 12:27 <REP> d-------- C:\Program Files\QuickTime
    2007-12-08 17:57 . 2007-12-08 17:57 <REP> d-------- C:\Program Files\Apple Software Update
    2007-12-08 17:57 . 2007-12-08 17:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
    2007-12-08 17:57 . 2007-12-08 17:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
    2007-12-06 22:10 . 2007-12-20 07:31 <REP> d-------- C:\Program Files\Spyware Doctor
    2007-12-06 22:10 . 2007-12-06 22:10 <REP> d-------- C:\Documents and Settings\Alex\Application Data\PC Tools
    2007-12-06 22:10 . 2007-10-04 17:10 79,688 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
    2007-12-06 22:10 . 2007-10-04 17:10 62,280 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
    2007-12-06 22:10 . 2007-10-04 17:10 41,288 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
    2007-12-06 22:10 . 2007-10-04 17:11 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
    2007-12-05 07:33 . 2007-12-05 07:33 37,473 --a------ C:\WINDOWS\system32\muzika.xm
    2007-12-02 20:34 . 2007-12-02 20:34 <REP> d-------- C:\Program Files\DivX

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-01 13:57 --------- d-----w C:\Documents and Settings\Alex\Application Data\Free Download Manager
    2008-01-01 13:45 --------- d-----w C:\Program Files\eMule
    2008-01-01 13:10 --------- d-----w C:\Program Files\Mozilla Thunderbird
    2007-12-31 17:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
    2007-12-30 16:20 --------- d-----w C:\Program Files\ViOrb
    2007-12-29 22:57 --------- d-----w C:\Documents and Settings\Alex\Application Data\uTorrent
    2007-12-26 17:08 147,968 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\MSConfig .exe
    2007-12-23 17:16 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2007-12-22 10:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2007-12-20 19:03 --------- d-----w C:\Program Files\Navilog1
    2007-12-19 11:37 134,656 ----a-w C:\WINDOWS\system32\sfc_os.dll
    2007-12-17 19:16 --------- d-----w C:\Documents and Settings\Alex\Application Data\vlc
    2007-12-15 23:25 12,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
    2007-12-15 19:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-11-30 17:39 --------- d-----w C:\Program Files\adslTV
    2007-11-16 12:20 --------- d-----w C:\Program Files\SopCast
    2007-11-10 12:54 15,872 ------w C:\WINDOWS\system32\winskfr.dll
    2007-11-05 06:52 --------- d-----w C:\Program Files\Maïdo Production
    2007-11-05 06:52 --------- d-----w C:\Program Files\Common~1
    2007-11-04 10:07 --------- d-----w C:\Documents and Settings\Alex\Application Data\MechCAD
    2007-10-31 17:28 39,424 ----a-w C:\WINDOWS\zipinst.exe
    2007-10-20 09:31 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    2007-10-20 00:56 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-10-20 00:56 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2007-10-10 18:44 18,312 ----a-w C:\Documents and Settings\Alex\Application Data\GDIPFONTCACHEV1.DAT
    2007-07-31 17:31 65,273 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_07_31_13_38_26_small.dmp.zip
    .
    1. ----a-w 79,224 2007-12-31 09:05:51 C:\Program Files\Alwil Software\Avast4\ashDisp .exe
    2. ----a-w 45,056 2007-12-22 16:04:25 C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon .exe
    3. ----a-w 68,856 2007-12-22 16:04:38 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier .exe
    4. ----a-w 6,731,312 2007-12-22 11:00:41 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
    5. ----a-w 6,731,312 2007-12-22 19:26:14 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
    6. ----a-w 579,072 2007-12-22 16:06:09 C:\Program Files\Grisoft\AVG7\avgcc .exe
    7. ----a-w 146,432 2007-12-22 11:30:16 C:\Program Files\Grisoft\AVG7\avgw .exe
    8. ----a-w 267,048 2007-12-22 16:04:27 C:\Program Files\iTunes\iTunesHelper .exe
    9. ----a-w 1,077,277 2007-12-20 18:43:49 C:\Program Files\Messenger\msmsgs .exe
    10. ----a-w 698,864 2007-12-30 21:22:24 C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray .exe
    11. ----a-w 147,968 2007-12-26 17:08:11 C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\MSConfig .exe
    12. ----a-w 13,312 2007-12-30 10:22:40 C:\WINDOWS\system32\ctfmon .exe



    ((((((((((((((((((((((((((((( snapshot_2007-12-31_12.32.25.65 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2007-12-31 11:21:51 270,336 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
    + 2008-01-01 12:08:30 270,336 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
    + 2008-01-01 13:25:28 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_4b8.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-08-28 13:00 13312]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-08-28 13:00 13312]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 08:01:04]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
    avldr.dll 2007-02-15 19:02 50736 C:\WINDOWS\system32\avldr.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\desmon]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dx7til]
    dx7til.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efccbba]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\khfffgf]
    khfffgf.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBCSTray]
    C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe

    R0 SBHR;SBHR;C:\WINDOWS\System32\drivers\sbhr.sys [2007-12-30 15:02]
    R0 viasraid;viasraid;C:\WINDOWS\System32\DRIVERS\viasraid.sys [2003-06-12 17:31]
    R1 fwdrv;Firewall Driver;C:\WINDOWS\System32\drivers\fwdrv.sys [2007-04-26 10:21]
    R1 khips;Kerio HIPS Driver;C:\WINDOWS\System32\drivers\khips.sys [2007-04-26 10:21]
    R2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\System32\DRIVERS\nvcap.sys [2003-09-08 13:52]
    R2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\System32\DRIVERS\NVxbar.sys [2003-09-08 13:52]
    R2 SBAPIFS;CounterSpy Filter Driver;C:\WINDOWS\System32\Drivers\Sbapifs.sys [2007-12-30 17:57]
    R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2001-08-28 13:00]
    S2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 10:21]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2007-12-25 14:43:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2007-12-31 15:00:00 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
    - C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
    "2007-12-28 16:29:03 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
    - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-01 15:01:21
    Windows 5.1.2600 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2008-01-01 15:02:49
    C:\qoobox\ComboFix-quarantined-files.txt 2008-01-01 14:02:43
    C:\qoobox\ComboFix2.txt 2008-01-01 12:26:55
    C:\qoobox\ComboFix3.txt 2007-12-31 11:33:23
    C:\qoobox\ComboFix4.txt 2007-12-20 19:10:33
    .
    2008-01-01 11:34:47 --- E O F ---
    a b 8 Sécurité
    1 Janvier 2008 15:15:22

    Analyse le fichier suivant sur VirusTotal puis poste le rapport :
    C:\nircmd.exe
    a b 8 Sécurité
    1 Janvier 2008 16:27:33

    Ok, on va supprimer.

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    File::
    C:\nircmd.exe
    C:\WINDOWS\system32\qcfknick.exe
    C:\WINDOWS\system32\nhrdqdgi.exe
    C:\WINDOWS\system32\pzwvfj.exe
    C:\WINDOWS\system32\kwjuy.exe

    Folder::
    C:\WINDOWS\system32\i

    Registry::
    [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dx7til] [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efccbba]
    [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\khfffgf]


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    2 Janvier 2008 07:45:53

    Bonjour

    Voici le rapport de combofix :

    ComboFix 07-12-31.4 - Alex 2008-01-02 7:35:50.8 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.0.1252.1.1036.18.299 [GMT 1:00]
    Running from: C:\Documents and Settings\Alex\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Alex\Bureau\CFScript.txt
    * Created a new restore point

    FILE
    C:\nircmd.exe
    C:\WINDOWS\system32\kwjuy.exe
    C:\WINDOWS\system32\nhrdqdgi.exe
    C:\WINDOWS\system32\pzwvfj.exe
    C:\WINDOWS\system32\qcfknick.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\nircmd.exe
    C:\WINDOWS\system32\i\
    C:\WINDOWS\system32\kwjuy.exe
    C:\WINDOWS\system32\nhrdqdgi.exe
    C:\WINDOWS\system32\pzwvfj.exe
    C:\WINDOWS\system32\qcfknick.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-12-02 to 2008-01-02 ))))))))))))))))))))))))))))))))))))
    .

