Kaspersky disparu !

ComboFix 08-05-29.1 - cecile 2008-05-31 13:41:25.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6000.0.1252.1.1036.18.1006 [GMT 2:00]
Endroit: C:\Users\cecile\Desktop\killbagle.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\cecile\AppData\Roaming\m
C:\Users\cecile\AppData\Roaming\m\data.oct
C:\Users\cecile\AppData\Roaming\m\list.oct
C:\Users\cecile\AppData\Roaming\m\shared
C:\Users\cecile\AppData\Roaming\m\shared\190-510 Free Test Exam Questions 10.0 [Cracked].zip
C:\Users\cecile\AppData\Roaming\m\shared\1st JavaScript Editor Pro 3.7.zip
C:\Users\cecile\AppData\Roaming\m\shared\310-081 Free Test Exam Questions 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\3D-Jellyfish Screensaver 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\3D Arachnomamia 1.0 (KeyGen).zip
C:\Users\cecile\AppData\Roaming\m\shared\3dfiction Screensaver 45.zip
C:\Users\cecile\AppData\Roaming\m\shared\A-one DVD Copy Ripper Creator Package 5.70 KeyGen.zip
C:\Users\cecile\AppData\Roaming\m\shared\ABBYY FineReader OCR Professional 8.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\Acronis Privacy Expert Suite 9.0.1.429 (Serial).zip
C:\Users\cecile\AppData\Roaming\m\shared\Adriana Lima 30 Screensaver 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\AeternaBackup 1.0.1.115 (Serial).zip
C:\Users\cecile\AppData\Roaming\m\shared\Affiliate Marketing Success Roadmap 1.0 KeyGen.zip
C:\Users\cecile\AppData\Roaming\m\shared\Allok Video Splitter 1.8.zip
C:\Users\cecile\AppData\Roaming\m\shared\Altdo Video to Flash Converter 1.1 (Key+Serial).zip
C:\Users\cecile\AppData\Roaming\m\shared\Always On Top 1.2.zip
C:\Users\cecile\AppData\Roaming\m\shared\Ap PDF to HTML batch converter 3.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\Apex VCD Ripper 4.16 (Key+Serial).zip
C:\Users\cecile\AppData\Roaming\m\shared\Append PDF 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\AppKill 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\ASCII Key 1.3.zip
C:\Users\cecile\AppData\Roaming\m\shared\Aye Shutdown Lite 4.29.zip
C:\Users\cecile\AppData\Roaming\m\shared\B-Coder Professional 4.0 [Key].zip
C:\Users\cecile\AppData\Roaming\m\shared\BadBlue Personal Edition 2.7.zip
C:\Users\cecile\AppData\Roaming\m\shared\Baseball Scoreboard 1.zip
C:\Users\cecile\AppData\Roaming\m\shared\Battlefield 1942 - Blood mod.zip
C:\Users\cecile\AppData\Roaming\m\shared\BGallery 2.2.6.zip
C:\Users\cecile\AppData\Roaming\m\shared\Bodie's Typing 1.04.zip
C:\Users\cecile\AppData\Roaming\m\shared\Bookmark Permissions 07.06.13.02.zip
C:\Users\cecile\AppData\Roaming\m\shared\Browse and View 3.21.32.zip
C:\Users\cecile\AppData\Roaming\m\shared\Bubble Popping Frenzy 1.zip
C:\Users\cecile\AppData\Roaming\m\shared\Building a Blog Empire 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\BulletProofWebHostingSender 1.50.zip
C:\Users\cecile\AppData\Roaming\m\shared\bxAutoZip for Outlook 1.05.zip
C:\Users\cecile\AppData\Roaming\m\shared\Call of Duty MOH Stalingrad Rendition Map.zip
C:\Users\cecile\AppData\Roaming\m\shared\Camouflaging Imperfections 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\CD2HTML 5.1.2.0 [Key].zip
C:\Users\cecile\AppData\Roaming\m\shared\Choice 1.4.zip
C:\Users\cecile\AppData\Roaming\m\shared\ClickWhen 0.2.zip
C:\Users\cecile\AppData\Roaming\m\shared\Codename Eagle updated demo.zip
C:\Users\cecile\AppData\Roaming\m\shared\Collector's Gateway-(Yugioh) 1.2.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\ColorBurn 1.1.1.zip
C:\Users\cecile\AppData\Roaming\m\shared\Command & Conquer Generals - Biohazard's Fun map.zip
C:\Users\cecile\AppData\Roaming\m\shared\CompanyStreamLiner 2.0 build 011.zip
C:\Users\cecile\AppData\Roaming\m\shared\Contact Book 5.1 Key.zip
C:\Users\cecile\AppData\Roaming\m\shared\Contacts Synchronizer 1.8.11.24.zip
C:\Users\cecile\AppData\Roaming\m\shared\Copy Cleaner 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\Crack.Panda.Platinium.7.0_blackjackonline.altervista.org.zip
C:\Users\cecile\AppData\Roaming\m\shared\CrashDetective 1.0.0.0 [Crack].zip
C:\Users\cecile\AppData\Roaming\m\shared\Cultures Of Middle Earth Screensaver Ents 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\DaRO Uninstaller 2006 1.0 Key+Serial.zip
C:\Users\cecile\AppData\Roaming\m\shared\DigiSecret Lite 2.1.431.zip
C:\Users\cecile\AppData\Roaming\m\shared\DomainMaster 2.01b.zip
C:\Users\cecile\AppData\Roaming\m\shared\DriverspyNT 1.2.zip
C:\Users\cecile\AppData\Roaming\m\shared\DS Fire 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\DXF Works 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\Earth 2160 SuperStorm mod 3.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\Epson Stylus Photo 750 AT Driver 5.6aEN.zip
C:\Users\cecile\AppData\Roaming\m\shared\ESP 2.0 [Key].zip
C:\Users\cecile\AppData\Roaming\m\shared\Event Monitor 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\eXCalcEdit 1.0.0.1.1967 KeyGen.zip
C:\Users\cecile\AppData\Roaming\m\shared\Excel Invoice Template 1.zip
C:\Users\cecile\AppData\Roaming\m\shared\EyeRoller 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\EZ-Calc for Excel 5.1.zip
C:\Users\cecile\AppData\Roaming\m\shared\F.E.A.R. Combat v1.07 to v1.08 patch.zip
C:\Users\cecile\AppData\Roaming\m\shared\FileNote 1.1.zip
C:\Users\cecile\AppData\Roaming\m\shared\Flash Card Automatic Copier Pro 1.0 [KeyGen].zip
C:\Users\cecile\AppData\Roaming\m\shared\Flobo HDDDocRecovery 2.5 (Crack).zip
C:\Users\cecile\AppData\Roaming\m\shared\Flowchart4C# - Code to Flowchart to Visio - VS.NET Addin 1.1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\Free Backup Fix 2.1.zip
C:\Users\cecile\AppData\Roaming\m\shared\full_antivirus(Kaspersky_avast_antivir_norman_avwinsfx_f-prot.updated-fixed.06-2006.zip
C:\Users\cecile\AppData\Roaming\m\shared\Funky Farm Thanksgiving Edition 1.2.zip
C:\Users\cecile\AppData\Roaming\m\shared\Gargoyle Tapeless Backup 3.2.zip
C:\Users\cecile\AppData\Roaming\m\shared\GeneMatics 2.2.0 (Crack).zip
C:\Users\cecile\AppData\Roaming\m\shared\Golf Animated Jigsaw Puzzle 100pc.zip
C:\Users\cecile\AppData\Roaming\m\shared\GoopyCreatures 3D 1.1.03.zip
C:\Users\cecile\AppData\Roaming\m\shared\GOYA 2.0 (KeyGen).zip
C:\Users\cecile\AppData\Roaming\m\shared\Green River Game Pack 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\HandyCrypto 3.10.298.zip
C:\Users\cecile\AppData\Roaming\m\shared\HDD Observer 1.1.zip
C:\Users\cecile\AppData\Roaming\m\shared\Higher English Workout 2.zip
C:\Users\cecile\AppData\Roaming\m\shared\HTML Creator 3.5.1.zip
C:\Users\cecile\AppData\Roaming\m\shared\IBM 000-513 Practice Test Exam Questions.zip
C:\Users\cecile\AppData\Roaming\m\shared\ID Manager 6.9.zip
C:\Users\cecile\AppData\Roaming\m\shared\iFD WinFormula 1.1 [Cracked].zip
C:\Users\cecile\AppData\Roaming\m\shared\Insider 3000 Workstation RT 3.1.6.zip
C:\Users\cecile\AppData\Roaming\m\shared\Internet Control for Business 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\IP Shifter 2.1.14.zip
C:\Users\cecile\AppData\Roaming\m\shared\Iris Virtual Photo Album 1.2.2 [Cracked].zip
C:\Users\cecile\AppData\Roaming\m\shared\iTunesMyPortable 1.zip
C:\Users\cecile\AppData\Roaming\m\shared\JDN Hotkeys 1.47.zip
C:\Users\cecile\AppData\Roaming\m\shared\Karaoke Builder Studio 1.0.0363 (Key).zip
C:\Users\cecile\AppData\Roaming\m\shared\Karateka 1.3.zip
C:\Users\cecile\AppData\Roaming\m\shared\Kaspersky.Internet.Security.Suite.6.0.0.300.Key.zip
C:\Users\cecile\AppData\Roaming\m\shared\KAV.-.Kaspersky.Antivirus.-.KeyGenerator.-.2006.zip
C:\Users\cecile\AppData\Roaming\m\shared\Kernel Solaris 4.04.01.zip
C:\Users\cecile\AppData\Roaming\m\shared\kHomeAccounting 1.0 [With Crack].zip
C:\Users\cecile\AppData\Roaming\m\shared\LangPad - Danish Characters (Serial).zip
C:\Users\cecile\AppData\Roaming\m\shared\Letter-Up Standard 1.2.zip
C:\Users\cecile\AppData\Roaming\m\shared\Limiter 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\Link Exchange Manager 1.26.zip
C:\Users\cecile\AppData\Roaming\m\shared\Link Web Extractor 2.5 (KeyGen).zip
C:\Users\cecile\AppData\Roaming\m\shared\ListInstalls 1.1.zip
C:\Users\cecile\AppData\Roaming\m\shared\Machinist Calculator 2.1.2.zip
C:\Users\cecile\AppData\Roaming\m\shared\Madden NFL 2004.zip
C:\Users\cecile\AppData\Roaming\m\shared\Mail Forward 2.2.zip
C:\Users\cecile\AppData\Roaming\m\shared\MailScan 4 for Mail Server 4.5a.zip
C:\Users\cecile\AppData\Roaming\m\shared\Manage Your Finances 2.1.zip
C:\Users\cecile\AppData\Roaming\m\shared\Math Logic 4.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\Memor-Eyes 1.04 (Key).zip
C:\Users\cecile\AppData\Roaming\m\shared\Mersenne Primes Calculations 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\MGTEK Help Producer 2.2 Key+Serial.zip
C:\Users\cecile\AppData\Roaming\m\shared\Mortgage Calculator 1.1.4.zip
C:\Users\cecile\AppData\Roaming\m\shared\Movie Player Pro ActiveX OCX SDK 4.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\MR Tech Disable XPI Install Delay 2.4.zip
C:\Users\cecile\AppData\Roaming\m\shared\Musicnotes Player 1.22.3.zip
C:\Users\cecile\AppData\Roaming\m\shared\My Shortcuts 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\MyCAD Viewer 1.0 [KeyGen].zip
C:\Users\cecile\AppData\Roaming\m\shared\MyLife Freeware 6.zip
C:\Users\cecile\AppData\Roaming\m\shared\NCAA Pool 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\NetTrader 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\ngFTPD 1.6.zip
C:\Users\cecile\AppData\Roaming\m\shared\NOD32.Antivirus.v2.51.30.zip
C:\Users\cecile\AppData\Roaming\m\shared\North Bullfinches Animated Screensaver 3.11.zip
C:\Users\cecile\AppData\Roaming\m\shared\NTFS Undelete 0.9.zip
C:\Users\cecile\AppData\Roaming\m\shared\Nutri-Minder 2.1.1.zip
C:\Users\cecile\AppData\Roaming\m\shared\NY Traffic 1.zip
C:\Users\cecile\AppData\Roaming\m\shared\OneNote Password Recovery 2.0.4.zip
C:\Users\cecile\AppData\Roaming\m\shared\OOJNI Advanced Add-in for VC7.1 2.01.12.zip
C:\Users\cecile\AppData\Roaming\m\shared\Oops 1.02.zip
C:\Users\cecile\AppData\Roaming\m\shared\Original CD Emulator Network Edition(25-User) 2.02.zip
C:\Users\cecile\AppData\Roaming\m\shared\Orlando Toolbar 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\OtsJuke DJ 1.00.165 (KeyGen).zip
C:\Users\cecile\AppData\Roaming\m\shared\Pass Shield 1.0 (Serial).zip
C:\Users\cecile\AppData\Roaming\m\shared\PCmover 2.0 (With Crack).zip
C:\Users\cecile\AppData\Roaming\m\shared\pdc Essentials Me-1 2.0.1.zip
C:\Users\cecile\AppData\Roaming\m\shared\PDF-to-Word 2.1 [Serial].zip
C:\Users\cecile\AppData\Roaming\m\shared\PDF Image Magic 1.1.zip
C:\Users\cecile\AppData\Roaming\m\shared\PeetaReader 1.zip