    2008-01-02 07:24 . 2008-01-02 07:24 <REP> d-------- C:\WINDOWS\LastGood
    2008-01-01 15:23 . 2008-01-01 15:23 <REP> d-------- C:\Program Files\Roxio
    2008-01-01 15:23 . 2008-01-01 15:23 <REP> d-------- C:\Program Files\Fichiers communs\Roxio Shared
    2008-01-01 15:23 . 2008-01-01 15:23 <REP> d-------- C:\Program Files\Fichiers communs\Adaptec Shared
    2008-01-01 15:23 . 2008-01-01 15:23 62,288 --a------ C:\WINDOWS\system32\drivers\cdr4_xp.sys
    2008-01-01 15:23 . 2008-01-01 15:23 57,344 --a------ C:\WINDOWS\uneng.exe
    2008-01-01 15:23 . 2008-01-01 15:23 49,152 --a------ C:\WINDOWS\system32\cdrtc.dll
    2008-01-01 15:23 . 2008-01-01 15:23 45,056 --a------ C:\WINDOWS\system32\cdral.dll
    2008-01-01 15:23 . 2008-01-01 15:23 23,436 --a------ C:\WINDOWS\system32\drivers\cdralw2k.sys
    2008-01-01 14:57 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2008-01-01 14:25 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
    2008-01-01 13:29 . 2008-01-01 13:32 98,816 --a------ C:\sed.exe
    2008-01-01 13:29 . 2008-01-01 13:33 48,677 --a------ C:\temp00.cmd
    2008-01-01 13:29 . 2008-01-01 13:33 16,779 --a------ C:\temp00
    2007-12-30 16:47 . 2007-12-30 16:47 <REP> d-------- C:\Program Files\Trend Micro
    2007-12-30 15:02 . 2007-12-30 17:57 54,584 --a------ C:\WINDOWS\system32\drivers\sbapifs.sys
    2007-12-30 15:02 . 2007-12-30 15:02 15,544 --a------ C:\WINDOWS\system32\drivers\sbhr.sys
    2007-12-30 15:01 . 2007-12-30 15:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sunbelt Software
    2007-12-30 15:01 . 2007-12-30 15:01 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Sunbelt Software
    2007-12-29 16:38 . 2007-12-29 16:38 67 --a------ C:\WINDOWS\system32\drivers\fwdrv.err
    2007-12-28 23:18 . 2007-12-28 23:18 <REP> d-------- C:\Program Files\Comptes et Budget Free V5.0
    2007-12-28 23:18 . 2007-12-28 23:18 <REP> d-------- C:\Documents and Settings\Alex\Application Data\AlauxSoft
    2007-12-27 13:18 . 2007-12-30 15:00 <REP> d-------- C:\Program Files\Sunbelt Software
    2007-12-25 19:31 . 2007-12-25 19:31 8,192 --ahs---- C:\WINDOWS\system32\Thumbs.db
    2007-12-25 16:43 . 2006-03-16 11:19 54,960 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
    2007-12-25 16:43 . 2007-12-25 16:53 41,201 --a------ C:\WINDOWS\system32\vsconfig.xml
    2007-12-23 23:37 . 2007-12-23 23:37 <REP> d-------- C:\Program Files\Freeplayer-Win32-20070531
    2007-12-23 18:38 . 2007-12-23 18:38 0 --a------ C:\WINDOWS\system32\inflist.dat
    2007-12-23 18:37 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
    2007-12-23 18:37 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
    2007-12-23 18:37 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
    2007-12-23 18:37 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
    2007-12-23 18:37 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
    2007-12-23 18:37 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
    2007-12-23 18:37 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
    2007-12-23 18:24 . 2007-12-23 18:24 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Comodo
    2007-12-23 18:18 . 2007-12-23 18:18 <REP> d-------- C:\Program Files\Trustix
    2007-12-23 18:18 . 2006-05-03 12:09 73,728 --a------ C:\WINDOWS\system32\CavEmLSP.dll
    2007-12-23 18:17 . 2007-12-23 18:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Comodo
    2007-12-23 18:16 . 2007-12-23 18:16 <REP> d-------- C:\WINDOWS\Downloaded Installations
    2007-12-23 17:06 . 2007-12-23 17:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
    2007-12-23 17:01 . 2007-12-23 17:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
    2007-12-23 16:35 . 2007-12-23 16:35 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
    2007-12-23 11:56 . 2007-12-23 11:56 268 --ah----- C:\sqmdata08.sqm
    2007-12-23 11:56 . 2007-12-23 11:56 244 --ah----- C:\sqmnoopt08.sqm
    2007-12-22 11:19 . 2002-11-14 20:43 221,184 --a------ C:\WINDOWS\system32\srrstr.dll
    2007-12-22 11:19 . 2002-11-14 20:43 221,184 --a--c--- C:\WINDOWS\system32\dllcache\srrstr.dll
    2007-12-22 11:18 . 2007-12-22 11:18 <REP> d-------- C:\Program Files\MSXML 4.0
    2007-12-20 23:51 . 2007-12-20 23:51 73 --a------ C:\WINDOWS\system32\i
    2007-12-20 21:09 . 2007-12-23 17:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
    2007-12-20 20:58 . 2004-07-01 23:08 360,960 --a--c--- C:\WINDOWS\system32\dllcache\qmgr.dll
    2007-12-20 20:58 . 2004-07-01 23:08 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
    2007-12-20 20:58 . 2004-07-01 23:08 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
    2007-12-20 20:58 . 2004-07-01 23:08 17,408 --a--c--- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
    2007-12-20 20:53 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
    2007-12-20 20:53 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
    2007-12-20 20:53 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
    2007-12-20 20:53 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
    2007-12-20 13:19 . 2007-12-20 13:19 244 --ah----- C:\sqmnoopt07.sqm
    2007-12-20 13:19 . 2007-12-20 13:19 232 --ah----- C:\sqmdata07.sqm
    2007-12-20 13:02 . 2007-12-20 13:02 244 --ah----- C:\sqmnoopt06.sqm
    2007-12-20 13:02 . 2007-12-20 13:02 232 --ah----- C:\sqmdata06.sqm
    2007-12-20 07:42 . 2007-12-30 11:22 13,312 --a------ C:\WINDOWS\system32\ctfmon .exe
    2007-12-19 18:43 . 2007-12-19 18:43 244 --ah----- C:\sqmnoopt05.sqm
    2007-12-19 18:43 . 2007-12-19 18:43 232 --ah----- C:\sqmdata05.sqm
    2007-12-19 18:32 . 2007-12-19 18:32 244 --ah----- C:\sqmnoopt04.sqm
    2007-12-19 18:32 . 2007-12-19 18:32 232 --ah----- C:\sqmdata04.sqm
    2007-12-19 18:30 . 2007-12-19 18:30 129 --a------ C:\WINDOWS\system32\khtqtcn.bat
    2007-12-19 18:24 . 2007-12-19 18:24 244 --ah----- C:\sqmnoopt03.sqm
    2007-12-19 18:24 . 2007-12-19 18:24 232 --ah----- C:\sqmdata03.sqm
    2007-12-19 18:11 . 2007-12-19 18:11 244 --ah----- C:\sqmnoopt02.sqm
    2007-12-19 18:11 . 2007-12-19 18:11 232 --ah----- C:\sqmdata02.sqm
    2007-12-18 17:37 . 2007-12-19 18:50 <REP> d-------- C:\Program Files\Freeplayer(2)
    2007-12-16 19:50 . 2007-12-16 19:50 <REP> d-------- C:\Program Files\Maxis
    2007-12-15 17:36 . 2007-12-26 18:32 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2007-12-15 17:36 . 2007-12-15 17:36 1,409 --a------ C:\WINDOWS\QTFont.for
    2007-12-13 19:52 . 2007-12-16 15:58 764 --a------ C:\WINDOWS\eReg.dat
    2007-12-10 21:21 . 2007-12-10 21:21 <REP> d-------- C:\Program Files\Elaborate Bytes
    2007-12-09 22:31 . 2003-05-30 09:00 1,962,496 --a------ C:\WINDOWS\system32\quartz.dll
    2007-12-09 14:32 . 2007-12-09 14:32 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Snapfish
    2007-12-08 17:59 . 2007-12-08 17:59 <REP> d-------- C:\Program Files\iPod
    2007-12-08 17:59 . 2007-12-15 17:37 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Apple Computer
    2007-12-08 17:58 . 2007-12-31 12:27 <REP> d-------- C:\Program Files\iTunes
    2007-12-08 17:57 . 2007-12-31 12:27 <REP> d-------- C:\Program Files\QuickTime
    2007-12-08 17:57 . 2007-12-08 17:57 <REP> d-------- C:\Program Files\Apple Software Update
    2007-12-08 17:57 . 2007-12-08 17:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
    2007-12-08 17:57 . 2007-12-08 17:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
    2007-12-06 22:10 . 2007-12-20 07:31 <REP> d-------- C:\Program Files\Spyware Doctor
    2007-12-06 22:10 . 2007-12-06 22:10 <REP> d-------- C:\Documents and Settings\Alex\Application Data\PC Tools
    2007-12-06 22:10 . 2007-10-04 17:10 79,688 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
    2007-12-06 22:10 . 2007-10-04 17:10 62,280 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
    2007-12-06 22:10 . 2007-10-04 17:10 41,288 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
    2007-12-06 22:10 . 2007-10-04 17:11 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
    2007-12-05 07:33 . 2007-12-05 07:33 37,473 --a------ C:\WINDOWS\system32\muzika.xm
    2007-12-02 20:34 . 2007-12-02 20:34 <REP> d-------- C:\Program Files\DivX

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-02 06:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
    2008-01-02 06:24 --------- d-----w C:\Program Files\Mozilla Thunderbird
    2008-01-01 15:17 --------- d-----w C:\Documents and Settings\Alex\Application Data\uTorrent
    2008-01-01 14:46 --------- d-----w C:\Documents and Settings\Alex\Application Data\Free Download Manager
    2008-01-01 14:16 --------- d-----w C:\Program Files\eMule
    2007-12-30 16:20 --------- d-----w C:\Program Files\ViOrb
    2007-12-26 17:08 147,968 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\MSConfig .exe
    2007-12-23 17:16 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2007-12-22 10:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2007-12-20 19:03 --------- d-----w C:\Program Files\Navilog1
    2007-12-19 11:37 134,656 ----a-w C:\WINDOWS\system32\sfc_os.dll
    2007-12-17 19:16 --------- d-----w C:\Documents and Settings\Alex\Application Data\vlc
    2007-12-15 23:25 12,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
    2007-12-15 19:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-11-30 17:39 --------- d-----w C:\Program Files\adslTV
    2007-11-16 12:20 --------- d-----w C:\Program Files\SopCast
    2007-11-10 12:54 15,872 ------w C:\WINDOWS\system32\winskfr.dll
    2007-11-05 06:52 --------- d-----w C:\Program Files\Maïdo Production
    2007-11-05 06:52 --------- d-----w C:\Program Files\Common~1
    2007-11-04 10:07 --------- d-----w C:\Documents and Settings\Alex\Application Data\MechCAD
    2007-10-31 17:28 39,424 ----a-w C:\WINDOWS\zipinst.exe
    2007-10-20 09:31 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    2007-10-20 00:56 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-10-20 00:56 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2007-10-10 18:44 18,312 ----a-w C:\Documents and Settings\Alex\Application Data\GDIPFONTCACHEV1.DAT
    2007-07-31 17:31 65,273 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_07_31_13_38_26_small.dmp.zip
    .
    1. ----a-w 79,224 2007-12-31 09:05:51 C:\Program Files\Alwil Software\Avast4\ashDisp .exe
    2. ----a-w 45,056 2007-12-22 16:04:25 C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon .exe
    3. ----a-w 68,856 2007-12-22 16:04:38 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier .exe
    4. ----a-w 6,731,312 2007-12-22 11:00:41 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
    5. ----a-w 6,731,312 2007-12-22 19:26:14 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
    6. ----a-w 579,072 2007-12-22 16:06:09 C:\Program Files\Grisoft\AVG7\avgcc .exe
    7. ----a-w 146,432 2007-12-22 11:30:16 C:\Program Files\Grisoft\AVG7\avgw .exe
    8. ----a-w 267,048 2007-12-22 16:04:27 C:\Program Files\iTunes\iTunesHelper .exe
    9. ----a-w 1,077,277 2007-12-20 18:43:49 C:\Program Files\Messenger\msmsgs .exe
    10. ----a-w 698,864 2007-12-30 21:22:24 C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray .exe
    11. ----a-w 147,968 2007-12-26 17:08:11 C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\MSConfig .exe
    12. ----a-w 13,312 2007-12-30 10:22:40 C:\WINDOWS\system32\ctfmon .exe



    ((((((((((((((((((((((((((((( snapshot_2007-12-31_12.32.25.65 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2008-01-01 14:24:13 397,354 ----a-r C:\WINDOWS\Installer\{607CE53B-0999-4F3B-8FF1-DB1AA47548A8}\MGIShowServer.exe
    + 2008-01-01 14:24:13 3,638 ----a-r C:\WINDOWS\Installer\{607CE53B-0999-4F3B-8FF1-DB1AA47548A8}\PS_SE.exe
    + 2003-01-13 13:57:58 589,881 ----a-w C:\WINDOWS\LastGood\System32\dllcache\jscript.dll
    + 2003-01-13 13:57:58 589,881 ----a-w C:\WINDOWS\LastGood\System32\jscript.dll
    - 2007-12-25 14:43:05 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
    + 2008-01-01 14:43:03 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
    - 2007-12-25 14:43:05 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
    + 2008-01-01 14:43:03 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
    - 2007-12-25 14:43:05 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    + 2008-01-01 14:43:03 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    - 2007-12-31 11:21:51 270,336 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
    + 2008-01-02 06:35:26 270,336 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
    - 2007-09-28 17:48:12 116,560 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
    + 2008-01-02 06:22:18 130,888 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
    + 2000-04-26 12:34:56 39,424 ----a-w C:\WINDOWS\system32\JETCOMP.exe
    + 2000-04-26 12:34:44 344,064 ----a-w C:\WINDOWS\system32\msexch35.dll
    + 2000-04-26 12:34:46 252,688 ----a-w C:\WINDOWS\system32\msexcl35.dll
    + 2000-04-26 12:34:48 1,050,896 ----a-w C:\WINDOWS\system32\msjet35.dll
    + 2000-04-26 12:35:02 139,264 ----a-w C:\WINDOWS\system32\msjint35.dll
    + 2000-04-26 12:34:48 1,238,288 ----a-w C:\WINDOWS\system32\msjt4jlt.dll
    + 2000-04-26 12:34:56 24,848 ----a-w C:\WINDOWS\system32\msjter35.dll
    + 2000-04-26 12:34:50 168,720 ----a-w C:\WINDOWS\system32\msltus35.dll
    + 2000-04-26 12:34:50 250,128 ----a-w C:\WINDOWS\system32\mspdox35.dll
    + 2000-04-26 12:34:50 262,144 ----a-w C:\WINDOWS\system32\msrd2x35.dll
    + 2000-04-26 12:34:56 415,504 ----a-w C:\WINDOWS\system32\msrepl35.dll
    + 2000-04-26 12:34:58 44,304 ----a-w C:\WINDOWS\system32\msrpfs35.dll
    + 2000-04-26 12:34:52 166,672 ----a-w C:\WINDOWS\system32\mstext35.dll
    + 2000-04-26 12:34:52 294,912 ----a-w C:\WINDOWS\system32\msxbse35.dll
    + 2000-11-07 16:36:14 1,044,480 ----a-w C:\WINDOWS\system32\ROBOEX32.DLL
    + 2000-04-26 12:34:58 368,912 ----a-w C:\WINDOWS\system32\VBAR332.DLL
    + 2008-01-02 06:22:31 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_518.dat
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-08-28 13:00 13312]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-08-28 13:00 13312]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 08:01:04]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
    avldr.dll 2007-02-15 19:02 50736 C:\WINDOWS\system32\avldr.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\desmon]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dx7til]
    dx7til.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efccbba]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBCSTray]
    C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe

    R0 SBHR;SBHR;C:\WINDOWS\System32\drivers\sbhr.sys [2007-12-30 15:02]
    R0 viasraid;viasraid;C:\WINDOWS\System32\DRIVERS\viasraid.sys [2003-06-12 17:31]
    R1 fwdrv;Firewall Driver;C:\WINDOWS\System32\drivers\fwdrv.sys [2007-04-26 10:21]
    R1 khips;Kerio HIPS Driver;C:\WINDOWS\System32\drivers\khips.sys [2007-04-26 10:21]
    R2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\System32\DRIVERS\nvcap.sys [2003-09-08 13:52]
    R2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\System32\DRIVERS\NVxbar.sys [2003-09-08 13:52]
    R2 SBAPIFS;CounterSpy Filter Driver;C:\WINDOWS\System32\Drivers\Sbapifs.sys [2007-12-30 17:57]
    R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2001-08-28 13:00]
    S2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 10:21]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-01-01 14:43:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-01-01 15:00:00 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
    - C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
    "2007-12-28 16:29:03 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
    - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-02 07:39:29
    Windows 5.1.2600 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2008-01-02 7:40:55
    C:\qoobox\ComboFix-quarantined-files.txt 2008-01-02 06:40:49
    C:\qoobox\ComboFix2.txt 2008-01-01 14:02:50
    C:\qoobox\ComboFix3.txt 2008-01-01 12:26:55
    C:\qoobox\ComboFix4.txt 2007-12-31 11:33:23
    C:\qoobox\ComboFix5.txt 2007-12-20 19:10:33
    .
    2008-01-02 06:24:10 --- E O F ---
    2 Janvier 2008 07:46:36

    Et voici celui de hisjackthis :


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 07:45:58, on 02/01/2008
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Télécharger les tous avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{83AAB61E-ED3D-426F-AF5F-CD046D755757}: NameServer = 212.27.54.252,212.27.53.252
    O20 - Winlogon Notify: desmon - C:\WINDOWS\
    O20 - Winlogon Notify: dx7til - dx7til.dll (file missing)
    O20 - Winlogon Notify: efccbba - C:\WINDOWS\
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

    --
    End of file - 6157 bytes
    a b 8 Sécurité
    2 Janvier 2008 16:30:22

    1. ----a-w 79,224 2007-12-31 09:05:51 C:\Program Files\Alwil Software\Avast4\ashDisp .exe
    2. ----a-w 45,056 2007-12-22 16:04:25 C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon .exe
    3. ----a-w 68,856 2007-12-22 16:04:38 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier .exe
    4. ----a-w 6,731,312 2007-12-22 11:00:41 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
    5. ----a-w 6,731,312 2007-12-22 19:26:14 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
    6. ----a-w 579,072 2007-12-22 16:06:09 C:\Program Files\Grisoft\AVG7\avgcc .exe
    7. ----a-w 146,432 2007-12-22 11:30:16 C:\Program Files\Grisoft\AVG7\avgw .exe
    8. ----a-w 267,048 2007-12-22 16:04:27 C:\Program Files\iTunes\iTunesHelper .exe
    9. ----a-w 1,077,277 2007-12-20 18:43:49 C:\Program Files\Messenger\msmsgs .exe
    10. ----a-w 698,864 2007-12-30 21:22:24 C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray .exe

    Tu supprimes les espaces séparant le fichier de son extension, ex :
    C:\Program Files\Alwil Software\Avast4\ashDisp .exe
    -> C:\Program Files\Alwil Software\Avast4\ashDisp.exe

    ATTENTION si le fichier sans espace est déjà présent, il faut le supprimer avant de renommer celui avec un espace !
    2 Janvier 2008 18:09:31

    Ou ça je supprimes ?
    Je ne comprends pas
    2 Janvier 2008 18:16:37

    Rapport combofix


    ComboFix 07-12-31.4 - Alex 2008-01-02 7:35:50.8 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.0.1252.1.1036.18.299 [GMT 1:00]
    Running from: C:\Documents and Settings\Alex\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Alex\Bureau\CFScript.txt
    * Created a new restore point

    FILE
    C:\nircmd.exe
    C:\WINDOWS\system32\kwjuy.exe
    C:\WINDOWS\system32\nhrdqdgi.exe
    C:\WINDOWS\system32\pzwvfj.exe
    C:\WINDOWS\system32\qcfknick.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\nircmd.exe
    C:\WINDOWS\system32\i\
    C:\WINDOWS\system32\kwjuy.exe
    C:\WINDOWS\system32\nhrdqdgi.exe
    C:\WINDOWS\system32\pzwvfj.exe
    C:\WINDOWS\system32\qcfknick.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-12-02 to 2008-01-02 ))))))))))))))))))))))))))))))))))))
    .