C:\Users\cecile\AppData\Roaming\m\shared\Portable GIMP 2.2.10 Beta1.zip
C:\Users\cecile\AppData\Roaming\m\shared\Primedius Trace Cleaner Plus Firewall Lite 1.02.zip
C:\Users\cecile\AppData\Roaming\m\shared\ProfPDF Page Numberer 1.0 (With Crack).zip
C:\Users\cecile\AppData\Roaming\m\shared\Quiz of the States with QuizBuild 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\Rad FTP 1.5.zip
C:\Users\cecile\AppData\Roaming\m\shared\radio2XS WMP Tuner 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\REAKTOR 5 5.1.2 (Patch).zip
C:\Users\cecile\AppData\Roaming\m\shared\rebuilt.McAfee.Internet.Security.Suite.2007.7.00.zip
C:\Users\cecile\AppData\Roaming\m\shared\Reflect 1.1.1.zip
C:\Users\cecile\AppData\Roaming\m\shared\Relsoft DLL Compiler 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\Rhiannon's Realm Celtic Mahjongg Solitaire 1.10b.zip
C:\Users\cecile\AppData\Roaming\m\shared\ScimoreDB Distributed Server 2.0.592 [Cracked].zip
C:\Users\cecile\AppData\Roaming\m\shared\Scrape to Folder (Key).zip
C:\Users\cecile\AppData\Roaming\m\shared\ScreenGrab 1.1.zip
C:\Users\cecile\AppData\Roaming\m\shared\Send SMS Sidebar Gadget 1.7.3.zip
C:\Users\cecile\AppData\Roaming\m\shared\SendMailCMD 1.2.zip
C:\Users\cecile\AppData\Roaming\m\shared\Server Port 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\Skylook 1.5.3.134.zip
C:\Users\cecile\AppData\Roaming\m\shared\Small Tooltip 0.9.zip
C:\Users\cecile\AppData\Roaming\m\shared\SMTP Preprocessor 1.04.zip
C:\Users\cecile\AppData\Roaming\m\shared\Sonic CD.zip
C:\Users\cecile\AppData\Roaming\m\shared\SOY Enigma 1.12.zip
C:\Users\cecile\AppData\Roaming\m\shared\SpeedNet 5.1.3.zip
C:\Users\cecile\AppData\Roaming\m\shared\SpeedPDF Protection Manager (Desktop Version) 1.0 Key+Serial.zip
C:\Users\cecile\AppData\Roaming\m\shared\SQLeonardo 2006.3.zip
C:\Users\cecile\AppData\Roaming\m\shared\StampManage 2006.zip
C:\Users\cecile\AppData\Roaming\m\shared\StormWarn 1.0.0.4.zip
C:\Users\cecile\AppData\Roaming\m\shared\Sudoku Mania Download Edition 1.zip
C:\Users\cecile\AppData\Roaming\m\shared\Symantec.Norton.Ghost.10.2006.zip
C:\Users\cecile\AppData\Roaming\m\shared\Symantec.Norton.System.Works.2005.Professional-crack-serial-keygen.zip
C:\Users\cecile\AppData\Roaming\m\shared\TCPShellHook 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\tilde SiteBuilder 0.1.3 beta Key+Serial.zip
C:\Users\cecile\AppData\Roaming\m\shared\Total Video Converter 2.6.zip
C:\Users\cecile\AppData\Roaming\m\shared\TradUtil 1.02b10.zip
C:\Users\cecile\AppData\Roaming\m\shared\Tray Pilot 1.20 Build 14.zip
C:\Users\cecile\AppData\Roaming\m\shared\TurboNote+ 6.3.zip
C:\Users\cecile\AppData\Roaming\m\shared\Uha Maker 0.1b.zip
C:\Users\cecile\AppData\Roaming\m\shared\ultratool toolbar for Firefox 1.5.0.2.zip
C:\Users\cecile\AppData\Roaming\m\shared\UnPowerIt Now! 1.06.zip
C:\Users\cecile\AppData\Roaming\m\shared\Unreal Tournament 2004 Fraghouse Invasion mod zip 3.zip
C:\Users\cecile\AppData\Roaming\m\shared\URL Explorer 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\Vanga Rengi Mangaro 1.0.4.492 Crack.zip
C:\Users\cecile\AppData\Roaming\m\shared\Video Edit Converter Gold 2.0 KeyGen.zip
C:\Users\cecile\AppData\Roaming\m\shared\Visio Occam 1.1 (Key).zip
C:\Users\cecile\AppData\Roaming\m\shared\Visual Web Pack 5.5.1.zip
C:\Users\cecile\AppData\Roaming\m\shared\VPASP Shopping Cart - Free Starter Pack 6.09.zip
C:\Users\cecile\AppData\Roaming\m\shared\War-bucs 2.zip
C:\Users\cecile\AppData\Roaming\m\shared\WatchMyWeight 1.0.0.12.zip
C:\Users\cecile\AppData\Roaming\m\shared\Web Audio Plus 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\WEB Content grabber 3.3.0.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\WinRadius 3.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\WinX IPOD PSP 3GP MP4 PDA Video Converter 3.5.5.zip
C:\Users\cecile\AppData\Roaming\m\shared\Wrap Switcher 0.5.zip
C:\Users\cecile\AppData\Roaming\m\shared\XCaramba 1.5 beta 2.zip
C:\Users\cecile\AppData\Roaming\m\shared\XiRCON 1.0B4.zip
C:\Users\cecile\AppData\Roaming\m\shared\Yo!DirSize 1.4.zip
C:\Users\cecile\AppData\Roaming\m\shared\Zeallsoft Audio CD Ripper 2.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\Zeus for Windows 3.95y.zip
C:\Users\cecile\AppData\Roaming\m\shared\ZipIt! 1.0.zip
C:\Users\cecile\AppData\Roaming\m\shared\zsCompare Lite Edition 3.03.zip
C:\Users\cecile\AppData\Roaming\m\srvlist.oct
C:\Windows\system32\ban_list.txt
C:\Windows\system32\bccecafd_z.dll
C:\Windows\system32\drivers\downld
C:\Windows\system32\drivers\downld\141305.exe
C:\Windows\system32\drivers\downld\14760767.exe
C:\Windows\system32\drivers\downld\14809970.exe
C:\Windows\system32\drivers\downld\14828534.exe
C:\Windows\system32\drivers\downld\15064657.exe
C:\Windows\system32\drivers\downld\15086638.exe
C:\Windows\system32\drivers\downld\15098728.exe
C:\Windows\system32\drivers\downld\153302.exe
C:\Windows\system32\drivers\downld\155267.exe
C:\Windows\system32\drivers\downld\223799.exe
C:\Windows\system32\drivers\downld\297088.exe
C:\Windows\system32\drivers\downld\321096.exe
C:\Windows\system32\drivers\downld\339629.exe
C:\Windows\system32\drivers\downld\474773.exe
C:\Windows\system32\drivers\downld\502916.exe
C:\Windows\system32\drivers\downld\516051.exe
C:\Windows\system32\drivers\downld\615143.exe
C:\Windows\system32\drivers\downld\628340.exe
C:\Windows\system32\drivers\downld\630368.exe
C:\Windows\system32\drivers\downld\660321.exe
C:\Windows\system32\drivers\downld\682161.exe
C:\Windows\system32\drivers\downld\688089.exe
C:\Windows\system32\drivers\downld\706107.exe
C:\Windows\system32\drivers\downld\77454.exe
C:\Windows\system32\drivers\downld\798023.exe
C:\Windows\system32\drivers\downld\818802.exe
C:\Windows\system32\drivers\downld\832031.exe
C:\Windows\system32\drivers\downld\874697.exe
C:\Windows\system32\drivers\downld\903058.exe
C:\Windows\system32\drivers\downld\915429.exe
C:\Windows\system32\drivers\downld\961184.exe
C:\Windows\system32\drivers\downld\977221.exe
C:\Windows\system32\drivers\downld\985005.exe
C:\Windows\system32\drivers\hldrrr.exe
C:\Windows\system32\drivers\mdelk.exe
C:\Windows\system32\drivers\srosa.sys
C:\Windows\system32\mdelk.exe
C:\Windows\system32\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-28 to 2008-05-31 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier cr‚‚ dans cet espace de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-31 11:45 --------- d-----w C:\Program Files\StarOffice7
2008-05-31 10:08 --------- d-----w C:\Program Files\Microsoft Windows OneCare Live
2008-05-31 10:07 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
2008-05-31 09:24 --------- d-----w C:\ProgramData\Microsoft Corporation
2008-05-31 08:19 --------- d-----w C:\Program Files\eMule
2008-05-29 20:37 6,537,392 --sha-w C:\Windows\system32\drivers\fidbox.idx
2008-05-29 20:37 487,967,008 --sha-w C:\Windows\system32\drivers\fidbox.dat
2008-05-29 16:57 88,774 ----a-w C:\Windows\system32\drivers\klick.dat
2008-05-29 16:17 --------- d-----w C:\ProgramData\Kaspersky Lab
2008-05-28 17:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-28 17:40 --------- d-----w C:\Program Files\Windows Live
2008-05-28 17:38 --------- d-----w C:\Program Files\Canon
2008-05-28 17:36 --------- d-----w C:\ProgramData\ScanSoft
2008-05-28 17:28 --------- d-----w C:\Program Files\Google
2008-05-28 16:14 --------- d-----w C:\Program Files\Common Files\NewTech Infosystems
2008-05-28 16:07 --------- d-----w C:\Program Files\CyberLink
2008-05-28 14:46 96,966 ----a-w C:\Windows\system32\drivers\klin.dat
2008-05-27 16:44 69,632 ----a-w C:\Windows\uinst001.exe
2008-05-27 09:44 --------- d-----w C:\Program Files\VS Revo Group
2008-05-26 19:31 --------- d-----w C:\Program Files\RegCleaner
2008-05-26 18:59 --------- d-----w C:\ProgramData\WLInstaller
2008-05-26 18:56 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-05-26 18:35 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-05-26 17:34 --------- d-----w C:\Program Files\inKline Global
2008-05-25 19:20 --------- d-----w C:\Program Files\DivX
2008-05-24 22:08 --------- d-----w C:\Users\cecile\AppData\Roaming\Malwarebytes
2008-05-24 20:37 --------- d-----w C:\ProgramData\Malwarebytes
2008-05-24 20:29 --------- d-----w C:\Users\cecile\AppData\Roaming\Uniblue
2008-05-24 14:09 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-05-14 14:59 --------- d-----w C:\Program Files\Windows Mail
2008-05-14 11:04 --------- d-----w C:\ProgramData\Kaspersky Lab Setup Files
2008-05-13 19:08 --------- d-----w C:\ProgramData\Symantec
2008-05-13 12:32 --------- d-----w C:\Users\cecile\AppData\Roaming\Zylom
2008-05-13 12:32 --------- d-----w C:\ProgramData\Zylom
2008-05-13 12:03 --------- d---a-w C:\ProgramData\TEMP
2008-05-13 10:07 --------- d-----w C:\Users\cecile\AppData\Roaming\Flood Light Games
2008-05-13 10:07 --------- d-----w C:\ProgramData\Flood Light Games
2008-05-13 09:50 --------- d-----w C:\ProgramData\FloodLightGames
2008-05-13 07:40 --------- d-----w C:\ProgramData\JollyBear
2008-05-13 07:22 --------- d-----w C:\Program Files\Yahoo!
2008-05-12 10:10 --------- d-----w C:\ProgramData\eMule
2008-05-11 15:28 --------- d-----w C:\Users\cecile\AppData\Roaming\Yahoo!
2008-05-11 13:50 --------- d-----w C:\Users\cecile\AppData\Roaming\eMule
2008-05-10 20:01 --------- d-----w C:\Users\cecile\AppData\Roaming\BearShare
2008-04-25 18:46 --------- d-----w C:\ProgramData\CyberLink
2008-04-25 12:19 --------- d-----w C:\Users\cecile\AppData\Roaming\vlc
2008-04-17 07:03 --------- d-----w C:\Program Files\Free Audio Pack
2008-04-17 06:54 --------- d-----w C:\Program Files\Macrogaming
2008-04-16 11:13 --------- d-----w C:\ProgramData\Ashampoo
2008-04-15 17:23 --------- d-----w C:\ProgramData\Downloaded Installations
2008-04-15 10:55 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-04-14 11:45 --------- d-----w C:\Program Files\BearShare Applications
2008-04-08 10:06 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-03-31 14:00 --------- d--h--r C:\Users\cecile\AppData\Roaming\SecuROM
2008-03-08 04:30 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-03-08 04:30 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-03-08 04:30 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-03-08 04:30 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-03-08 00:22 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-02-01 10:17 587,264 ----a-w C:\Windows\WLXPGSS.SCR
2007-09-03 09:21 174 --sha-w C:\Program Files\desktop.ini
2007-08-30 15:21 278,528 ----a-w C:\Program Files\Common Files\FDEUnInstaller.exe
2008-01-07 21:19 2,078,752 --sha-w C:\Windows\System32\drivers\fidbox(48).dat
.

------- Sigcheck -------

.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2005-07-25 05:07 898065]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile-based device management"="%windir%\WindowsMobile\wmdSync.exe" [ ]
"Acer Empowering Technology Monitor"="C:\Windows\system32\SysMonitor.exe" [2006-11-23 16:24 319488]
"HCWemmon"="HCWemmon.exe" [2007-03-29 23:22 61440 C:\Windows\HCWemmon.exe]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-12-11 18:06 8530464]
"PCMService"="C:\Program Files\CyberLink\PowerCinema\PCMService.exe" [2007-08-10 23:04 151552]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-07 00:04 464168]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-12-11 18:06 86016]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-12-11 18:06 81920]
"OneCareUI"="C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe" [2008-05-31 13:43 67112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"FTRTSVC"="C:\Windows\System32\FTRTSVC.exe" [2004-08-23 14:49 40960]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]

C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
StarOffice 7.lnk - C:\Program Files\StarOffice7\program\quickstart.exe [2003-06-01 07:00:00 122880]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2006-12-26 01:18:20 528384]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codec"= l3codecp.acm

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanalPlayer]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPGServiceTool]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-43831412-2917221968-1593270925-1000]
"EnableNotificationsRef"=dword:0000000b

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{9BA4251D-AAAC-49CE-82E4-5F872922F39E}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{ADDF7873-69A9-4257-A440-093EB7D42596}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{B5A0D3F2-FD5C-4DE9-AC4F-4FE89324D63B}C:\\programdata\\kaspersky lab setup files\\kaspersky anti-virus 7.0.1.321\\french\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.321\french\setup.exe:Programme d'installation de Kaspersky Anti-Virus 7.0
"UDP Query User{C4642331-6906-4B05-A65E-CD2F5A02A26F}C:\\programdata\\kaspersky lab setup files\\kaspersky anti-virus 7.0.1.321\\french\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.321\french\setup.exe:Programme d'installation de Kaspersky Anti-Virus 7.0
"TCP Query User{6A761667-3ACD-4B84-863D-94AF642A3B6B}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{58FEE60D-53B9-4148-8298-8BFF604219C7}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{1B3D86E9-615A-4DE5-BC3E-446253532831}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{D62B7119-3E3F-4D00-ABA6-F7095B602CC2}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{04706E83-FC86-4540-A5FE-2683B06F2971}C:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= UDP:C:\program files\bearshare applications\bearshare\bearshare.exe:BearShare
"UDP Query User{982D1C8D-6EA6-4F53-B82A-CF9DA9D3141F}C:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= TCP:C:\program files\bearshare applications\bearshare\bearshare.exe:BearShare
"{E5FECA86-B8C7-4F3C-919D-5A538806D87F}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{A53E17DA-DD98-4C0F-8C8A-F49E6BE82D37}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{291C18BB-2624-4033-8B41-DE3A9E705CF2}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail
"{B91C5751-6839-4B09-8631-D7FDDC34A005}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail
"{8B9CF8B7-B6A0-404E-AE59-4AFD1F52812B}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail
"{E29036D3-CF22-4BF1-880C-4AF2768A2892}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail
"TCP Query User{6F74AD34-E165-46B6-A319-D7BDEA4BEDC3}C:\\program files\\echanblard\\emule.exe"= UDP:C:\program files\echanblard\emule.exe:eChanblard
"UDP Query User{8B5F8B67-919D-47F1-B8DA-DBD37DF7BFE0}C:\\program files\\echanblard\\emule.exe"= TCP:C:\program files\echanblard\emule.exe:eChanblard
"{5AF87EBF-B07C-4974-B4DD-74A81A318CDB}"= UDP:23299:BitComet 23299 TCP
"{D29B18FF-C8AF-4A9B-B256-D19D2DF87CFD}"= TCP:23299:BitComet 23299 UDP
"TCP Query User{3216AF5E-0D51-4F92-B946-CDA271349D8C}C:\\program files\\bitcomet\\bitcomet.exe"= UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{6506B275-E2D4-4F46-B6B1-FA9E9C8BE090}C:\\program files\\bitcomet\\bitcomet.exe"= TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"TCP Query User{873B8940-7F6A-452D-87E7-CBCCBFA02E3A}C:\\program files\\zattoo\\zattood.exe"= UDP:C:\program files\zattoo\zattood.exe:zattood
"UDP Query User{39902469-22FD-4799-824A-0371EC7483B9}C:\\program files\\zattoo\\zattood.exe"= TCP:C:\program files\zattoo\zattood.exe:zattood
"TCP Query User{D09CDC2A-071F-4454-A3D1-36033A828162}C:\\program files\\zattoo\\zattoo.exe"= UDP:C:\program files\zattoo\zattoo.exe:
"UDP Query User{8A4D0B65-DEC1-4696-B689-312A101839B5}C:\\program files\\zattoo\\zattoo.exe"= TCP:C:\program files\zattoo\zattoo.exe:
"TCP Query User{70E49E96-87C6-4981-AEEE-CDCD5F1E65C1}C:\\program files\\adsltv\\adsltv.exe"= UDP:C:\program files\adsltv\adsltv.exe:adsltv
"UDP Query User{ACF205A9-6B88-47D9-A75D-24F0E81DDFEB}C:\\program files\\adsltv\\adsltv.exe"= TCP:C:\program files\adsltv\adsltv.exe:adsltv
"{64DB159F-EFC0-4B81-B7EB-C1A50DF1E002}"= C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe:CyberLink PowerCinema
"{A526C0A4-342B-40CF-BC2D-F64968212295}"= C:\Program Files\CyberLink\PowerCinema\PCMService.exe:CyberLink PowerCinema Resident Program
"{36F9251A-E6D8-41CB-9BB8-A3CB57C74D03}"= C:\Program Files\CyberLink\PowerCinema\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
"{7CAC2674-CA1F-455C-AEF9-EB1B7ED8CA39}"= C:\Program Files\CyberLink\PowerCinema\Kernel\DMS\CLMSService.exe:CyberLink Media Server
"{10C1BFDA-7F30-40E9-80AF-F77FBC188D16}"= UDP:57338:Pando P2P TCP Listening Port
"{BBCBB850-E5FA-4093-8245-240EE9561B03}"= TCP:57338:Pando P2P UDP Listening Port
"{7498B457-8685-4A0A-B9F9-F297786BA851}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"= C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
"C:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
"C:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption

R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys [2007-02-07 00:04]
R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys [2007-02-07 00:04]
R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys [2006-11-08 16:11]
R2 eDataSecurity Service;eDSService.exe;"C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe" [2007-02-07 00:04]
R2 RapiMgr;Connectivité de l'appareil Windows Mobile;C:\Windows\system32\svchost.exe [2006-11-02 11:45]
R2 WcesComm;Connectivité de l'appareil Windows Mobile 2003;C:\Windows\system32\svchost.exe [2006-11-02 11:45]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 10:51]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
S3 Boonty Games;Boonty Games;"C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe" [2008-02-26 19:51]
S3 hcw95bda;Hauppauge MOD7700 Tuner Driver;C:\Windows\system32\Drivers\hcw95bda.sys [2007-10-25 10:47]
S3 hcw95rc;Hauppauge MOD7700 IR Driver;C:\Windows\system32\DRIVERS\hcw95rc.sys [2007-10-25 10:52]
S3 ovt530;Hercules Webcam Deluxe;C:\Windows\system32\Drivers\ov530vid.sys [2005-03-15 17:04]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver;C:\Windows\system32\Drivers\PCAMp50.sys [2006-11-28 21:46]
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\Windows\system32\Drivers\PCASp50.sys [2006-11-28 21:46]
S3 PTV339;Mini DualTV USB;C:\Windows\system32\DRIVERS\PTV339.SYS [2006-05-05 21:07]
S3 USB28xxBGA;WinTV HVR-900;C:\Windows\system32\DRIVERS\emBDA.sys [2007-01-30 03:20]
S3 USB28xxOEM;WinTV OEM Filter;C:\Windows\system32\DRIVERS\emOEM.sys [2007-01-30 03:19]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-31 13:48:20
Windows 6.0.6000 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\Windows\System32\audiodg.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\StarOffice7\program\soffice.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\System32\dllhost.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-05-31 13:51:27 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-31 11:51:19

Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
Le texte du message associ‚ au num‚ro 0x2379 est introuvable dans le fichier de messages pour Application.

475 --- E O F --- 2008-05-28 07:31:26

re,

Je pense avoir trouvé le probleme !!
windows service pack 1 etait mal installé !! maintenant mes programmes se reouvrent normalement !!
Mais j'ai toujours un virus bagle

bonjour,

j'ai telecharge windows live onecare et je pense qu'il a detruit le virus tout a l'air d'aller bien

merci de ton aide

ComboFix 09-05-17.04 - Administrateur 18/05/2009 12:26.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1013.613 [GMT 2:00]
Lancé depuis: c:\documents and settings\Administrateur\Bureau\Bibitte.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\Mpg4c32.dll
c:\windows\system32\Smab.dll
.
---- Exécution préalable -------
.
c:\documents and settings\All Users\documents\setup.exe
C:\InfoSat.txt
c:\windows\system32\msconfig.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-04-18 au 2009-05-18 ))))))))))))))))))))))))))))))))))))
.