    2008-01-02 07:24 . 2008-01-02 07:24 <REP> d-------- C:\WINDOWS\LastGood
    2008-01-01 15:23 . 2008-01-01 15:23 <REP> d-------- C:\Program Files\Roxio
    2008-01-01 15:23 . 2008-01-01 15:23 <REP> d-------- C:\Program Files\Fichiers communs\Roxio Shared
    2008-01-01 15:23 . 2008-01-01 15:23 <REP> d-------- C:\Program Files\Fichiers communs\Adaptec Shared
    2008-01-01 15:23 . 2008-01-01 15:23 62,288 --a------ C:\WINDOWS\system32\drivers\cdr4_xp.sys
    2008-01-01 15:23 . 2008-01-01 15:23 57,344 --a------ C:\WINDOWS\uneng.exe
    2008-01-01 15:23 . 2008-01-01 15:23 49,152 --a------ C:\WINDOWS\system32\cdrtc.dll
    2008-01-01 15:23 . 2008-01-01 15:23 45,056 --a------ C:\WINDOWS\system32\cdral.dll
    2008-01-01 15:23 . 2008-01-01 15:23 23,436 --a------ C:\WINDOWS\system32\drivers\cdralw2k.sys
    2008-01-01 14:57 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2008-01-01 14:25 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
    2008-01-01 13:29 . 2008-01-01 13:32 98,816 --a------ C:\sed.exe
    2008-01-01 13:29 . 2008-01-01 13:33 48,677 --a------ C:\temp00.cmd
    2008-01-01 13:29 . 2008-01-01 13:33 16,779 --a------ C:\temp00
    2007-12-30 16:47 . 2007-12-30 16:47 <REP> d-------- C:\Program Files\Trend Micro
    2007-12-30 15:02 . 2007-12-30 17:57 54,584 --a------ C:\WINDOWS\system32\drivers\sbapifs.sys
    2007-12-30 15:02 . 2007-12-30 15:02 15,544 --a------ C:\WINDOWS\system32\drivers\sbhr.sys
    2007-12-30 15:01 . 2007-12-30 15:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sunbelt Software
    2007-12-30 15:01 . 2007-12-30 15:01 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Sunbelt Software
    2007-12-29 16:38 . 2007-12-29 16:38 67 --a------ C:\WINDOWS\system32\drivers\fwdrv.err
    2007-12-28 23:18 . 2007-12-28 23:18 <REP> d-------- C:\Program Files\Comptes et Budget Free V5.0
    2007-12-28 23:18 . 2007-12-28 23:18 <REP> d-------- C:\Documents and Settings\Alex\Application Data\AlauxSoft
    2007-12-27 13:18 . 2007-12-30 15:00 <REP> d-------- C:\Program Files\Sunbelt Software
    2007-12-25 19:31 . 2007-12-25 19:31 8,192 --ahs---- C:\WINDOWS\system32\Thumbs.db
    2007-12-25 16:43 . 2006-03-16 11:19 54,960 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
    2007-12-25 16:43 . 2007-12-25 16:53 41,201 --a------ C:\WINDOWS\system32\vsconfig.xml
    2007-12-23 23:37 . 2007-12-23 23:37 <REP> d-------- C:\Program Files\Freeplayer-Win32-20070531
    2007-12-23 18:38 . 2007-12-23 18:38 0 --a------ C:\WINDOWS\system32\inflist.dat
    2007-12-23 18:37 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
    2007-12-23 18:37 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
    2007-12-23 18:37 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
    2007-12-23 18:37 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
    2007-12-23 18:37 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
    2007-12-23 18:37 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
    2007-12-23 18:37 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
    2007-12-23 18:24 . 2007-12-23 18:24 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Comodo
    2007-12-23 18:18 . 2007-12-23 18:18 <REP> d-------- C:\Program Files\Trustix
    2007-12-23 18:18 . 2006-05-03 12:09 73,728 --a------ C:\WINDOWS\system32\CavEmLSP.dll
    2007-12-23 18:17 . 2007-12-23 18:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Comodo
    2007-12-23 18:16 . 2007-12-23 18:16 <REP> d-------- C:\WINDOWS\Downloaded Installations
    2007-12-23 17:06 . 2007-12-23 17:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
    2007-12-23 17:01 . 2007-12-23 17:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
    2007-12-23 16:35 . 2007-12-23 16:35 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
    2007-12-23 11:56 . 2007-12-23 11:56 268 --ah----- C:\sqmdata08.sqm
    2007-12-23 11:56 . 2007-12-23 11:56 244 --ah----- C:\sqmnoopt08.sqm
    2007-12-22 11:19 . 2002-11-14 20:43 221,184 --a------ C:\WINDOWS\system32\srrstr.dll
    2007-12-22 11:19 . 2002-11-14 20:43 221,184 --a--c--- C:\WINDOWS\system32\dllcache\srrstr.dll
    2007-12-22 11:18 . 2007-12-22 11:18 <REP> d-------- C:\Program Files\MSXML 4.0
    2007-12-20 23:51 . 2007-12-20 23:51 73 --a------ C:\WINDOWS\system32\i
    2007-12-20 21:09 . 2007-12-23 17:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
    2007-12-20 20:58 . 2004-07-01 23:08 360,960 --a--c--- C:\WINDOWS\system32\dllcache\qmgr.dll
    2007-12-20 20:58 . 2004-07-01 23:08 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
    2007-12-20 20:58 . 2004-07-01 23:08 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
    2007-12-20 20:58 . 2004-07-01 23:08 17,408 --a--c--- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
    2007-12-20 20:53 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
    2007-12-20 20:53 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
    2007-12-20 20:53 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
    2007-12-20 20:53 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
    2007-12-20 13:19 . 2007-12-20 13:19 244 --ah----- C:\sqmnoopt07.sqm
    2007-12-20 13:19 . 2007-12-20 13:19 232 --ah----- C:\sqmdata07.sqm
    2007-12-20 13:02 . 2007-12-20 13:02 244 --ah----- C:\sqmnoopt06.sqm
    2007-12-20 13:02 . 2007-12-20 13:02 232 --ah----- C:\sqmdata06.sqm
    2007-12-20 07:42 . 2007-12-30 11:22 13,312 --a------ C:\WINDOWS\system32\ctfmon .exe
    2007-12-19 18:43 . 2007-12-19 18:43 244 --ah----- C:\sqmnoopt05.sqm
    2007-12-19 18:43 . 2007-12-19 18:43 232 --ah----- C:\sqmdata05.sqm
    2007-12-19 18:32 . 2007-12-19 18:32 244 --ah----- C:\sqmnoopt04.sqm
    2007-12-19 18:32 . 2007-12-19 18:32 232 --ah----- C:\sqmdata04.sqm
    2007-12-19 18:30 . 2007-12-19 18:30 129 --a------ C:\WINDOWS\system32\khtqtcn.bat
    2007-12-19 18:24 . 2007-12-19 18:24 244 --ah----- C:\sqmnoopt03.sqm
    2007-12-19 18:24 . 2007-12-19 18:24 232 --ah----- C:\sqmdata03.sqm
    2007-12-19 18:11 . 2007-12-19 18:11 244 --ah----- C:\sqmnoopt02.sqm
    2007-12-19 18:11 . 2007-12-19 18:11 232 --ah----- C:\sqmdata02.sqm
    2007-12-18 17:37 . 2007-12-19 18:50 <REP> d-------- C:\Program Files\Freeplayer(2)
    2007-12-16 19:50 . 2007-12-16 19:50 <REP> d-------- C:\Program Files\Maxis
    2007-12-15 17:36 . 2007-12-26 18:32 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2007-12-15 17:36 . 2007-12-15 17:36 1,409 --a------ C:\WINDOWS\QTFont.for
    2007-12-13 19:52 . 2007-12-16 15:58 764 --a------ C:\WINDOWS\eReg.dat
    2007-12-10 21:21 . 2007-12-10 21:21 <REP> d-------- C:\Program Files\Elaborate Bytes
    2007-12-09 22:31 . 2003-05-30 09:00 1,962,496 --a------ C:\WINDOWS\system32\quartz.dll
    2007-12-09 14:32 . 2007-12-09 14:32 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Snapfish
    2007-12-08 17:59 . 2007-12-08 17:59 <REP> d-------- C:\Program Files\iPod
    2007-12-08 17:59 . 2007-12-15 17:37 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Apple Computer
    2007-12-08 17:58 . 2007-12-31 12:27 <REP> d-------- C:\Program Files\iTunes
    2007-12-08 17:57 . 2007-12-31 12:27 <REP> d-------- C:\Program Files\QuickTime
    2007-12-08 17:57 . 2007-12-08 17:57 <REP> d-------- C:\Program Files\Apple Software Update
    2007-12-08 17:57 . 2007-12-08 17:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
    2007-12-08 17:57 . 2007-12-08 17:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
    2007-12-06 22:10 . 2007-12-20 07:31 <REP> d-------- C:\Program Files\Spyware Doctor
    2007-12-06 22:10 . 2007-12-06 22:10 <REP> d-------- C:\Documents and Settings\Alex\Application Data\PC Tools
    2007-12-06 22:10 . 2007-10-04 17:10 79,688 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
    2007-12-06 22:10 . 2007-10-04 17:10 62,280 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
    2007-12-06 22:10 . 2007-10-04 17:10 41,288 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
    2007-12-06 22:10 . 2007-10-04 17:11 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
    2007-12-05 07:33 . 2007-12-05 07:33 37,473 --a------ C:\WINDOWS\system32\muzika.xm
    2007-12-02 20:34 . 2007-12-02 20:34 <REP> d-------- C:\Program Files\DivX