2009-05-18 01:02 . 2009-05-18 03:16 -------- d-----w C:\UsbFix
2009-05-18 00:17 . 2009-05-18 02:56 -------- d-----w c:\program files\trend micro
2009-05-18 00:17 . 2009-05-18 00:17 -------- d-----w C:\rsit
2009-05-17 23:44 . 2009-05-17 23:44 96976 ----a-w c:\windows\system32\drivers\klin.dat
2009-05-17 23:44 . 2009-05-17 23:44 87855 ----a-w c:\windows\system32\drivers\klick.dat
2009-05-17 23:43 . 2009-05-17 23:47 32 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-05-17 23:43 . 2009-05-17 23:47 32 --sha-w c:\windows\system32\drivers\fidbox2.dat
2009-05-17 23:43 . 2009-05-17 23:43 -------- d-----w c:\program files\Kaspersky Lab
2009-05-17 22:20 . 2009-05-17 22:20 -------- d-----w C:\TEMP
2009-05-17 21:03 . 2009-05-17 21:03 -------- d-----w c:\program files\AxBx
2009-05-17 20:35 . 2009-05-17 20:35 -------- d-sh--w C:\found.000
2009-05-17 05:02 . 2009-05-17 05:02 -------- d-----w c:\documents and settings\Administrateur\Application Data\ooVoo Details
2009-05-17 05:01 . 2009-05-17 05:01 -------- d-----w c:\documents and settings\Administrateur\Application Data\EmailNotifier
2009-05-17 05:01 . 2009-05-17 05:01 -------- d-----w c:\documents and settings\All Users\Application Data\EmailNotifier
2009-05-17 05:01 . 2009-05-18 01:48 -------- d-----w c:\documents and settings\Administrateur\Application Data\oovootb
2009-05-17 05:01 . 2009-05-17 05:01 -------- d-----w c:\program files\oovootb
2009-05-17 05:01 . 2009-05-17 05:01 -------- d-----w c:\program files\ooVoo
2009-05-16 09:16 . 2001-08-17 18:07 55168 -c--a-w c:\windows\system32\dllcache\aic78u2.sys
2009-05-16 09:16 . 2001-08-17 18:07 55168 ----a-w c:\windows\system32\drivers\aic78u2.sys
2009-05-16 08:57 . 2009-05-16 08:57 -------- d-----w C:\KAV
2009-05-15 10:14 . 2009-05-15 10:14 -------- d--h--w c:\windows\system32\GroupPolicy
2009-05-13 17:07 . 2009-05-13 17:07 0 ----a-w c:\windows\nsreg.dat
2009-05-13 17:07 . 2009-05-13 17:07 -------- d-----w c:\documents and settings\Administrateur\Local Settings\Application Data\Mozilla
2009-05-13 17:06 . 2009-05-13 17:06 -------- d-----w c:\documents and settings\Administrateur\Local Settings\Application Data\Cooliris
2009-05-13 17:05 . 2009-05-13 17:05 -------- d-----w c:\documents and settings\Administrateur\Local Settings\Application Data\LastPass
2009-05-12 18:04 . 2009-05-12 18:04 -------- d-----w C:\Skrabble
2009-05-12 08:48 . 2009-05-12 08:48 -------- d-----w c:\program files\Fichiers communs\xara
2009-05-12 08:46 . 2009-05-12 08:49 -------- d-----w c:\documents and settings\All Users\Application Data\MAGIX
2009-05-12 08:46 . 2009-05-12 08:49 -------- d-----w c:\program files\MAGIX
2009-05-12 08:46 . 2007-04-27 07:43 120200 ----a-w c:\windows\system32\DLLDEV32i.dll
2009-05-12 08:46 . 2009-05-12 08:49 -------- d-----w c:\windows\system32\MAGIX
2009-05-12 08:46 . 2008-04-15 13:14 700416 ----a-w c:\windows\system32\mgxoschk.dll
2009-05-11 22:45 . 2009-05-11 22:45 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-11 22:44 . 2009-05-11 22:44 -------- d-----w c:\program files\Java
2009-05-11 14:08 . 2009-05-11 15:04 -------- d-----w c:\program files\iNTERNET Turbo
2009-05-11 14:08 . 2009-05-11 14:08 111 ----a-w c:\windows\system32\sysinter.drv
2009-05-11 04:43 . 2009-05-11 04:43 -------- d-----w c:\program files\TVApp
2009-05-10 20:55 . 2009-05-10 20:58 -------- d-----w C:\vdp
2009-05-10 20:52 . 2009-05-10 20:52 -------- d-----w c:\documents and settings\All Users\Application Data\WebacamSurveyor
2009-05-10 20:51 . 2009-05-12 06:49 -------- d-----w c:\program files\Webcam Surveyor
2009-05-10 17:09 . 2009-05-10 17:09 -------- d-----w c:\program files\Defraggler
2009-05-08 13:58 . 2009-05-08 13:58 -------- d-----w c:\documents and settings\Administrateur\Application Data\dvdcss
2009-05-08 09:13 . 2009-05-08 09:13 -------- d-----w c:\documents and settings\Administrateur\Local Settings\Application Data\webcamXP5
2009-05-08 08:09 . 2009-05-08 08:10 -------- d-----w c:\program files\Chatango
2009-05-08 03:08 . 2009-05-08 03:08 -------- d-----w c:\documents and settings\All Users\Application Data\webcamXP5
2009-05-08 03:00 . 2009-05-08 03:00 -------- d-----w c:\program files\wLite
2009-05-08 02:13 . 2009-05-08 02:13 -------- d-----w C:\downloads
2009-05-08 02:13 . 2009-05-08 02:13 -------- d-----w c:\documents and settings\Administrateur\Application Data\FMZilla
2009-05-08 02:13 . 2009-05-16 17:14 -------- d-----w c:\program files\Free Music Zilla
2009-05-07 02:10 . 2009-05-07 02:10 -------- d-----w c:\program files\uTorrent
2009-05-07 02:10 . 2009-05-12 21:48 -------- d-----w c:\documents and settings\Administrateur\Application Data\uTorrent
2009-05-07 02:06 . 2009-05-07 02:06 -------- d-----w c:\documents and settings\Administrateur\Local Settings\Application Data\Conduit
2009-05-07 02:06 . 2009-05-07 02:06 -------- d-----w c:\program files\Conduit
2009-05-07 02:06 . 2009-05-07 02:07 -------- d-----w c:\documents and settings\Administrateur\Local Settings\Application Data\Mininova
2009-05-07 02:06 . 2009-05-07 02:06 -------- d-----w c:\program files\Mininova
2009-05-06 15:13 . 2009-05-06 15:13 56 ---ha-w c:\windows\system32\ezsidmv.dat
2009-05-06 15:13 . 2009-05-10 07:10 -------- d-----w c:\documents and settings\Administrateur\Application Data\skypePM
2009-05-06 15:10 . 2009-05-10 07:11 -------- d-----w c:\documents and settings\Administrateur\Application Data\Skype
2009-05-06 15:09 . 2009-05-06 15:09 -------- d-----w c:\program files\Skype
2009-05-06 15:09 . 2009-05-06 15:09 -------- d-----w c:\program files\Fichiers communs\Skype
2009-05-06 15:09 . 2009-05-06 15:09 -------- d-----w c:\documents and settings\All Users\Application Data\Skype
2009-05-06 09:47 . 2009-05-16 08:19 -------- d-----w C:\Download
2009-05-04 10:10 . 2009-05-04 10:10 -------- d-----w c:\documents and settings\Administrateur\tkontrole
2009-05-04 10:07 . 2009-05-04 10:07 -------- d--h--w c:\program files\InstallJammer Registry
2009-05-04 10:07 . 2009-05-04 10:07 -------- d-----w c:\program files\tkontrole-client
2009-05-04 01:47 . 2009-05-05 06:53 -------- d-----w c:\documents and settings\Administrateur\Application Data\VersionTracker Pro
2009-05-04 01:24 . 2009-05-15 10:24 -------- d-----w c:\program files\No-IP
2009-04-30 18:01 . 2007-08-06 23:28 28272 ----a-w c:\windows\system32\NicCo2.dll
2009-04-30 14:42 . 2009-04-30 14:42 -------- d-----w c:\documents and settings\Administrateur\Local Settings\Application Data\Yahoo
2009-04-30 14:35 . 2009-04-30 14:42 -------- d-----w c:\documents and settings\All Users\Application Data\Yahoo!
2009-04-30 14:06 . 2007-02-12 12:50 20480 ----a-w c:\windows\FixCamera.exe
2009-04-30 14:06 . 2006-11-29 14:11 327680 ----a-w c:\windows\tsnp2std.exe
2009-04-30 14:06 . 2006-09-15 11:21 745472 ----a-w c:\windows\vsnp2std.exe
2009-04-30 14:06 . 2007-01-25 16:48 25472 ----a-w c:\windows\system32\drivers\sncamd.sys
2009-04-30 14:06 . 2007-03-02 09:22 12031744 ----a-w c:\windows\system32\drivers\snp2sxp.sys
2009-04-30 14:06 . 2007-02-05 13:25 151552 ----a-w c:\windows\system32\rsnp2std.dll
2009-04-30 14:06 . 2006-10-03 12:35 249856 ----a-w c:\windows\system32\vsnp2std.dll
2009-04-30 14:06 . 2006-11-16 13:57 77824 ----a-w c:\windows\system32\csnp2std.dll
2009-04-30 14:06 . 2009-04-30 14:06 -------- d-----w c:\program files\Fichiers communs\snp2std
2009-04-30 12:25 . 2009-04-30 12:25 -------- d-----w c:\windows\system32\LogFiles
2009-04-29 12:45 . 2009-05-18 10:22 -------- d-----w c:\documents and settings\Administrateur\Tracing
2009-04-29 12:40 . 2009-04-29 12:40 -------- d-----w c:\program files\Microsoft Silverlight
2009-04-29 12:40 . 2009-04-29 12:40 -------- d-----w c:\program files\Microsoft Office Outlook Connector
2009-04-29 12:40 . 2009-02-06 16:08 55152 ----a-w c:\windows\system32\drivers\fssfltr_tdi.sys
2009-04-29 12:33 . 2009-04-29 12:33 -------- d-----w c:\program files\Microsoft Sync Framework
2009-04-29 12:32 . 2009-04-29 12:32 -------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-04-29 12:31 . 2009-04-29 12:40 -------- d-----w c:\program files\Microsoft
2009-04-29 12:31 . 2009-04-29 12:31 -------- d-----w c:\program files\Windows Live SkyDrive
2009-04-29 12:30 . 2009-04-29 12:40 -------- d-----w c:\program files\Windows Live
2009-04-29 12:05 . 2006-11-29 11:06 3426072 ----a-w c:\windows\system32\d3dx9_32.dll
2009-04-29 11:34 . 2009-04-29 11:41 -------- d-----w c:\documents and settings\Administrateur\Application Data\vlc
2009-04-29 11:24 . 2009-04-29 11:24 -------- d-----w c:\program files\VideoLAN
2009-04-29 10:56 . 2008-12-12 08:34 1481884 ----a-w c:\windows\system32\igkrng400.bin
2009-04-29 10:56 . 2008-12-12 08:40 147456 ----a-w c:\windows\system32\igfxCoIn_v5016.dll
2009-04-29 10:50 . 2008-02-15 11:11 1399880 ----a-w c:\windows\system32\igklg450.dll
2009-04-29 10:50 . 2008-02-15 11:11 1843784 ----a-w c:\windows\system32\igklg400.dll
2009-04-29 10:50 . 2008-02-15 11:21 147456 ----a-w c:\windows\system32\igfxCoIn_v4926.dll
2009-04-29 10:50 . 2008-02-15 11:11 104636 ----a-w c:\windows\system32\igmedcompkrn.dll
2009-04-29 10:16 . 2008-04-13 07:39 5504 -c--a-w c:\windows\system32\dllcache\mstee.sys
2009-04-29 10:16 . 2008-04-13 07:39 5504 ----a-w c:\windows\system32\drivers\MSTEE.sys
2009-04-29 10:16 . 2008-04-13 07:46 10880 -c--a-w c:\windows\system32\dllcache\ndisip.sys
2009-04-29 10:16 . 2008-04-13 07:46 10880 ----a-w c:\windows\system32\drivers\NdisIP.sys
2009-04-29 10:16 . 2008-04-13 07:46 15232 -c--a-w c:\windows\system32\dllcache\streamip.sys
2009-04-29 10:16 . 2008-04-13 07:46 15232 ----a-w c:\windows\system32\drivers\StreamIP.sys
2009-04-29 10:16 . 2008-04-13 07:46 11136 -c--a-w c:\windows\system32\dllcache\slip.sys
2009-04-29 10:16 . 2008-04-13 07:46 11136 ----a-w c:\windows\system32\drivers\SLIP.sys
2009-04-29 10:16 . 2008-04-13 07:46 85248 -c--a-w c:\windows\system32\dllcache\nabtsfec.sys
2009-04-29 10:16 . 2008-04-13 07:46 85248 ----a-w c:\windows\system32\drivers\NABTSFEC.sys
2009-04-29 10:15 . 2008-04-13 07:46 17024 -c--a-w c:\windows\system32\dllcache\ccdecode.sys
2009-04-29 10:15 . 2008-04-13 07:46 17024 ----a-w c:\windows\system32\drivers\CCDECODE.sys
2009-04-29 10:15 . 2008-04-13 15:33 59392 ----a-w c:\windows\system32\vfwwdm32.dll
2009-04-29 09:44 . 2009-04-29 09:44 -------- d-----w c:\program files\Fichiers communs\Windows Live
2009-04-29 09:27 . 2008-12-04 07:31 53248 ----a-w c:\windows\system32\CSVer.dll
2009-04-29 09:26 . 2009-04-29 09:26 -------- d-----w C:\Intel
2009-04-29 09:17 . 2009-04-29 09:17 -------- d-----w c:\program files\ma-config.com
2009-04-29 09:17 . 2009-04-29 09:17 -------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com
2009-04-29 08:57 . 2009-04-29 08:57 -------- d-----w c:\program files\SAGEM
2009-04-29 08:57 . 2009-04-29 08:57 -------- d-----w c:\documents and settings\Administrateur\Application Data\InstallShield
2009-04-29 08:57 . 2003-01-30 04:46 28672 ----a-r c:\windows\system32\adinst32.dll
2009-04-29 08:49 . 2001-08-23 13:04 12288 -c--a-w c:\windows\system32\dllcache\mouhid.sys
2009-04-29 08:49 . 2001-08-23 13:04 12288 ----a-w c:\windows\system32\drivers\mouhid.sys
2009-04-29 08:48 . 2008-04-13 07:45 10368 -c--a-w c:\windows\system32\dllcache\hidusb.sys
2009-04-29 08:48 . 2008-04-13 07:45 10368 ----a-w c:\windows\system32\drivers\hidusb.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-18 02:48 . 2009-05-18 02:43 172 ----a-w C:\curr_ver.tmp
2009-05-17 23:47 . 2009-05-17 23:43 32 --sha-w c:\windows\system32\drivers\fidbox2.idx
2009-05-17 23:47 . 2009-05-17 23:43 32 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-05-17 20:31 . 2009-04-10 23:44 -------- d-----w c:\program files\SuperCopier2
2009-05-17 05:01 . 2009-04-11 00:58 -------- d--h--w c:\program files\InstallShield Installation Information
2009-05-12 10:57 . 2009-04-10 23:41 81568 ----a-w c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-08 15:10 . 2008-04-14 16:00 70140 ----a-w c:\windows\system32\perfc00C.dat
2009-05-08 15:10 . 2008-04-14 16:00 456114 ----a-w c:\windows\system32\perfh00C.dat
2009-04-30 18:06 . 2009-04-10 23:56 -------- d-----w c:\program files\Intel
2009-04-30 14:35 . 2009-04-10 23:50 -------- d-----w c:\program files\Yahoo!
2009-04-29 13:47 . 2009-04-11 01:15 -------- d-----w c:\program files\Thomson SpeedTouch
2009-04-29 09:14 . 2009-04-10 23:52 -------- d-----w c:\program files\Star Downloader
2009-04-29 08:58 . 2009-04-29 08:58 32 ----a-w c:\windows\system32\drivers\adidsl.cfg
2009-04-17 14:19 . 2009-04-17 14:19 -------- d-----w c:\program files\GRETECH
2009-04-16 23:42 . 2009-04-16 23:42 40320 ----a-w c:\windows\system32\drivers\steth.sys
2009-04-15 08:16 . 2009-04-15 08:17 -------- d-----w c:\program files\AviSynth 2.5
2009-04-15 08:16 . 2009-04-15 08:16 -------- d-----w c:\program files\eRightSoft
2009-04-15 07:40 . 2009-04-15 07:40 -------- d-----w c:\program files\Nero
2009-04-15 07:40 . 2009-04-15 07:40 -------- d-----w c:\program files\Fichiers communs\Ahead
2009-04-14 22:25 . 2009-04-14 22:25 -------- d-----w c:\program files\ESTsoft
2009-04-14 07:23 . 2009-04-14 07:23 -------- d-----w c:\program files\CyberLink
2009-04-14 07:20 . 2009-04-11 00:58 -------- d-----w c:\program files\Fichiers communs\InstallShield
2009-04-13 17:26 . 2009-04-13 07:41 -------- d-----w c:\program files\VirtualDJ
2009-04-11 01:24 . 2009-04-11 01:24 -------- d-----w c:\program files\Microsoft Works
2009-04-11 01:24 . 2009-04-11 01:24 -------- d-----w c:\program files\MSBuild
2009-04-11 01:16 . 2009-04-11 01:16 32000 ----a-w c:\windows\system32\drivers\stppp.sys
2009-04-11 01:16 . 2009-04-11 01:16 30464 ----a-w c:\windows\system32\drivers\st330.sys
2009-04-11 01:16 . 2009-04-11 01:16 16128 ----a-w c:\windows\system32\drivers\lpwdm.sys
2009-04-11 01:16 . 2009-04-11 01:16 12672 ----a-w c:\windows\system32\drivers\stbus.sys
2009-04-11 00:58 . 2009-04-11 00:58 -------- d-----w c:\program files\SigmaTel
2009-04-11 00:48 . 2009-04-11 00:48 -------- d-----w c:\program files\CCleaner
2009-04-11 00:40 . 2009-04-11 00:32 -------- d-----w c:\program files\Recuva
2009-04-11 00:36 . 2009-04-11 00:36 -------- d-----w c:\program files\Fichiers communs\Adobe AIR
2009-04-11 00:35 . 2009-04-11 00:35 -------- d-----w c:\program files\Fichiers communs\Adobe
2009-04-10 23:55 . 2009-04-10 23:55 -------- d-----w c:\program files\MSXML 4.0
2009-04-10 23:53 . 2009-04-10 23:52 -------- d-----w c:\program files\Opera
2009-04-10 23:51 . 2009-04-10 23:50 -------- d-----w c:\program files\DivX
2009-04-10 23:49 . 2009-04-10 23:49 552 ----a-w c:\windows\system32\d3d8caps.dat
2009-04-10 23:45 . 2009-04-10 23:45 -------- d-----w c:\program files\directx
2009-04-10 23:37 . 2009-04-10 23:37 -------- d-----w c:\program files\microsoft frontpage
2009-04-10 23:36 . 2009-04-10 23:30 -------- d-----w c:\program files\Windows Sidebar
2009-04-10 23:36 . 2009-04-10 23:36 -------- d-----w c:\program files\Alky for Applications
2009-04-10 23:34 . 2009-04-10 23:34 21892 ----a-w c:\windows\system32\emptyregdb.dat
2009-04-10 23:33 . 2009-04-10 23:33 -------- d-----w c:\program files\Windows Media Connect 2
2009-04-10 23:31 . 2009-04-10 23:31 -------- d-----w c:\program files\VistaExperience.org
2009-04-10 23:30 . 2009-04-10 23:29 -------- d-----w c:\program files\RocketDock
2009-03-06 11:54 . 2009-03-06 11:54 180224 ----a-w c:\windows\system32\Ncs2Setp.dll
2009-03-04 13:42 . 2009-03-04 13:42 760368 ----a-w c:\windows\system32\ncs2dmix.dll
2009-03-04 13:41 . 2009-03-04 13:41 530992 ----a-w c:\windows\system32\accesor.dll
2009-03-04 13:26 . 2009-03-04 13:26 141872 ----a-w c:\windows\system32\ncs2instutility.dll
2009-03-04 13:17 . 2009-03-04 13:17 1522224 ----a-w c:\windows\system32\ncscolib.dll
2006-05-03 10:06 . 2009-04-15 08:16 163328 --sh--r c:\windows\system32\flvDX.dll
2007-02-21 11:47 . 2009-04-15 08:16 31744 --sh--r c:\windows\system32\msfDX.dll
.

------- Sigcheck -------

[-] 2008-05-08 12:22 724480 DB3AB42404D66860A4C4E9ED8530D0FD c:\windows\system32\user32.dll

[-] 2008-05-08 12:22 568320 AE0D48AF37F5A48156D4A6BAE07C9121 c:\windows\system32\winlogon.exe

[-] 2008-05-15 17:53 2395136 A37C1B89E3446B9E3CBB4FE260FE52B9 c:\windows\system32\ntkrnlpa.exe

[-] 2008-05-08 12:18 2516480 3C3BC824F70B00CB9507E8F3FD0D0A46 c:\windows\system32\ntoskrnl.exe

[-] 2007-10-29 09:53 1916416 D84567752FB42D8DC55CFB85FE0EDECE c:\windows\explorer.exe

[-] 2008-05-08 12:13 40960 58DB2EE838D5B7BAD0F7F10A6C920390 c:\windows\system32\ctfmon.exe

[-] 2008-05-15 17:53 1571840 A5780186A76EABA3E656E63B41862997 c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{f592709f-ff4a-4862-b659-4afabda56312}"= "c:\program files\Mininova\tbMini.dll" [2009-05-06 2093080]

[HKEY_CLASSES_ROOT\clsid\{f592709f-ff4a-4862-b659-4afabda56312}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A1FB2F9A-D35E-11DD-8935-E46A56D89593}]
2009-03-16 13:53 87512 ----a-w c:\program files\oovootb\dtx.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f592709f-ff4a-4862-b659-4afabda56312}]
2009-05-06 14:27 2093080 ----a-w c:\program files\Mininova\tbMini.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{f592709f-ff4a-4862-b659-4afabda56312}"= "c:\program files\Mininova\tbMini.dll" [2009-05-06 2093080]
"{A1FB2F9A-D35E-11DD-8935-E46A56D89593}"= "c:\program files\oovootb\dtx.dll" [2009-03-16 87512]

[HKEY_CLASSES_ROOT\clsid\{f592709f-ff4a-4862-b659-4afabda56312}]

[HKEY_CLASSES_ROOT\clsid\{a1fb2f9a-d35e-11dd-8935-e46a56d89593}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{F592709F-FF4A-4862-B659-4AFABDA56312}"= "c:\program files\Mininova\tbMini.dll" [2009-05-06 2093080]