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-02 06:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
    2008-01-02 06:24 --------- d-----w C:\Program Files\Mozilla Thunderbird
    2008-01-01 15:17 --------- d-----w C:\Documents and Settings\Alex\Application Data\uTorrent
    2008-01-01 14:46 --------- d-----w C:\Documents and Settings\Alex\Application Data\Free Download Manager
    2008-01-01 14:16 --------- d-----w C:\Program Files\eMule
    2007-12-30 16:20 --------- d-----w C:\Program Files\ViOrb
    2007-12-26 17:08 147,968 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\MSConfig.exe
    2007-12-23 17:16 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2007-12-22 10:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2007-12-20 19:03 --------- d-----w C:\Program Files\Navilog1
    2007-12-19 11:37 134,656 ----a-w C:\WINDOWS\system32\sfc_os.dll
    2007-12-17 19:16 --------- d-----w C:\Documents and Settings\Alex\Application Data\vlc
    2007-12-15 23:25 12,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
    2007-12-15 19:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-11-30 17:39 --------- d-----w C:\Program Files\adslTV
    2007-11-16 12:20 --------- d-----w C:\Program Files\SopCast
    2007-11-10 12:54 15,872 ------w C:\WINDOWS\system32\winskfr.dll
    2007-11-05 06:52 --------- d-----w C:\Program Files\Maïdo Production
    2007-11-05 06:52 --------- d-----w C:\Program Files\Common~1
    2007-11-04 10:07 --------- d-----w C:\Documents and Settings\Alex\Application Data\MechCAD
    2007-10-31 17:28 39,424 ----a-w C:\WINDOWS\zipinst.exe
    2007-10-20 09:31 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    2007-10-20 00:56 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-10-20 00:56 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2007-10-10 18:44 18,312 ----a-w C:\Documents and Settings\Alex\Application Data\GDIPFONTCACHEV1.DAT
    2007-07-31 17:31 65,273 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_07_31_13_38_26_small.dmp.zip
    .
    1. ----a-w 79,224 2007-12-31 09:05:51 C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    2. ----a-w 45,056 2007-12-22 16:04:25 C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    3. ----a-w 68,856 2007-12-22 16:04:38 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    4. ----a-w 6,731,312 2007-12-22 11:00:41 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    5. ----a-w 6,731,312 2007-12-22 19:26:14 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    6. ----a-w 579,072 2007-12-22 16:06:09 C:\Program Files\Grisoft\AVG7\avgcc.exe
    7. ----a-w 146,432 2007-12-22 11:30:16 C:\Program Files\Grisoft\AVG7\avgw.exe
    8. ----a-w 267,048 2007-12-22 16:04:27 C:\Program Files\iTunes\iTunesHelper.exe
    9. ----a-w 1,077,277 2007-12-20 18:43:49 C:\Program Files\Messenger\msmsgs.exe
    10. ----a-w 698,864 2007-12-30 21:22:24 C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe
    11. ----a-w 147,968 2007-12-26 17:08:11 C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\MSConfig.exe
    12. ----a-w 13,312 2007-12-30 10:22:40 C:\WINDOWS\system32\ctfmon.exe



    ((((((((((((((((((((((((((((( snapshot_2007-12-31_12.32.25.65 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2008-01-01 14:24:13 397,354 ----a-r C:\WINDOWS\Installer\{607CE53B-0999-4F3B-8FF1-DB1AA47548A8}\MGIShowServer.exe
    + 2008-01-01 14:24:13 3,638 ----a-r C:\WINDOWS\Installer\{607CE53B-0999-4F3B-8FF1-DB1AA47548A8}\PS_SE.exe
    + 2003-01-13 13:57:58 589,881 ----a-w C:\WINDOWS\LastGood\System32\dllcache\jscript.dll
    + 2003-01-13 13:57:58 589,881 ----a-w C:\WINDOWS\LastGood\System32\jscript.dll
    - 2007-12-25 14:43:05 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
    + 2008-01-01 14:43:03 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
    - 2007-12-25 14:43:05 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
    + 2008-01-01 14:43:03 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
    - 2007-12-25 14:43:05 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    + 2008-01-01 14:43:03 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    - 2007-12-31 11:21:51 270,336 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
    + 2008-01-02 06:35:26 270,336 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
    - 2007-09-28 17:48:12 116,560 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
    + 2008-01-02 06:22:18 130,888 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
    + 2000-04-26 12:34:56 39,424 ----a-w C:\WINDOWS\system32\JETCOMP.exe
    + 2000-04-26 12:34:44 344,064 ----a-w C:\WINDOWS\system32\msexch35.dll
    + 2000-04-26 12:34:46 252,688 ----a-w C:\WINDOWS\system32\msexcl35.dll
    + 2000-04-26 12:34:48 1,050,896 ----a-w C:\WINDOWS\system32\msjet35.dll
    + 2000-04-26 12:35:02 139,264 ----a-w C:\WINDOWS\system32\msjint35.dll
    + 2000-04-26 12:34:48 1,238,288 ----a-w C:\WINDOWS\system32\msjt4jlt.dll
    + 2000-04-26 12:34:56 24,848 ----a-w C:\WINDOWS\system32\msjter35.dll
    + 2000-04-26 12:34:50 168,720 ----a-w C:\WINDOWS\system32\msltus35.dll
    + 2000-04-26 12:34:50 250,128 ----a-w C:\WINDOWS\system32\mspdox35.dll
    + 2000-04-26 12:34:50 262,144 ----a-w C:\WINDOWS\system32\msrd2x35.dll
    + 2000-04-26 12:34:56 415,504 ----a-w C:\WINDOWS\system32\msrepl35.dll
    + 2000-04-26 12:34:58 44,304 ----a-w C:\WINDOWS\system32\msrpfs35.dll
    + 2000-04-26 12:34:52 166,672 ----a-w C:\WINDOWS\system32\mstext35.dll
    + 2000-04-26 12:34:52 294,912 ----a-w C:\WINDOWS\system32\msxbse35.dll
    + 2000-11-07 16:36:14 1,044,480 ----a-w C:\WINDOWS\system32\ROBOEX32.DLL
    + 2000-04-26 12:34:58 368,912 ----a-w C:\WINDOWS\system32\VBAR332.DLL
    + 2008-01-02 06:22:31 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_518.dat
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-08-28 13:00 13312]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-08-28 13:00 13312]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 08:01:04]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
    avldr.dll 2007-02-15 19:02 50736 C:\WINDOWS\system32\avldr.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\desmon]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dx7til]
    dx7til.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efccbba]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBCSTray]
    C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe

    R0 SBHR;SBHR;C:\WINDOWS\System32\drivers\sbhr.sys [2007-12-30 15:02]
    R0 viasraid;viasraid;C:\WINDOWS\System32\DRIVERS\viasraid.sys [2003-06-12 17:31]
    R1 fwdrv;Firewall Driver;C:\WINDOWS\System32\drivers\fwdrv.sys [2007-04-26 10:21]
    R1 khips;Kerio HIPS Driver;C:\WINDOWS\System32\drivers\khips.sys [2007-04-26 10:21]
    R2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\System32\DRIVERS\nvcap.sys [2003-09-08 13:52]
    R2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\System32\DRIVERS\NVxbar.sys [2003-09-08 13:52]
    R2 SBAPIFS;CounterSpy Filter Driver;C:\WINDOWS\System32\Drivers\Sbapifs.sys [2007-12-30 17:57]
    R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2001-08-28 13:00]
    S2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 10:21]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-01-01 14:43:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-01-01 15:00:00 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
    - C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
    "2007-12-28 16:29:03 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
    - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-02 07:39:29
    Windows 5.1.2600 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2008-01-02 7:40:55
    C:\qoobox\ComboFix-quarantined-files.txt 2008-01-02 06:40:49
    C:\qoobox\ComboFix2.txt 2008-01-01 14:02:50
    C:\qoobox\ComboFix3.txt 2008-01-01 12:26:55
    C:\qoobox\ComboFix4.txt 2007-12-31 11:33:23
    C:\qoobox\ComboFix5.txt 2007-12-20 19:10:33
    .
    2008-01-02 06:24:10 --- E O F ---
    a b 8 Sécurité
    2 Janvier 2008 18:31:45

    On va recommencer :

    Si le fichier suivant suivant existe, supprime-le :
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    Renomme ensuite :
    C:\Program Files\Alwil Software\Avast4\ashDisp .exe (avec l'espace)
    en C:\Program Files\Alwil Software\Avast4\ashDisp.exe

    Tu as compris ?
    3 Janvier 2008 07:39:45

    Ok j'ai compris et j'ai modifié tous les fichiers que tu m'avais demandé lors de ton post du 02/01/08 a 16h30
    a b 8 Sécurité
    3 Janvier 2008 14:38:34

    Tu peux refaire un scan Combofix ?
    4 Janvier 2008 07:22:43

    Voici le rapport du scan combofix :


    ComboFix 07-12-31.4 - Alex 2008-01-04 7:06:58.10 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.0.1252.1.1036.18.295 [GMT 1:00]
    Running from: C:\Documents and Settings\Alex\Bureau\ComboFix.exe
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2007-12-04 to 2008-01-04 ))))))))))))))))))))))))))))))))))))
    .