[HKEY_CLASSES_ROOT\clsid\{f592709f-ff4a-4862-b659-4afabda56312}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 569344]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-05-02 1276416]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-05-08 40960]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-09-03 94208]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-03-18 4441328]
"Chatango"="c:\program files\Chatango\Chatango.exe" [2008-02-05 425984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VistaDrive"="c:\windows\VistaDrive\VistaDrive.exe" [2006-10-05 354507]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 108400]
"Agent"="c:\program files\CyberLink\PowerVCRII\Agent.exe" [2001-03-07 172032]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 225280]
"diagnostics"="C:\Program Files/Thomson SpeedTouch/ST330/diagnostics/diagnostics.exe" [2009-04-29 634973]
"FixCamera"="c:\windows\FixCamera.exe" [2007-02-12 20480]
"tsnp2std"="c:\windows\tsnp2std.exe" [2006-11-29 327680]
"snp2std"="c:\windows\vsnp2std.exe" [2006-09-15 745472]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-11 230808]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-12-12 221184]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-12-12 245760]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-12-12 225280]
"SigmatelSysTrayApp"="sttray.exe" - c:\windows\sttray.exe [2006-05-26 356352]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 569344]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2008-03-01 124928]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2009-4-29 1275472]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"DisablePagingExecutive"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"d:\\L O G I C I E L S\\MODEM . SpeedTouch\\ST330v4005 (F)\\STHIW\\stInstall.exe"=
"c:\\Program Files\\Thomson SpeedTouch\\ST330\\service\\st330service.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\tkontrole-client\\tkontrole-client.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Free Music Zilla\\FMZilla.exe"=
"c:\\Program Files\\wLite\\wLite.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\vdp\\vdp.exe"=
"c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe"=
"c:\\Program Files\\CyberLink\\PowerVCRII\\Agent.exe"=
"c:\\Program Files\\Thomson SpeedTouch\\ST330\\diagnostics\\diagnostics.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\ymsgr_tray.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 7.0.1.325\\French\\setup.exe"=
"c:\\WINDOWS\\sttray.exe"=
"c:\\WINDOWS\\VistaDrive\\VistaDrive.exe"=
"c:\\Program Files\\RocketDock\\RocketDock.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\jusched.exe"=
"c:\\Program Files\\Windows Live\\Toolbar\\wltuser.exe"=
"c:\\Program Files\\TVApp\\TVPro\\Remote.exe"=
"c:\\Program Files\\CCleaner\\CCleaner.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"443:TCP"= 443:TCP:TCP port 443 ooVoo
"443:UDP"= 443:UDP:UDP port 443 ooVoo
"37674:TCP"= 37674:TCP:TCP port 37674 ooVoo
"37674:UDP"= 37674:UDP:UDP port 37674 ooVoo
"37675:UDP"= 37675:UDP:UDP port 37675 ooVoo

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17:29 VALR 32784]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [29/04/2009 14:40 VALR 55152]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [14/01/2009 17:53 VALR 226656]
R3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\nkrsig.sys --> c:\windows\system32\drivers\nkrsig.sys [?]
R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [29/04/2009 10:58 VALR 104344]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 17:06 VALR 24592]
S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [29/04/2009 10:58 VALR 69656]
S3 AVPsys;AVPsys;\??\c:\windows\system32\drivers\cdaudio.sys --> c:\windows\system32\drivers\cdaudio.sys [?]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 VALR 533360]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [21/04/2009 15:36 VALR 285864]
S3 ST330;ST330;c:\windows\system32\drivers\st330.sys [11/04/2009 03:16 VALR 30464]
S3 STBUS;STBUS;c:\windows\system32\drivers\stbus.sys [11/04/2009 03:16 VALR 12672]
S3 STETH;SpeedTouch Ethernet Adapter NT Driver;c:\windows\system32\drivers\steth.sys [17/04/2009 01:42 VALR 40320]
S3 stppp;Speedtouch PPP Adapter Adapter;c:\windows\system32\drivers\stppp.sys [11/04/2009 03:16 VALR 32000]
S3 TVProDrv;TVProDrv;c:\progra~1\TVApp\TVPro\TVProDrv.sys [11/05/2009 06:43 VALR 8272]
S3 ZSMC302;VIMICRO USB PC Camera;c:\windows\system32\drivers\usbVM31b.sys [29/08/2008 11:50 VALR 90568]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - HELPSVC

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register
.
Contenu du dossier 'Tâches planifiées'

2009-05-18 c:\windows\Tasks\Defraggler Volume C Task.job
- c:\program files\Defraggler\df.exe [2009-04-13 14:17]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-VisualTaskTip - \Program Files\VisualTaskTips\VisualTaskTips.exe
HKLM-Run-NWEReboot - (no file)
HKU-Default-Run-VisualTaskTip - \Program Files\VisualTaskTips\VisualTaskTips.exe


.
------- Examen supplémentaire -------
.
uSearchURL,(Default) = hxxp://www.google.fr/keyword/%s
IE: Ajouter à Kaspersky Anti-Bannière - c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
IE: Download with Star Downloader - c:\program files\Star Downloader\sdie.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: secuser.com\www
TCP: {37C45BC8-6818-4EA3-9F14-B9E2C05AB79F} = 213.136.96.2 213.136.96.37
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-18 12:29
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\st330service]
"ImagePath"="C:\Program Files/Thomson SpeedTouch/ST330/service/st330service.exe -service"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(1032)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'lsass.exe'(1096)
c:\windows\system32\setupapi.dll
c:\windows\system32\scecli.dll

- - - - - - - > 'explorer.exe'(2832)
c:\windows\system32\SHDOCVW.dll
c:\program files\RocketDock\RocketDock.dll
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\msi.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Thomson SpeedTouch\ST330\service\st330service.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\SigmaTel\C-Major Audio\WDM\stacsv.exe
c:\program files\Thomson SpeedTouch\ST330\diagnostics\diagnostics.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Yahoo!\Messenger\Ymsgr_tray.exe
.
**************************************************************************
.
Heure de fin: 2009-05-18 12:32 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-05-18 10:32

Avant-CF: 22 235 721 728 octets libres
Après-CF: 22 173 798 400 octets libres

412

ComboFix 09-05-17.04 - Administrateur 18/05/2009 12:26.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1013.613 [GMT 2:00]
Lancé depuis: c:\documents and settings\Administrateur\Bureau\Bibitte.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\Mpg4c32.dll
c:\windows\system32\Smab.dll
.
---- Exécution préalable -------
.
c:\documents and settings\All Users\documents\setup.exe
C:\InfoSat.txt
c:\windows\system32\msconfig.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-04-18 au 2009-05-18 ))))))))))))))))))))))))))))))))))))
.

2009-05-18 01:02 . 2009-05-18 03:16 -------- d-----w C:\UsbFix
2009-05-18 00:17 . 2009-05-18 02:56 -------- d-----w c:\program files\trend micro
2009-05-18 00:17 . 2009-05-18 00:17 -------- d-----w C:\rsit
2009-05-17 23:44 . 2009-05-17 23:44 96976 ----a-w c:\windows\system32\drivers\klin.dat
2009-05-17 23:44 . 2009-05-17 23:44 87855 ----a-w c:\windows\system32\drivers\klick.dat
2009-05-17 23:43 . 2009-05-17 23:47 32 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-05-17 23:43 . 2009-05-17 23:47 32 --sha-w c:\windows\system32\drivers\fidbox2.dat
2009-05-17 23:43 . 2009-05-17 23:43 -------- d-----w c:\program files\Kaspersky Lab
2009-05-17 22:20 . 2009-05-17 22:20 -------- d-----w C:\TEMP
2009-05-17 21:03 . 2009-05-17 21:03 -------- d-----w c:\program files\AxBx
2009-05-17 20:35 . 2009-05-17 20:35 -------- d-sh--w C:\found.000
2009-05-17 05:02 . 2009-05-17 05:02 -------- d-----w c:\documents and settings\Administrateur\Application Data\ooVoo Details
2009-05-17 05:01 . 2009-05-17 05:01 -------- d-----w c:\documents and settings\Administrateur\Application Data\EmailNotifier
2009-05-17 05:01 . 2009-05-17 05:01 -------- d-----w c:\documents and settings\All Users\Application Data\EmailNotifier
2009-05-17 05:01 . 2009-05-18 01:48 -------- d-----w c:\documents and settings\Administrateur\Application Data\oovootb
2009-05-17 05:01 . 2009-05-17 05:01 -------- d-----w c:\program files\oovootb
2009-05-17 05:01 . 2009-05-17 05:01 -------- d-----w c:\program files\ooVoo
2009-05-16 09:16 . 2001-08-17 18:07 55168 -c--a-w c:\windows\system32\dllcache\aic78u2.sys
2009-05-16 09:16 . 2001-08-17 18:07 55168 ----a-w c:\windows\system32\drivers\aic78u2.sys
2009-05-16 08:57 . 2009-05-16 08:57 -------- d-----w C:\KAV
2009-05-15 10:14 . 2009-05-15 10:14 -------- d--h--w c:\windows\system32\GroupPolicy
2009-05-13 17:07 . 2009-05-13 17:07 0 ----a-w c:\windows\nsreg.dat
2009-05-13 17:07 . 2009-05-13 17:07 -------- d-----w c:\documents and settings\Administrateur\Local Settings\Application Data\Mozilla
2009-05-13 17:06 . 2009-05-13 17:06 -------- d-----w c:\documents and settings\Administrateur\Local Settings\Application Data\Cooliris
2009-05-13 17:05 . 2009-05-13 17:05 -------- d-----w c:\documents and settings\Administrateur\Local Settings\Application Data\LastPass
2009-05-12 18:04 . 2009-05-12 18:04 -------- d-----w C:\Skrabble
2009-05-12 08:48 . 2009-05-12 08:48 -------- d-----w c:\program files\Fichiers communs\xara
2009-05-12 08:46 . 2009-05-12 08:49 -------- d-----w c:\documents and settings\All Users\Application Data\MAGIX
2009-05-12 08:46 . 2009-05-12 08:49 -------- d-----w c:\program files\MAGIX
2009-05-12 08:46 . 2007-04-27 07:43 120200 ----a-w c:\windows\system32\DLLDEV32i.dll
2009-05-12 08:46 . 2009-05-12 08:49 -------- d-----w c:\windows\system32\MAGIX
2009-05-12 08:46 . 2008-04-15 13:14 700416 ----a-w c:\windows\system32\mgxoschk.dll
2009-05-11 22:45 . 2009-05-11 22:45 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-11 22:44 . 2009-05-11 22:44 -------- d-----w c:\program files\Java
2009-05-11 14:08 . 2009-05-11 15:04 -------- d-----w c:\program files\iNTERNET Turbo
2009-05-11 14:08 . 2009-05-11 14:08 111 ----a-w c:\windows\system32\sysinter.drv
2009-05-11 04:43 . 2009-05-11 04:43 -------- d-----w c:\program files\TVApp
2009-05-10 20:55 . 2009-05-10 20:58 -------- d-----w C:\vdp
2009-05-10 20:52 . 2009-05-10 20:52 -------- d-----w c:\documents and settings\All Users\Application Data\WebacamSurveyor
2009-05-10 20:51 . 2009-05-12 06:49 -------- d-----w c:\program files\Webcam Surveyor
2009-05-10 17:09 . 2009-05-10 17:09 -------- d-----w c:\program files\Defraggler
2009-05-08 13:58 . 2009-05-08 13:58 -------- d-----w c:\documents and settings\Administrateur\Application Data\dvdcss
2009-05-08 09:13 . 2009-05-08 09:13 -------- d-----w c:\documents and settings\Administrateur\Local Settings\Application Data\webcamXP5
2009-05-08 08:09 . 2009-05-08 08:10 -------- d-----w c:\program files\Chatango
2009-05-08 03:08 . 2009-05-08 03:08 -------- d-----w c:\documents and settings\All Users\Application Data\webcamXP5
2009-05-08 03:00 . 2009-05-08 03:00 -------- d-----w c:\program files\wLite
2009-05-08 02:13 . 2009-05-08 02:13 -------- d-----w C:\downloads
2009-05-08 02:13 . 2009-05-08 02:13 -------- d-----w c:\documents and settings\Administrateur\Application Data\FMZilla
2009-05-08 02:13 . 2009-05-16 17:14 -------- d-----w c:\program files\Free Music Zilla
2009-05-07 02:10 . 2009-05-07 02:10 -------- d-----w c:\program files\uTorrent
2009-05-07 02:10 . 2009-05-12 21:48 -------- d-----w c:\documents and settings\Administrateur\Application Data\uTorrent
2009-05-07 02:06 . 2009-05-07 02:06 -------- d-----w c:\documents and settings\Administrateur\Local Settings\Application Data\Conduit
2009-05-07 02:06 . 2009-05-07 02:06 -------- d-----w c:\program files\Conduit
2009-05-07 02:06 . 2009-05-07 02:07 -------- d-----w c:\documents and settings\Administrateur\Local Settings\Application Data\Mininova
2009-05-07 02:06 . 2009-05-07 02:06 -------- d-----w c:\program files\Mininova
2009-05-06 15:13 . 2009-05-06 15:13 56 ---ha-w c:\windows\system32\ezsidmv.dat
2009-05-06 15:13 . 2009-05-10 07:10 -------- d-----w c:\documents and settings\Administrateur\Application Data\skypePM
2009-05-06 15:10 . 2009-05-10 07:11 -------- d-----w c:\documents and settings\Administrateur\Application Data\Skype
2009-05-06 15:09 . 2009-05-06 15:09 -------- d-----w c:\program files\Skype
2009-05-06 15:09 . 2009-05-06 15:09 -------- d-----w c:\program files\Fichiers communs\Skype
2009-05-06 15:09 . 2009-05-06 15:09 -------- d-----w c:\documents and settings\All Users\Application Data\Skype
2009-05-06 09:47 . 2009-05-16 08:19 -------- d-----w C:\Download
2009-05-04 10:10 . 2009-05-04 10:10 -------- d-----w c:\documents and settings\Administrateur\tkontrole
2009-05-04 10:07 . 2009-05-04 10:07 -------- d--h--w c:\program files\InstallJammer Registry
2009-05-04 10:07 . 2009-05-04 10:07 -------- d-----w c:\program files\tkontrole-client
2009-05-04 01:47 . 2009-05-05 06:53 -------- d-----w c:\documents and settings\Administrateur\Application Data\VersionTracker Pro
2009-05-04 01:24 . 2009-05-15 10:24 -------- d-----w c:\program files\No-IP
2009-04-30 18:01 . 2007-08-06 23:28 28272 ----a-w c:\windows\system32\NicCo2.dll
2009-04-30 14:42 . 2009-04-30 14:42 -------- d-----w c:\documents and settings\Administrateur\Local Settings\Application Data\Yahoo
2009-04-30 14:35 . 2009-04-30 14:42 -------- d-----w c:\documents and settings\All Users\Application Data\Yahoo!
2009-04-30 14:06 . 2007-02-12 12:50 20480 ----a-w c:\windows\FixCamera.exe
2009-04-30 14:06 . 2006-11-29 14:11 327680 ----a-w c:\windows\tsnp2std.exe
2009-04-30 14:06 . 2006-09-15 11:21 745472 ----a-w c:\windows\vsnp2std.exe
2009-04-30 14:06 . 2007-01-25 16:48 25472 ----a-w c:\windows\system32\drivers\sncamd.sys
2009-04-30 14:06 . 2007-03-02 09:22 12031744 ----a-w c:\windows\system32\drivers\snp2sxp.sys
2009-04-30 14:06 . 2007-02-05 13:25 151552 ----a-w c:\windows\system32\rsnp2std.dll
2009-04-30 14:06 . 2006-10-03 12:35 249856 ----a-w c:\windows\system32\vsnp2std.dll
2009-04-30 14:06 . 2006-11-16 13:57 77824 ----a-w c:\windows\system32\csnp2std.dll
2009-04-30 14:06 . 2009-04-30 14:06 -------- d-----w c:\program files\Fichiers communs\snp2std
2009-04-30 12:25 . 2009-04-30 12:25 -------- d-----w c:\windows\system32\LogFiles
2009-04-29 12:45 . 2009-05-18 10:22 -------- d-----w c:\documents and settings\Administrateur\Tracing
2009-04-29 12:40 . 2009-04-29 12:40 -------- d-----w c:\program files\Microsoft Silverlight
2009-04-29 12:40 . 2009-04-29 12:40 -------- d-----w c:\program files\Microsoft Office Outlook Connector
2009-04-29 12:40 . 2009-02-06 16:08 55152 ----a-w c:\windows\system32\drivers\fssfltr_tdi.sys
2009-04-29 12:33 . 2009-04-29 12:33 -------- d-----w c:\program files\Microsoft Sync Framework
2009-04-29 12:32 . 2009-04-29 12:32 -------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-04-29 12:31 . 2009-04-29 12:40 -------- d-----w c:\program files\Microsoft
2009-04-29 12:31 . 2009-04-29 12:31 -------- d-----w c:\program files\Windows Live SkyDrive
2009-04-29 12:30 . 2009-04-29 12:40 -------- d-----w c:\program files\Windows Live
2009-04-29 12:05 . 2006-11-29 11:06 3426072 ----a-w c:\windows\system32\d3dx9_32.dll
2009-04-29 11:34 . 2009-04-29 11:41 -------- d-----w c:\documents and settings\Administrateur\Application Data\vlc
2009-04-29 11:24 . 2009-04-29 11:24 -------- d-----w c:\program files\VideoLAN
2009-04-29 10:56 . 2008-12-12 08:34 1481884 ----a-w c:\windows\system32\igkrng400.bin
2009-04-29 10:56 . 2008-12-12 08:40 147456 ----a-w c:\windows\system32\igfxCoIn_v5016.dll
2009-04-29 10:50 . 2008-02-15 11:11 1399880 ----a-w c:\windows\system32\igklg450.dll
2009-04-29 10:50 . 2008-02-15 11:11 1843784 ----a-w c:\windows\system32\igklg400.dll
2009-04-29 10:50 . 2008-02-15 11:21 147456 ----a-w c:\windows\system32\igfxCoIn_v4926.dll
2009-04-29 10:50 . 2008-02-15 11:11 104636 ----a-w c:\windows\system32\igmedcompkrn.dll
2009-04-29 10:16 . 2008-04-13 07:39 5504 -c--a-w c:\windows\system32\dllcache\mstee.sys
2009-04-29 10:16 . 2008-04-13 07:39 5504 ----a-w c:\windows\system32\drivers\MSTEE.sys
2009-04-29 10:16 . 2008-04-13 07:46 10880 -c--a-w c:\windows\system32\dllcache\ndisip.sys
2009-04-29 10:16 . 2008-04-13 07:46 10880 ----a-w c:\windows\system32\drivers\NdisIP.sys
2009-04-29 10:16 . 2008-04-13 07:46 15232 -c--a-w c:\windows\system32\dllcache\streamip.sys
2009-04-29 10:16 . 2008-04-13 07:46 15232 ----a-w c:\windows\system32\drivers\StreamIP.sys
2009-04-29 10:16 . 2008-04-13 07:46 11136 -c--a-w c:\windows\system32\dllcache\slip.sys
2009-04-29 10:16 . 2008-04-13 07:46 11136 ----a-w c:\windows\system32\drivers\SLIP.sys
2009-04-29 10:16 . 2008-04-13 07:46 85248 -c--a-w c:\windows\system32\dllcache\nabtsfec.sys
2009-04-29 10:16 . 2008-04-13 07:46 85248 ----a-w c:\windows\system32\drivers\NABTSFEC.sys
2009-04-29 10:15 . 2008-04-13 07:46 17024 -c--a-w c:\windows\system32\dllcache\ccdecode.sys
2009-04-29 10:15 . 2008-04-13 07:46 17024 ----a-w c:\windows\system32\drivers\CCDECODE.sys
2009-04-29 10:15 . 2008-04-13 15:33 59392 ----a-w c:\windows\system32\vfwwdm32.dll
2009-04-29 09:44 . 2009-04-29 09:44 -------- d-----w c:\program files\Fichiers communs\Windows Live
2009-04-29 09:27 . 2008-12-04 07:31 53248 ----a-w c:\windows\system32\CSVer.dll
2009-04-29 09:26 . 2009-04-29 09:26 -------- d-----w C:\Intel
2009-04-29 09:17 . 2009-04-29 09:17 -------- d-----w c:\program files\ma-config.com
2009-04-29 09:17 . 2009-04-29 09:17 -------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com
2009-04-29 08:57 . 2009-04-29 08:57 -------- d-----w c:\program files\SAGEM
2009-04-29 08:57 . 2009-04-29 08:57 -------- d-----w c:\documents and settings\Administrateur\Application Data\InstallShield
2009-04-29 08:57 . 2003-01-30 04:46 28672 ----a-r c:\windows\system32\adinst32.dll
2009-04-29 08:49 . 2001-08-23 13:04 12288 -c--a-w c:\windows\system32\dllcache\mouhid.sys
2009-04-29 08:49 . 2001-08-23 13:04 12288 ----a-w c:\windows\system32\drivers\mouhid.sys
2009-04-29 08:48 . 2008-04-13 07:45 10368 -c--a-w c:\windows\system32\dllcache\hidusb.sys
2009-04-29 08:48 . 2008-04-13 07:45 10368 ----a-w c:\windows\system32\drivers\hidusb.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-18 02:48 . 2009-05-18 02:43 172 ----a-w C:\curr_ver.tmp
2009-05-17 23:47 . 2009-05-17 23:43 32 --sha-w c:\windows\system32\drivers\fidbox2.idx
2009-05-17 23:47 . 2009-05-17 23:43 32 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-05-17 20:31 . 2009-04-10 23:44 -------- d-----w c:\program files\SuperCopier2
2009-05-17 05:01 . 2009-04-11 00:58 -------- d--h--w c:\program files\InstallShield Installation Information
2009-05-12 10:57 . 2009-04-10 23:41 81568 ----a-w c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-08 15:10 . 2008-04-14 16:00 70140 ----a-w c:\windows\system32\perfc00C.dat
2009-05-08 15:10 . 2008-04-14 16:00 456114 ----a-w c:\windows\system32\perfh00C.dat
2009-04-30 18:06 . 2009-04-10 23:56 -------- d-----w c:\program files\Intel
2009-04-30 14:35 . 2009-04-10 23:50 -------- d-----w c:\program files\Yahoo!
2009-04-29 13:47 . 2009-04-11 01:15 -------- d-----w c:\program files\Thomson SpeedTouch
2009-04-29 09:14 . 2009-04-10 23:52 -------- d-----w c:\program files\Star Downloader
2009-04-29 08:58 . 2009-04-29 08:58 32 ----a-w c:\windows\system32\drivers\adidsl.cfg
2009-04-17 14:19 . 2009-04-17 14:19 -------- d-----w c:\program files\GRETECH
2009-04-16 23:42 . 2009-04-16 23:42 40320 ----a-w c:\windows\system32\drivers\steth.sys
2009-04-15 08:16 . 2009-04-15 08:17 -------- d-----w c:\program files\AviSynth 2.5
2009-04-15 08:16 . 2009-04-15 08:16 -------- d-----w c:\program files\eRightSoft
2009-04-15 07:40 . 2009-04-15 07:40 -------- d-----w c:\program files\Nero
2009-04-15 07:40 . 2009-04-15 07:40 -------- d-----w c:\program files\Fichiers communs\Ahead
2009-04-14 22:25 . 2009-04-14 22:25 -------- d-----w c:\program files\ESTsoft
2009-04-14 07:23 . 2009-04-14 07:23 -------- d-----w c:\program files\CyberLink
2009-04-14 07:20 . 2009-04-11 00:58 -------- d-----w c:\program files\Fichiers communs\InstallShield
2009-04-13 17:26 . 2009-04-13 07:41 -------- d-----w c:\program files\VirtualDJ
2009-04-11 01:24 . 2009-04-11 01:24 -------- d-----w c:\program files\Microsoft Works
2009-04-11 01:24 . 2009-04-11 01:24 -------- d-----w c:\program files\MSBuild
2009-04-11 01:16 . 2009-04-11 01:16 32000 ----a-w c:\windows\system32\drivers\stppp.sys
2009-04-11 01:16 . 2009-04-11 01:16 30464 ----a-w c:\windows\system32\drivers\st330.sys
2009-04-11 01:16 . 2009-04-11 01:16 16128 ----a-w c:\windows\system32\drivers\lpwdm.sys
2009-04-11 01:16 . 2009-04-11 01:16 12672 ----a-w c:\windows\system32\drivers\stbus.sys
2009-04-11 00:58 . 2009-04-11 00:58 -------- d-----w c:\program files\SigmaTel
2009-04-11 00:48 . 2009-04-11 00:48 -------- d-----w c:\program files\CCleaner
2009-04-11 00:40 . 2009-04-11 00:32 -------- d-----w c:\program files\Recuva
2009-04-11 00:36 . 2009-04-11 00:36 -------- d-----w c:\program files\Fichiers communs\Adobe AIR
2009-04-11 00:35 . 2009-04-11 00:35 -------- d-----w c:\program files\Fichiers communs\Adobe
2009-04-10 23:55 . 2009-04-10 23:55 -------- d-----w c:\program files\MSXML 4.0
2009-04-10 23:53 . 2009-04-10 23:52 -------- d-----w c:\program files\Opera
2009-04-10 23:51 . 2009-04-10 23:50 -------- d-----w c:\program files\DivX
2009-04-10 23:49 . 2009-04-10 23:49 552 ----a-w c:\windows\system32\d3d8caps.dat
2009-04-10 23:45 . 2009-04-10 23:45 -------- d-----w c:\program files\directx
2009-04-10 23:37 . 2009-04-10 23:37 -------- d-----w c:\program files\microsoft frontpage
2009-04-10 23:36 . 2009-04-10 23:30 -------- d-----w c:\program files\Windows Sidebar
2009-04-10 23:36 . 2009-04-10 23:36 -------- d-----w c:\program files\Alky for Applications
2009-04-10 23:34 . 2009-04-10 23:34 21892 ----a-w c:\windows\system32\emptyregdb.dat
2009-04-10 23:33 . 2009-04-10 23:33 -------- d-----w c:\program files\Windows Media Connect 2
2009-04-10 23:31 . 2009-04-10 23:31 -------- d-----w c:\program files\VistaExperience.org
2009-04-10 23:30 . 2009-04-10 23:29 -------- d-----w c:\program files\RocketDock
2009-03-06 11:54 . 2009-03-06 11:54 180224 ----a-w c:\windows\system32\Ncs2Setp.dll
2009-03-04 13:42 . 2009-03-04 13:42 760368 ----a-w c:\windows\system32\ncs2dmix.dll
2009-03-04 13:41 . 2009-03-04 13:41 530992 ----a-w c:\windows\system32\accesor.dll
2009-03-04 13:26 . 2009-03-04 13:26 141872 ----a-w c:\windows\system32\ncs2instutility.dll
2009-03-04 13:17 . 2009-03-04 13:17 1522224 ----a-w c:\windows\system32\ncscolib.dll
2006-05-03 10:06 . 2009-04-15 08:16 163328 --sh--r c:\windows\system32\flvDX.dll
2007-02-21 11:47 . 2009-04-15 08:16 31744 --sh--r c:\windows\system32\msfDX.dll
.