    2008-01-01 15:23 . 2008-01-01 15:23 <REP> d-------- C:\Program Files\Roxio
    2008-01-01 15:23 . 2008-01-01 15:23 <REP> d-------- C:\Program Files\Fichiers communs\Roxio Shared
    2008-01-01 15:23 . 2008-01-01 15:23 <REP> d-------- C:\Program Files\Fichiers communs\Adaptec Shared
    2008-01-01 15:23 . 2008-01-01 15:23 62,288 --a------ C:\WINDOWS\system32\drivers\cdr4_xp.sys
    2008-01-01 15:23 . 2008-01-01 15:23 57,344 --a------ C:\WINDOWS\uneng.exe
    2008-01-01 15:23 . 2008-01-01 15:23 49,152 --a------ C:\WINDOWS\system32\cdrtc.dll
    2008-01-01 15:23 . 2008-01-01 15:23 45,056 --a------ C:\WINDOWS\system32\cdral.dll
    2008-01-01 15:23 . 2008-01-01 15:23 23,436 --a------ C:\WINDOWS\system32\drivers\cdralw2k.sys
    2008-01-01 14:57 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2008-01-01 14:25 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
    2008-01-01 13:29 . 2008-01-01 13:32 98,816 --a------ C:\sed.exe
    2008-01-01 13:29 . 2008-01-01 13:33 48,677 --a------ C:\temp00.cmd
    2008-01-01 13:29 . 2008-01-01 13:33 16,779 --a------ C:\temp00
    2007-12-30 16:47 . 2007-12-30 16:47 <REP> d-------- C:\Program Files\Trend Micro
    2007-12-30 15:02 . 2007-12-30 17:57 54,584 --a------ C:\WINDOWS\system32\drivers\sbapifs.sys
    2007-12-30 15:02 . 2007-12-30 15:02 15,544 --a------ C:\WINDOWS\system32\drivers\sbhr.sys
    2007-12-30 15:01 . 2007-12-30 15:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sunbelt Software
    2007-12-30 15:01 . 2007-12-30 15:01 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Sunbelt Software
    2007-12-29 16:38 . 2007-12-29 16:38 67 --a------ C:\WINDOWS\system32\drivers\fwdrv.err
    2007-12-28 23:18 . 2007-12-28 23:18 <REP> d-------- C:\Program Files\Comptes et Budget Free V5.0
    2007-12-28 23:18 . 2007-12-28 23:18 <REP> d-------- C:\Documents and Settings\Alex\Application Data\AlauxSoft
    2007-12-27 13:18 . 2007-12-30 15:00 <REP> d-------- C:\Program Files\Sunbelt Software
    2007-12-25 19:31 . 2007-12-25 19:31 8,192 --ahs---- C:\WINDOWS\system32\Thumbs.db
    2007-12-25 16:43 . 2006-03-16 11:19 54,960 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
    2007-12-25 16:43 . 2007-12-25 16:53 41,201 --a------ C:\WINDOWS\system32\vsconfig.xml
    2007-12-23 23:37 . 2007-12-23 23:37 <REP> d-------- C:\Program Files\Freeplayer-Win32-20070531
    2007-12-23 18:38 . 2007-12-23 18:38 0 --a------ C:\WINDOWS\system32\inflist.dat
    2007-12-23 18:37 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
    2007-12-23 18:37 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
    2007-12-23 18:37 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
    2007-12-23 18:37 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
    2007-12-23 18:37 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
    2007-12-23 18:37 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
    2007-12-23 18:37 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
    2007-12-23 18:24 . 2007-12-23 18:24 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Comodo
    2007-12-23 18:18 . 2007-12-23 18:18 <REP> d-------- C:\Program Files\Trustix
    2007-12-23 18:18 . 2006-05-03 12:09 73,728 --a------ C:\WINDOWS\system32\CavEmLSP.dll
    2007-12-23 18:17 . 2007-12-23 18:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Comodo
    2007-12-23 18:16 . 2007-12-23 18:16 <REP> d-------- C:\WINDOWS\Downloaded Installations
    2007-12-23 17:06 . 2007-12-23 17:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
    2007-12-23 17:01 . 2007-12-23 17:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
    2007-12-23 16:35 . 2007-12-23 16:35 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
    2007-12-23 11:56 . 2007-12-23 11:56 268 --ah----- C:\sqmdata08.sqm
    2007-12-23 11:56 . 2007-12-23 11:56 244 --ah----- C:\sqmnoopt08.sqm
    2007-12-22 11:19 . 2002-11-14 20:43 221,184 --a------ C:\WINDOWS\system32\srrstr.dll
    2007-12-22 11:19 . 2002-11-14 20:43 221,184 --a--c--- C:\WINDOWS\system32\dllcache\srrstr.dll
    2007-12-22 11:18 . 2007-12-22 11:18 <REP> d-------- C:\Program Files\MSXML 4.0
    2007-12-20 23:51 . 2007-12-20 23:51 73 --a------ C:\WINDOWS\system32\i
    2007-12-20 21:09 . 2007-12-23 17:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
    2007-12-20 20:58 . 2004-07-01 23:08 360,960 --a--c--- C:\WINDOWS\system32\dllcache\qmgr.dll
    2007-12-20 20:58 . 2004-07-01 23:08 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
    2007-12-20 20:58 . 2004-07-01 23:08 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
    2007-12-20 20:58 . 2004-07-01 23:08 17,408 --a--c--- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
    2007-12-20 20:53 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
    2007-12-20 20:53 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
    2007-12-20 20:53 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
    2007-12-20 20:53 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
    2007-12-20 13:19 . 2007-12-20 13:19 244 --ah----- C:\sqmnoopt07.sqm
    2007-12-20 13:19 . 2007-12-20 13:19 232 --ah----- C:\sqmdata07.sqm
    2007-12-20 13:02 . 2007-12-20 13:02 244 --ah----- C:\sqmnoopt06.sqm
    2007-12-20 13:02 . 2007-12-20 13:02 232 --ah----- C:\sqmdata06.sqm
    2007-12-20 07:42 . 2007-12-30 11:22 13,312 --a------ C:\WINDOWS\system32\ctfmon .exe
    2007-12-19 18:43 . 2007-12-19 18:43 244 --ah----- C:\sqmnoopt05.sqm
    2007-12-19 18:43 . 2007-12-19 18:43 232 --ah----- C:\sqmdata05.sqm
    2007-12-19 18:32 . 2007-12-19 18:32 244 --ah----- C:\sqmnoopt04.sqm
    2007-12-19 18:32 . 2007-12-19 18:32 232 --ah----- C:\sqmdata04.sqm
    2007-12-19 18:30 . 2007-12-19 18:30 129 --a------ C:\WINDOWS\system32\khtqtcn.bat
    2007-12-19 18:24 . 2007-12-19 18:24 244 --ah----- C:\sqmnoopt03.sqm
    2007-12-19 18:24 . 2007-12-19 18:24 232 --ah----- C:\sqmdata03.sqm
    2007-12-19 18:11 . 2007-12-19 18:11 244 --ah----- C:\sqmnoopt02.sqm
    2007-12-19 18:11 . 2007-12-19 18:11 232 --ah----- C:\sqmdata02.sqm
    2007-12-18 17:37 . 2007-12-19 18:50 <REP> d-------- C:\Program Files\Freeplayer(2)
    2007-12-16 19:50 . 2007-12-16 19:50 <REP> d-------- C:\Program Files\Maxis
    2007-12-15 17:36 . 2007-12-26 18:32 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2007-12-15 17:36 . 2007-12-15 17:36 1,409 --a------ C:\WINDOWS\QTFont.for
    2007-12-13 19:52 . 2007-12-16 15:58 764 --a------ C:\WINDOWS\eReg.dat
    2007-12-10 21:21 . 2007-12-10 21:21 <REP> d-------- C:\Program Files\Elaborate Bytes
    2007-12-09 22:31 . 2003-05-30 09:00 1,962,496 --a------ C:\WINDOWS\system32\quartz.dll
    2007-12-09 14:32 . 2007-12-09 14:32 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Snapfish
    2007-12-08 17:59 . 2007-12-08 17:59 <REP> d-------- C:\Program Files\iPod
    2007-12-08 17:59 . 2007-12-15 17:37 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Apple Computer
    2007-12-08 17:58 . 2008-01-03 07:37 <REP> d-------- C:\Program Files\iTunes
    2007-12-08 17:57 . 2007-12-31 12:27 <REP> d-------- C:\Program Files\QuickTime
    2007-12-08 17:57 . 2007-12-08 17:57 <REP> d-------- C:\Program Files\Apple Software Update
    2007-12-08 17:57 . 2007-12-08 17:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
    2007-12-08 17:57 . 2007-12-08 17:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
    2007-12-06 22:10 . 2007-12-20 07:31 <REP> d-------- C:\Program Files\Spyware Doctor
    2007-12-06 22:10 . 2007-12-06 22:10 <REP> d-------- C:\Documents and Settings\Alex\Application Data\PC Tools
    2007-12-06 22:10 . 2007-10-04 17:10 79,688 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
    2007-12-06 22:10 . 2007-10-04 17:10 62,280 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
    2007-12-06 22:10 . 2007-10-04 17:10 41,288 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
    2007-12-06 22:10 . 2007-10-04 17:11 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
    2007-12-05 07:33 . 2007-12-05 07:33 37,473 --a------ C:\WINDOWS\system32\muzika.xm

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-03 18:26 --------- d-----w C:\Program Files\Mozilla Thunderbird
    2008-01-03 09:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
    2008-01-02 14:14 --------- d-----w C:\Documents and Settings\Alex\Application Data\Free Download Manager
    2008-01-02 09:58 --------- d-----w C:\Program Files\MSN Messenger
    2008-01-02 09:58 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-01-01 15:17 --------- d-----w C:\Documents and Settings\Alex\Application Data\uTorrent
    2008-01-01 14:16 --------- d-----w C:\Program Files\eMule
    2007-12-30 16:20 --------- d-----w C:\Program Files\ViOrb
    2007-12-26 17:08 147,968 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\MSConfig .exe
    2007-12-23 17:16 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2007-12-22 10:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2007-12-20 19:03 --------- d-----w C:\Program Files\Navilog1
    2007-12-19 11:37 134,656 ----a-w C:\WINDOWS\system32\sfc_os.dll
    2007-12-17 19:16 --------- d-----w C:\Documents and Settings\Alex\Application Data\vlc
    2007-12-15 23:25 12,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
    2007-12-15 19:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-12-02 19:34 --------- d-----w C:\Program Files\DivX
    2007-11-30 17:39 --------- d-----w C:\Program Files\adslTV
    2007-11-16 12:20 --------- d-----w C:\Program Files\SopCast
    2007-11-10 12:54 15,872 ------w C:\WINDOWS\system32\winskfr.dll
    2007-11-05 06:52 --------- d-----w C:\Program Files\Maïdo Production
    2007-11-05 06:52 --------- d-----w C:\Program Files\Common~1
    2007-11-04 10:07 --------- d-----w C:\Documents and Settings\Alex\Application Data\MechCAD
    2007-10-31 17:28 39,424 ----a-w C:\WINDOWS\zipinst.exe
    2007-10-20 09:31 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    2007-10-20 00:56 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-10-20 00:56 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2007-10-10 18:44 18,312 ----a-w C:\Documents and Settings\Alex\Application Data\GDIPFONTCACHEV1.DAT
    2007-07-31 17:31 65,273 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_07_31_13_38_26_small.dmp.zip
    .
    1. ----a-w 147,968 2007-12-26 17:08:11 C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\MSConfig .exe
    2. ----a-w 13,312 2007-12-30 10:22:40 C:\WINDOWS\system32\ctfmon .exe