------- Sigcheck -------

[-] 2008-05-08 12:22 724480 DB3AB42404D66860A4C4E9ED8530D0FD c:\windows\system32\user32.dll

[-] 2008-05-08 12:22 568320 AE0D48AF37F5A48156D4A6BAE07C9121 c:\windows\system32\winlogon.exe

[-] 2008-05-15 17:53 2395136 A37C1B89E3446B9E3CBB4FE260FE52B9 c:\windows\system32\ntkrnlpa.exe

[-] 2008-05-08 12:18 2516480 3C3BC824F70B00CB9507E8F3FD0D0A46 c:\windows\system32\ntoskrnl.exe

[-] 2007-10-29 09:53 1916416 D84567752FB42D8DC55CFB85FE0EDECE c:\windows\explorer.exe

[-] 2008-05-08 12:13 40960 58DB2EE838D5B7BAD0F7F10A6C920390 c:\windows\system32\ctfmon.exe

[-] 2008-05-15 17:53 1571840 A5780186A76EABA3E656E63B41862997 c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{f592709f-ff4a-4862-b659-4afabda56312}"= "c:\program files\Mininova\tbMini.dll" [2009-05-06 2093080]

[HKEY_CLASSES_ROOT\clsid\{f592709f-ff4a-4862-b659-4afabda56312}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A1FB2F9A-D35E-11DD-8935-E46A56D89593}]
2009-03-16 13:53 87512 ----a-w c:\program files\oovootb\dtx.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f592709f-ff4a-4862-b659-4afabda56312}]
2009-05-06 14:27 2093080 ----a-w c:\program files\Mininova\tbMini.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{f592709f-ff4a-4862-b659-4afabda56312}"= "c:\program files\Mininova\tbMini.dll" [2009-05-06 2093080]
"{A1FB2F9A-D35E-11DD-8935-E46A56D89593}"= "c:\program files\oovootb\dtx.dll" [2009-03-16 87512]

[HKEY_CLASSES_ROOT\clsid\{f592709f-ff4a-4862-b659-4afabda56312}]

[HKEY_CLASSES_ROOT\clsid\{a1fb2f9a-d35e-11dd-8935-e46a56d89593}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{F592709F-FF4A-4862-B659-4AFABDA56312}"= "c:\program files\Mininova\tbMini.dll" [2009-05-06 2093080]

[HKEY_CLASSES_ROOT\clsid\{f592709f-ff4a-4862-b659-4afabda56312}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 569344]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-05-02 1276416]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-05-08 40960]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-09-03 94208]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-03-18 4441328]
"Chatango"="c:\program files\Chatango\Chatango.exe" [2008-02-05 425984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VistaDrive"="c:\windows\VistaDrive\VistaDrive.exe" [2006-10-05 354507]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 108400]
"Agent"="c:\program files\CyberLink\PowerVCRII\Agent.exe" [2001-03-07 172032]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 225280]
"diagnostics"="C:\Program Files/Thomson SpeedTouch/ST330/diagnostics/diagnostics.exe" [2009-04-29 634973]
"FixCamera"="c:\windows\FixCamera.exe" [2007-02-12 20480]
"tsnp2std"="c:\windows\tsnp2std.exe" [2006-11-29 327680]
"snp2std"="c:\windows\vsnp2std.exe" [2006-09-15 745472]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-11 230808]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-12-12 221184]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-12-12 245760]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-12-12 225280]
"SigmatelSysTrayApp"="sttray.exe" - c:\windows\sttray.exe [2006-05-26 356352]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 569344]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2008-03-01 124928]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2009-4-29 1275472]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"DisablePagingExecutive"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"d:\\L O G I C I E L S\\MODEM . SpeedTouch\\ST330v4005 (F)\\STHIW\\stInstall.exe"=
"c:\\Program Files\\Thomson SpeedTouch\\ST330\\service\\st330service.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\tkontrole-client\\tkontrole-client.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Free Music Zilla\\FMZilla.exe"=
"c:\\Program Files\\wLite\\wLite.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\vdp\\vdp.exe"=
"c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe"=
"c:\\Program Files\\CyberLink\\PowerVCRII\\Agent.exe"=
"c:\\Program Files\\Thomson SpeedTouch\\ST330\\diagnostics\\diagnostics.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\ymsgr_tray.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 7.0.1.325\\French\\setup.exe"=
"c:\\WINDOWS\\sttray.exe"=
"c:\\WINDOWS\\VistaDrive\\VistaDrive.exe"=
"c:\\Program Files\\RocketDock\\RocketDock.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\jusched.exe"=
"c:\\Program Files\\Windows Live\\Toolbar\\wltuser.exe"=
"c:\\Program Files\\TVApp\\TVPro\\Remote.exe"=
"c:\\Program Files\\CCleaner\\CCleaner.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"443:TCP"= 443:TCP:TCP port 443 ooVoo
"443:UDP"= 443:UDP:UDP port 443 ooVoo
"37674:TCP"= 37674:TCP:TCP port 37674 ooVoo
"37674:UDP"= 37674:UDP:UDP port 37674 ooVoo
"37675:UDP"= 37675:UDP:UDP port 37675 ooVoo

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17:29 VALR 32784]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [29/04/2009 14:40 VALR 55152]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [14/01/2009 17:53 VALR 226656]
R3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\nkrsig.sys --> c:\windows\system32\drivers\nkrsig.sys [?]
R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [29/04/2009 10:58 VALR 104344]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 17:06 VALR 24592]
S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [29/04/2009 10:58 VALR 69656]
S3 AVPsys;AVPsys;\??\c:\windows\system32\drivers\cdaudio.sys --> c:\windows\system32\drivers\cdaudio.sys [?]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 VALR 533360]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [21/04/2009 15:36 VALR 285864]
S3 ST330;ST330;c:\windows\system32\drivers\st330.sys [11/04/2009 03:16 VALR 30464]
S3 STBUS;STBUS;c:\windows\system32\drivers\stbus.sys [11/04/2009 03:16 VALR 12672]
S3 STETH;SpeedTouch Ethernet Adapter NT Driver;c:\windows\system32\drivers\steth.sys [17/04/2009 01:42 VALR 40320]
S3 stppp;Speedtouch PPP Adapter Adapter;c:\windows\system32\drivers\stppp.sys [11/04/2009 03:16 VALR 32000]
S3 TVProDrv;TVProDrv;c:\progra~1\TVApp\TVPro\TVProDrv.sys [11/05/2009 06:43 VALR 8272]
S3 ZSMC302;VIMICRO USB PC Camera;c:\windows\system32\drivers\usbVM31b.sys [29/08/2008 11:50 VALR 90568]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - HELPSVC

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register
.
Contenu du dossier 'Tâches planifiées'

2009-05-18 c:\windows\Tasks\Defraggler Volume C Task.job
- c:\program files\Defraggler\df.exe [2009-04-13 14:17]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-VisualTaskTip - \Program Files\VisualTaskTips\VisualTaskTips.exe
HKLM-Run-NWEReboot - (no file)
HKU-Default-Run-VisualTaskTip - \Program Files\VisualTaskTips\VisualTaskTips.exe


.
------- Examen supplémentaire -------
.
uSearchURL,(Default) = hxxp://www.google.fr/keyword/%s
IE: Ajouter à Kaspersky Anti-Bannière - c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
IE: Download with Star Downloader - c:\program files\Star Downloader\sdie.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: secuser.com\www
TCP: {37C45BC8-6818-4EA3-9F14-B9E2C05AB79F} = 213.136.96.2 213.136.96.37
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-18 12:29
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\st330service]
"ImagePath"="C:\Program Files/Thomson SpeedTouch/ST330/service/st330service.exe -service"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(1032)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'lsass.exe'(1096)
c:\windows\system32\setupapi.dll
c:\windows\system32\scecli.dll

- - - - - - - > 'explorer.exe'(2832)
c:\windows\system32\SHDOCVW.dll
c:\program files\RocketDock\RocketDock.dll
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\msi.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Thomson SpeedTouch\ST330\service\st330service.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\SigmaTel\C-Major Audio\WDM\stacsv.exe
c:\program files\Thomson SpeedTouch\ST330\diagnostics\diagnostics.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Yahoo!\Messenger\Ymsgr_tray.exe
.
**************************************************************************
.
Heure de fin: 2009-05-18 12:32 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-05-18 10:32

Avant-CF: 22 235 721 728 octets libres
Après-CF: 22 173 798 400 octets libres

412