    ((((((((((((((((((((((((((((( snapshot_2008-01-02_ 7.40.03,57 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-01-02 06:35:26 270,336 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
    + 2008-01-04 06:06:40 270,336 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
    - 2008-01-02 06:22:31 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_518.dat
    + 2008-01-04 06:04:14 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_518.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-08-28 13:00 13312]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-31 10:05 79224]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-08-28 13:00 13312]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 08:01:04]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
    avldr.dll 2007-02-15 19:02 50736 C:\WINDOWS\system32\avldr.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\desmon]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dx7til]
    dx7til.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efccbba]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBCSTray]
    2007-12-30 22:22 698864 --a------ C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe

    R0 SBHR;SBHR;C:\WINDOWS\System32\drivers\sbhr.sys [2007-12-30 15:02]
    R0 viasraid;viasraid;C:\WINDOWS\System32\DRIVERS\viasraid.sys [2003-06-12 17:31]
    R1 fwdrv;Firewall Driver;C:\WINDOWS\System32\drivers\fwdrv.sys [2007-04-26 10:21]
    R1 khips;Kerio HIPS Driver;C:\WINDOWS\System32\drivers\khips.sys [2007-04-26 10:21]
    R2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\System32\DRIVERS\nvcap.sys [2003-09-08 13:52]
    R2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\System32\DRIVERS\NVxbar.sys [2003-09-08 13:52]
    R2 SBAPIFS;CounterSpy Filter Driver;C:\WINDOWS\System32\Drivers\Sbapifs.sys [2007-12-30 17:57]
    R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2001-08-28 13:00]
    S2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 10:21]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-01-01 14:43:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-01-03 19:00:00 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
    - C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
    "2007-12-28 16:29:03 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
    - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-04 07:10:27
    Windows 5.1.2600 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2008-01-04 7:11:53
    C:\qoobox\ComboFix-quarantined-files.txt 2008-01-04 06:11:47
    C:\qoobox\ComboFix2.txt 2008-01-01 14:02:50
    C:\qoobox\ComboFix3.txt 2008-01-01 12:26:55
    C:\qoobox\ComboFix4.txt 2007-12-31 11:33:23
    C:\qoobox\ComboFix5.txt 2007-12-20 19:10:33
    .
    2008-01-03 06:11:13 --- E O F ---
    a b 8 Sécurité
    4 Janvier 2008 13:01:30

    Supprime ta version de Combofix, retélécharge-la puis lance le scan.
    4 Janvier 2008 17:28:20

    Bonjour et merci une fois de plus de t'occuper de mon procbleme voici un nouveau rapport j'ai telecharger combo a partir de ton promier post


    ComboFix 08-01-04.1 - Alex 2008-01-04 13:15:32.11 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.0.1252.1.1036.18.283 [GMT 1:00]
    Running from: C:\Documents and Settings\Alex\Bureau\ComboFix.exe
    * Created a new restore point
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2007-12-04 to 2008-01-04 ))))))))))))))))))))))))))))))))))))
    .

    2008-01-01 15:23 . 2008-01-01 15:23 <REP> d-------- C:\Program Files\Roxio
    2008-01-01 15:23 . 2008-01-01 15:23 <REP> d-------- C:\Program Files\Fichiers communs\Roxio Shared
    2008-01-01 15:23 . 2008-01-01 15:23 <REP> d-------- C:\Program Files\Fichiers communs\Adaptec Shared
    2008-01-01 15:23 . 2008-01-01 15:23 62,288 --a------ C:\WINDOWS\system32\drivers\cdr4_xp.sys
    2008-01-01 15:23 . 2008-01-01 15:23 57,344 --a------ C:\WINDOWS\uneng.exe
    2008-01-01 15:23 . 2008-01-01 15:23 49,152 --a------ C:\WINDOWS\system32\cdrtc.dll
    2008-01-01 15:23 . 2008-01-01 15:23 45,056 --a------ C:\WINDOWS\system32\cdral.dll
    2008-01-01 15:23 . 2008-01-01 15:23 23,436 --a------ C:\WINDOWS\system32\drivers\cdralw2k.sys
    2008-01-01 14:57 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2008-01-01 14:25 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
    2008-01-01 13:29 . 2008-01-01 13:32 98,816 --a------ C:\sed.exe
    2008-01-01 13:29 . 2008-01-01 13:33 48,677 --a------ C:\temp00.cmd
    2008-01-01 13:29 . 2008-01-01 13:33 16,779 --a------ C:\temp00
    2007-12-30 16:47 . 2007-12-30 16:47 <REP> d-------- C:\Program Files\Trend Micro
    2007-12-30 15:02 . 2007-12-30 17:57 54,584 --a------ C:\WINDOWS\system32\drivers\sbapifs.sys
    2007-12-30 15:02 . 2007-12-30 15:02 15,544 --a------ C:\WINDOWS\system32\drivers\sbhr.sys
    2007-12-30 15:01 . 2007-12-30 15:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sunbelt Software
    2007-12-30 15:01 . 2007-12-30 15:01 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Sunbelt Software
    2007-12-29 16:38 . 2007-12-29 16:38 67 --a------ C:\WINDOWS\system32\drivers\fwdrv.err
    2007-12-28 23:18 . 2007-12-28 23:18 <REP> d-------- C:\Program Files\Comptes et Budget Free V5.0
    2007-12-28 23:18 . 2007-12-28 23:18 <REP> d-------- C:\Documents and Settings\Alex\Application Data\AlauxSoft
    2007-12-27 13:18 . 2007-12-30 15:00 <REP> d-------- C:\Program Files\Sunbelt Software
    2007-12-25 19:31 . 2007-12-25 19:31 8,192 --ahs---- C:\WINDOWS\system32\Thumbs.db
    2007-12-25 16:43 . 2006-03-16 11:19 54,960 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
    2007-12-25 16:43 . 2007-12-25 16:53 41,201 --a------ C:\WINDOWS\system32\vsconfig.xml
    2007-12-23 23:37 . 2007-12-23 23:37 <REP> d-------- C:\Program Files\Freeplayer-Win32-20070531
    2007-12-23 18:38 . 2007-12-23 18:38 0 --a------ C:\WINDOWS\system32\inflist.dat
    2007-12-23 18:37 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
    2007-12-23 18:37 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
    2007-12-23 18:37 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
    2007-12-23 18:37 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
    2007-12-23 18:37 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
    2007-12-23 18:37 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
    2007-12-23 18:37 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
    2007-12-23 18:24 . 2007-12-23 18:24 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Comodo
    2007-12-23 18:18 . 2007-12-23 18:18 <REP> d-------- C:\Program Files\Trustix
    2007-12-23 18:18 . 2006-05-03 12:09 73,728 --a------ C:\WINDOWS\system32\CavEmLSP.dll
    2007-12-23 18:17 . 2007-12-23 18:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Comodo
    2007-12-23 18:16 . 2007-12-23 18:16 <REP> d-------- C:\WINDOWS\Downloaded Installations
    2007-12-23 17:06 . 2007-12-23 17:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
    2007-12-23 17:01 . 2007-12-23 17:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
    2007-12-23 16:35 . 2007-12-23 16:35 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
    2007-12-23 11:56 . 2007-12-23 11:56 268 --ah----- C:\sqmdata08.sqm
    2007-12-23 11:56 . 2007-12-23 11:56 244 --ah----- C:\sqmnoopt08.sqm
    2007-12-22 11:19 . 2002-11-14 20:43 221,184 --a------ C:\WINDOWS\system32\srrstr.dll
    2007-12-22 11:19 . 2002-11-14 20:43 221,184 --a--c--- C:\WINDOWS\system32\dllcache\srrstr.dll
    2007-12-22 11:18 . 2007-12-22 11:18 <REP> d-------- C:\Program Files\MSXML 4.0
    2007-12-20 23:51 . 2007-12-20 23:51 73 --a------ C:\WINDOWS\system32\i
    2007-12-20 21:09 . 2007-12-23 17:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
    2007-12-20 20:58 . 2004-07-01 23:08 360,960 --a--c--- C:\WINDOWS\system32\dllcache\qmgr.dll
    2007-12-20 20:58 . 2004-07-01 23:08 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
    2007-12-20 20:58 . 2004-07-01 23:08 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
    2007-12-20 20:58 . 2004-07-01 23:08 17,408 --a--c--- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
    2007-12-20 20:58 . 2004-07-01 23:08 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
    2007-12-20 20:53 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
    2007-12-20 20:53 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
    2007-12-20 20:53 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
    2007-12-20 20:53 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
    2007-12-20 13:19 . 2007-12-20 13:19 244 --ah----- C:\sqmnoopt07.sqm
    2007-12-20 13:19 . 2007-12-20 13:19 232 --ah----- C:\sqmdata07.sqm
    2007-12-20 13:02 . 2007-12-20 13:02 244 --ah----- C:\sqmnoopt06.sqm
    2007-12-20 13:02 . 2007-12-20 13:02 232 --ah----- C:\sqmdata06.sqm
    2007-12-20 07:42 . 2007-12-30 11:22 13,312 --a------ C:\WINDOWS\system32\ctfmon .exe
    2007-12-19 18:43 . 2007-12-19 18:43 244 --ah----- C:\sqmnoopt05.sqm
    2007-12-19 18:43 . 2007-12-19 18:43 232 --ah----- C:\sqmdata05.sqm
    2007-12-19 18:32 . 2007-12-19 18:32 244 --ah----- C:\sqmnoopt04.sqm
    2007-12-19 18:32 . 2007-12-19 18:32 232 --ah----- C:\sqmdata04.sqm
    2007-12-19 18:30 . 2007-12-19 18:30 129 --a------ C:\WINDOWS\system32\khtqtcn.bat
    2007-12-19 18:24 . 2007-12-19 18:24 244 --ah----- C:\sqmnoopt03.sqm
    2007-12-19 18:24 . 2007-12-19 18:24 232 --ah----- C:\sqmdata03.sqm
    2007-12-19 18:11 . 2007-12-19 18:11 244 --ah----- C:\sqmnoopt02.sqm
    2007-12-19 18:11 . 2007-12-19 18:11 232 --ah----- C:\sqmdata02.sqm
    2007-12-18 17:37 . 2007-12-19 18:50 <REP> d-------- C:\Program Files\Freeplayer(2)
    2007-12-16 19:50 . 2007-12-16 19:50 <REP> d-------- C:\Program Files\Maxis
    2007-12-15 17:36 . 2007-12-26 18:32 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2007-12-15 17:36 . 2007-12-15 17:36 1,409 --a------ C:\WINDOWS\QTFont.for
    2007-12-13 19:52 . 2007-12-16 15:58 764 --a------ C:\WINDOWS\eReg.dat
    2007-12-10 21:21 . 2007-12-10 21:21 <REP> d-------- C:\Program Files\Elaborate Bytes
    2007-12-09 22:31 . 2003-05-30 09:00 1,962,496 --a------ C:\WINDOWS\system32\quartz.dll
    2007-12-09 14:32 . 2007-12-09 14:32 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Snapfish
    2007-12-08 17:59 . 2007-12-08 17:59 <REP> d-------- C:\Program Files\iPod
    2007-12-08 17:59 . 2007-12-15 17:37 <REP> d-------- C:\Documents and Settings\Alex\Application Data\Apple Computer
    2007-12-08 17:58 . 2008-01-03 07:37 <REP> d-------- C:\Program Files\iTunes
    2007-12-08 17:57 . 2007-12-31 12:27 <REP> d-------- C:\Program Files\QuickTime
    2007-12-08 17:57 . 2007-12-08 17:57 <REP> d-------- C:\Program Files\Apple Software Update
    2007-12-08 17:57 . 2007-12-08 17:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
    2007-12-08 17:57 . 2007-12-08 17:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
    2007-12-06 22:10 . 2007-12-20 07:31 <REP> d-------- C:\Program Files\Spyware Doctor
    2007-12-06 22:10 . 2007-12-06 22:10 <REP> d-------- C:\Documents and Settings\Alex\Application Data\PC Tools
    2007-12-06 22:10 . 2007-10-04 17:10 79,688 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
    2007-12-06 22:10 . 2007-10-04 17:10 62,280 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
    2007-12-06 22:10 . 2007-10-04 17:10 41,288 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
    2007-12-06 22:10 . 2007-10-04 17:11 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
    2007-12-05 07:33 . 2007-12-05 07:33 37,473 --a------ C:\WINDOWS\system32\muzika.xm

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-04 12:13 --------- d-----w C:\Documents and Settings\Alex\Application Data\Free Download Manager
    2008-01-04 12:07 --------- d-----w C:\Program Files\Mozilla Thunderbird
    2008-01-04 10:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
    2008-01-04 06:53 --------- d-----w C:\Documents and Settings\Alex\Application Data\uTorrent
    2008-01-04 06:41 --------- d-----w C:\Program Files\adslTV
    2008-01-02 09:58 --------- d-----w C:\Program Files\MSN Messenger
    2008-01-02 09:58 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-01-01 14:16 --------- d-----w C:\Program Files\eMule
    2007-12-30 16:20 --------- d-----w C:\Program Files\ViOrb
    2007-12-26 17:08 147,968 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\MSConfig .exe
    2007-12-23 17:16 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2007-12-22 10:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2007-12-20 19:03 --------- d-----w C:\Program Files\Navilog1
    2007-12-19 11:37 134,656 ----a-w C:\WINDOWS\system32\sfc_os.dll
    2007-12-17 19:16 --------- d-----w C:\Documents and Settings\Alex\Application Data\vlc
    2007-12-15 23:25 12,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
    2007-12-15 19:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-12-02 19:34 --------- d-----w C:\Program Files\DivX
    2007-11-16 12:20 --------- d-----w C:\Program Files\SopCast
    2007-11-10 12:54 15,872 ------w C:\WINDOWS\system32\winskfr.dll
    2007-11-05 06:52 --------- d-----w C:\Program Files\Maïdo Production
    2007-11-05 06:52 --------- d-----w C:\Program Files\Common~1
    2007-11-04 10:07 --------- d-----w C:\Documents and Settings\Alex\Application Data\MechCAD
    2007-10-31 17:28 39,424 ----a-w C:\WINDOWS\zipinst.exe
    2007-10-20 09:31 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    2007-10-20 00:56 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-10-20 00:56 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2007-10-10 18:44 18,312 ----a-w C:\Documents and Settings\Alex\Application Data\GDIPFONTCACHEV1.DAT
    2007-07-31 17:31 65,273 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_07_31_13_38_26_small.dmp.zip
    .

    Code :


    <pre>
    ----a-w 147,968 2007-12-26 17:08:11 C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\MSConfig .exe
    ----a-w 13,312 2007-12-30 10:22:40 C:\WINDOWS\system32\ctfmon .exe
    </pre>




    ((((((((((((((((((((((((((((( snapshot_2008-01-02_ 7.40.03,57 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-01-02 06:35:26 270,336 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
    + 2008-01-04 12:15:14 270,336 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
    - 2008-01-02 06:22:31 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_518.dat
    + 2008-01-04 08:04:54 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_518.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-08-28 13:00 13312]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-31 10:05 79224]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-08-28 13:00 13312]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 08:01:04]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
    avldr.dll 2007-02-15 19:02 50736 C:\WINDOWS\system32\avldr.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\desmon]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dx7til]
    dx7til.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efccbba]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBCSTray]
    2007-12-30 22:22 698864 --a------ C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe

    R0 SBHR;SBHR;C:\WINDOWS\System32\drivers\sbhr.sys [2007-12-30 15:02]
    R0 viasraid;viasraid;C:\WINDOWS\System32\DRIVERS\viasraid.sys [2003-06-12 17:31]
    R1 fwdrv;Firewall Driver;C:\WINDOWS\System32\drivers\fwdrv.sys [2007-04-26 10:21]
    R1 khips;Kerio HIPS Driver;C:\WINDOWS\System32\drivers\khips.sys [2007-04-26 10:21]
    R2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\System32\DRIVERS\nvcap.sys [2003-09-08 13:52]
    R2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\System32\DRIVERS\NVxbar.sys [2003-09-08 13:52]
    R2 SBAPIFS;CounterSpy Filter Driver;C:\WINDOWS\System32\Drivers\Sbapifs.sys [2007-12-30 17:57]
    R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2001-08-28 13:00]
    S2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 10:21]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-01-01 14:43:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-01-04 11:00:00 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
    - C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
    "2007-12-28 16:29:03 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
    - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-04 13:19:01
    Windows 5.1.2600 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2008-01-04 13:20:27
    ComboFix-quarantined-files.txt 2008-01-04 12:20:21
    ComboFix2.txt 2008-01-01 14:02:50
    ComboFix3.txt 2008-01-01 12:26:55
    ComboFix4.txt 2007-12-31 11:33:23
    ComboFix5.txt 2007-12-20 19:10:33

    a b 8 Sécurité
    4 Janvier 2008 17:30:32

    C'est mieux ?
    4 Janvier 2008 18:37:24

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:45:04, on 04/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\ulqcu.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\MSMSGS.EXE
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    E:\Shareaza\Shareaza.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
    O4 - HKLM\..\Run: [jj] C:\WINDOWS\system32\jj.exe
    O4 - HKLM\..\Run: [ulqcu] C:\WINDOWS\system32\ulqcu.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: WiFi Station.lnk = ?
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Environnement d'exécution Java 1.3.1_18) - http://javadl-esd.sun.com/update/1.3.1/jinstall-13-win3...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D90EF664-C1D3-4EEE-B806-933290AF0E32}: NameServer = 212.30.96.108,212.30.124.146
    O20 - Winlogon Notify: drwlse - drwlse.dll (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: Print Spooler Service (k5uluyaeuuoo) - Unknown owner - C:\WINDOWS\system32\ulqcu.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

    --
    End of file - 9008 bytes
    a b 8 Sécurité
    4 Janvier 2008 18:38:18

    Crée ton propre sujet.
    a b 8 Sécurité
    4 Janvier 2008 18:54:13

    Je parle à xav66.
    4 Janvier 2008 19:35:55

    Ah ok

    Tiens moi auc ourant concernant mon post si je dois faire d'autres manips stp
    a b 8 Sécurité
    4 Janvier 2008 21:15:14

    Citation :
    C'est mieux ?

    ...
    9 Janvier 2008 07:06:30

    Bonjour a vous tous et a toi angel dark

    je vous ecris car malheureusement quelques jours sont passés et je pensais m'etre debarrasé des mails publicitaires et bein non !

    Pouvez vous m'aider svp
    a b 8 Sécurité
    9 Janvier 2008 13:20:34

    Reposte un rapport Hijackthis...
    10 Janvier 2008 06:40:59

    Nouveau rapport :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 06:40:33, on 10/01/2008
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Télécharger les tous avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{83AAB61E-ED3D-426F-AF5F-CD046D755757}: NameServer = 212.27.54.252,212.27.53.252
    O20 - Winlogon Notify: desmon - C:\WINDOWS\
    O20 - Winlogon Notify: dx7til - dx7til.dll (file missing)
    O20 - Winlogon Notify: efccbba - C:\WINDOWS\
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

    --
    End of file - 6124 bytes
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS