spy.Win32@mx+Rootkit lzx32.sys(pe386)
Dernière réponse : dans Sécurité
Bonsoir à tous et joyeux noël. Pour les quelques courageux qui seraient devant leur PC à cette heure, voici mon problème... Après avoir télécharger un fichier sur la Mule, j'ai inintentionnellement appuyé sur ENTRER avant de vérifier ce fichier... Résultat, un beau virus qui m'offre pour Noel des écrans bleus entrainants des reboot de win XP Pro avec comme erreur un certain System32:lzx32.sys
Bref, dès que j'ai vu ma bourde, Gestionnaire de Taches, j'ai killé tous les processus suspects, supprimés les fichiers bizarres situés dans C:\.
J'ai trouvé sur les forums de http://forum.telecharger.01net.com/telecharger/securite_virus_et_assimiles/trojan_et_spywares/trojan-spywin32amxrootkit_lzx32syspe386resolu-410119/messages-1.html01Net![:lol:]( ":lol:")
ce problème résolu, mais je préféré IDN donc je poste ici ![:pt1cable:]( ":pt1cable:")
Voici mon Log Hijack This:
Logfile of HijackThis v1.99.1
Scan saved at 13:16:55, on 24/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\USB SBAudigy2 NX\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\USB SBAudigy2 NX\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [SbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [CanalPlayer] C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [System] C:\WINDOWS\system32\kernels1118.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll
O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - D:\Video\Common\Database\bin\fbserver.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Service Norton Protection Center (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Puis mon log ComboFix:
Administrateur - 06-12-24 13:19:56,39 Service Pack 2
ComboFix 06.11.27 - Running from: "C:\Program Files\Mozilla Firefox"
((((((((((((((((((((((((((((((( Files Created from 2006-11-24 to 2006-12-24 ))))))))))))))))))))))))))))))))))
2006-12-24 13:04 218,112 --a------ C:\HijackThis.exe
2006-12-24 12:44 <REP> d--hs---- C:\WINDOWS\CSC
2006-12-24 12:44 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Mozilla
2006-12-24 00:59 3,648 --a------ C:\WINDOWS\system32\kernels1118.exe
2006-12-23 23:37 <REP> d-------- C:\Program Files\VisualRoute
2006-12-23 23:13 765,952 --a------ C:\WINDOWS\system32\xvidcore.dll
2006-12-23 23:13 558,592 --a------ C:\WINDOWS\system32\x264vfw.dll
2006-12-23 23:13 5,120 --a------ C:\WINDOWS\system32\ff_vfw.dll
2006-12-23 23:13 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2006-12-23 23:13 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2006-12-23 23:13 144,384 --a------ C:\WINDOWS\system32\Iacenc.dll
2006-12-23 23:13 1,415,680 --a------ C:\WINDOWS\system32\WMV9VCM.dll
2006-12-23 23:13 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2006-12-23 22:06 <REP> d-------- C:\Program Files\MSBuild
2006-12-23 22:03 <REP> d-------- C:\WINDOWS\system32\XPSViewer
2006-12-23 22:03 <REP> d-------- C:\WINDOWS\system32\en-us
2006-12-23 22:02 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2006-12-23 22:02 <REP> d-------- C:\Program Files\Reference Assemblies
2006-12-23 20:28 <REP> d-------- C:\Program Files\MSN Messenger
2006-12-23 20:03 <REP> d-------- C:\wmdownloads
2006-12-23 19:08 101,376 --a------ C:\WINDOWS\system32\drivers\ACEDRV07.sys
2006-12-23 19:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MAGIX
2006-12-23 18:52 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll
2006-12-23 18:52 309,616 --a------ C:\WINDOWS\system32\wmv8dmod.dll
2006-12-23 18:50 94,208 --a------ C:\WINDOWS\system32\DLLCPY32.dll
2006-12-23 18:50 65,536 --a------ C:\WINDOWS\system32\DLLPTL32.dll
2006-12-23 18:50 61,440 --a------ C:\WINDOWS\system32\DLLCDF32.dll
2006-12-23 18:50 57,344 --a------ C:\WINDOWS\system32\DLLTPO32.dll
2006-12-23 18:50 53,248 --a------ C:\WINDOWS\system32\DLLPRJ32.dll
2006-12-23 18:50 49,152 --a------ C:\WINDOWS\system32\DLLPRF32.dll
2006-12-23 18:50 49,152 --a------ C:\WINDOWS\system32\DLLIO32.dll
2006-12-23 18:50 462,848 --a------ C:\WINDOWS\system32\DLLAV32.dll
2006-12-23 18:50 45,056 --a------ C:\WINDOWS\system32\DLLIMG32.dll
2006-12-23 18:50 430,080 --a------ C:\WINDOWS\system32\MXRestore.exe
2006-12-23 18:50 40,960 --a------ C:\WINDOWS\system32\DLLRD32.dll
2006-12-23 18:50 36,864 --a------ C:\WINDOWS\system32\DLLPNT32.dll
2006-12-23 18:50 32,768 --a------ C:\WINDOWS\system32\STRING32.dll
2006-12-23 18:50 32,768 --a------ C:\WINDOWS\system32\DLLMSC32.dll
2006-12-23 18:50 32,768 --a------ C:\WINDOWS\system32\DLLISO32.dll
2006-12-23 18:50 32,768 --a------ C:\WINDOWS\system32\DLLDIR32.dll
2006-12-23 18:50 24,576 --a------ C:\WINDOWS\system32\TTIC32.dll
2006-12-23 18:50 24,576 --a------ C:\WINDOWS\system32\TTI32.dll
2006-12-23 18:50 24,576 --a------ C:\WINDOWS\system32\DLLIX.dll
2006-12-23 18:50 188,416 --a------ C:\WINDOWS\system32\DLLRES32.dll
2006-12-23 18:50 163,840 --a------ C:\WINDOWS\system32\DLLDEV32.dll
2006-12-23 18:50 151,552 --a------ C:\WINDOWS\system32\DLLDRV32.dll
2006-12-23 18:50 114,688 --a------ C:\WINDOWS\system32\DLLCDA32.dll
2006-12-23 18:49 <REP> d-------- C:\Program Files\Fichiers communs\MAGIX Shared
2006-12-23 18:46 85,504 --a------ C:\WINDOWS\system32\HtmlWH.dll
2006-12-23 18:46 1,089,536 --a------ C:\WINDOWS\system32\ROBOEX32.DLL
2006-12-23 18:43 638,976 --a------ C:\WINDOWS\system32\mgxoschk.dll
2006-12-23 18:43 <REP> d-------- C:\WINDOWS\system32\MAGIX
2006-12-23 18:38 <REP> d-------- C:\WINDOWS\Minidump
2006-12-22 16:15 <REP> d-------- C:\WINDOWS\vbSkinner
2006-12-19 08:22 <REP> d-------- C:\Program Files\TomTom HOME
2006-12-17 16:12 <REP> d-------- C:\Program Files\Fichiers communs\fluxDVD
2006-12-17 16:11 125,760 --a------ C:\WINDOWS\system32\MSWAY.dll
2006-12-17 16:11 <REP> d-------- C:\Program Files\Fichiers communs\mpDRM
2006-12-17 16:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\mpDRM
2006-12-17 15:13 24,816 --a------ C:\WINDOWS\system32\mdimon.dll
2006-12-17 15:12 <REP> d-------- C:\WINDOWS\SHELLNEW
2006-12-17 15:12 <REP> d-------- C:\Program Files\Microsoft.NET
2006-12-17 15:12 <REP> d-------- C:\Program Files\Fichiers communs\DESIGNER
2006-12-17 15:08 <REP> d-------- C:\WINDOWS\system32\appmgmt
2006-12-17 15:03 <REP> d-------- C:\Program Files\PowerISO
2006-12-17 15:02 96,256 --a------ C:\WINDOWS\system32\drivers\sptd4045.sys
2006-12-17 15:02 642,560 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2006-12-16 13:12 <REP> d-------- C:\Program Files\uTorrent
2006-12-14 22:26 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2006-12-14 22:26 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2006-12-14 22:00 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2006-12-14 20:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2006-12-14 07:05 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2006-12-14 07:05 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2006-12-14 07:05 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2006-12-14 07:05 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2006-12-14 07:04 68,888 --a------ C:\WINDOWS\system32\xinput1_3.dll
2006-12-14 07:04 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2006-12-14 07:04 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2006-12-14 07:04 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2006-12-14 07:04 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2006-12-13 18:01 <REP> d-------- C:\WINDOWS\Sun
2006-12-11 22:59 <REP> d-------- C:\WINDOWS\system32\LogFiles
2006-12-11 22:59 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2006-12-11 22:40 <REP> d-------- C:\WINDOWS\WBEM
2006-12-11 22:40 <REP> d-------- C:\WINDOWS\system32\fr-fr
2006-12-11 22:39 <REP> d--h-c--- C:\WINDOWS\ie7
2006-12-11 22:38 121,856 --------- C:\WINDOWS\system32\xmllite.dll
2006-12-11 22:38 <REP> d-------- C:\WINDOWS\network diagnostic
2006-12-11 22:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2006-12-11 19:55 32,768 --a------ C:\WINDOWS\system32\WooDial2000.dll
2006-12-11 19:54 40,960 --a------ C:\WINDOWS\system32\FTRTSVC.exe
2006-12-11 19:54 36,864 --a------ C:\WINDOWS\system32\IfHelper.dll
2006-12-11 19:54 32,768 --a------ C:\WINDOWS\system32\ffJmpWeb.dll
2006-12-11 19:54 <REP> d-------- C:\WINDOWS\system32\AlertModule
2006-12-11 19:54 <REP> d-------- C:\Program Files\Wanadoo Messager
2006-12-11 19:52 <REP> d-------- C:\Program Files\Wanadoo
2006-12-07 18:59 <REP> d-------- C:\Program Files\MSXML 4.0
2006-12-07 11:15 791 --a------ C:\restonav.bat
2006-12-07 09:51 23,040 --------- C:\WINDOWS\kb913800.exe
2006-12-07 09:46 <REP> d-------- C:\WINDOWS\system32\PreInstall
2006-12-07 08:29 <REP> d-------- C:\WINDOWS\system32\SoftwareDistribution
2006-12-06 19:17 626,960 -ra------ C:\WINDOWS\system32\hpvaut32.dll
2006-12-06 19:17 487,424 -ra------ C:\WINDOWS\system32\hpvcp70.dll
2006-12-06 19:17 344,064 -ra------ C:\WINDOWS\system32\hpvcr70.dll
2006-12-04 22:20 <REP> d-------- C:\Program Files\Securitoo
2006-12-04 18:40 <REP> d-------- C:\Program Files\Picasa2
2006-12-04 15:10 <REP> d-------- C:\WINDOWS\pss
2006-12-03 18:22 <REP> d--h----- C:\WINDOWS\PIF
2006-12-02 19:07 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
2006-12-02 19:06 <REP> d-------- C:\Program Files\Real
2006-12-02 19:06 <REP> d-------- C:\Program Files\Fichiers communs\Real
2006-12-02 18:43 <REP> d-------- C:\Program Files\Sunbelt Software
2006-12-02 17:42 676,864 --a------ C:\WINDOWS\system32\drivers\hardlock.sys
2006-12-02 17:42 <REP> d-------- C:\WETOCOM
2006-12-02 17:42 <REP> d-------- C:\HSF
2006-12-02 17:41 99,968 --a------ C:\WINDOWS\system32\drivers\aksusb.sys
2006-12-02 17:41 7,168 --a------ C:\WINDOWS\system32\akscoinst.dll
2006-12-02 17:41 6,656 --a------ C:\WINDOWS\system32\haspvdd.dll
2006-12-02 17:41 47,616 --a------ C:\WINDOWS\system32\drivers\Haspnt.sys
2006-12-02 17:41 383 --a------ C:\WINDOWS\system32\haspdos.sys
2006-12-02 17:41 328,448 --a------ C:\WINDOWS\system32\drivers\akshasp.sys
2006-12-02 17:41 104,448 --a------ C:\WINDOWS\system32\drivers\aksclass.sys
2006-12-02 16:43 <REP> d-------- C:\Program Files\Mozilla Firefox
2006-12-02 16:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google
2006-12-02 16:37 278,528 --a------ C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2006-12-02 16:36 81,920 --a------ C:\WINDOWS\system32\W32N50.dll
2006-12-02 16:36 17,134 --a------ C:\WINDOWS\system32\PCANDIS5.sys
2006-12-02 16:36 <REP> d-------- C:\Program Files\Inventel
2006-12-02 01:39 <REP> d--hs---- C:\RECYCLER
2006-12-02 01:34 <REP> d-------- C:\Program Files\WIDCOMM
2006-12-02 01:21 <REP> d-------- C:\WINDOWS\Prefetch
2006-12-02 01:19 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2006-12-02 01:19 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2006-12-01 23:10 <REP> d-------- C:\Program Files\EasyAction
2006-12-01 23:09 299,008 --a------ C:\WINDOWS\uninst.exe
2006-12-01 23:05 <REP> d-------- C:\Program Files\Mes Jeux T‚l‚charg‚s
2006-12-01 22:52 90,112 --a------ C:\WINDOWS\system32\OpenAL32.dll
2006-12-01 22:52 90,112 --------- C:\WINDOWS\Updreg.EXE
2006-12-01 22:52 892,160 --a------ C:\WINDOWS\system32\drivers\sbusb.sys
2006-12-01 22:52 84,992 --------- C:\WINDOWS\system32\SFCVRT32.DLL
2006-12-01 22:52 82,432 --------- C:\WINDOWS\system32\CTWFLT32.DLL
2006-12-01 22:52 68,608 --a------ C:\WINDOWS\system32\sbusbdll.dll
2006-12-01 22:52 59,392 --a------ C:\WINDOWS\system32\a3d.dll
2006-12-01 22:52 53,552 --------- C:\WINDOWS\CTCCW.DLL
2006-12-01 22:52 49,152 --a------ C:\WINDOWS\system32\INETWH32.DLL
2006-12-01 22:52 40,960 --------- C:\WINDOWS\system32\AC3API.DLL
2006-12-01 22:52 36,864 --a------ C:\WINDOWS\system32\sfman32.dll
2006-12-01 22:52 26,768 --------- C:\WINDOWS\system32\CTL3D.DLL
2006-12-01 22:52 24,976 --------- C:\WINDOWS\CTRES.DLL
2006-12-01 22:52 20,480 --a------ C:\WINDOWS\INRES.DLL
2006-12-01 22:52 190,208 --a------ C:\WINDOWS\system32\drivers\ctoss2k.sys
2006-12-01 22:52 172,032 --a------ C:\WINDOWS\system32\sfms32.dll
2006-12-01 22:52 140,032 --a------ C:\WINDOWS\system32\drivers\ctsfm2k.sys
2006-12-01 22:52 <REP> d-------- C:\WINDOWS\system32\Data
2006-12-01 22:50 65,536 --a------ C:\WINDOWS\system32\CTDetres.dll
2006-12-01 22:49 77,824 --a------ C:\WINDOWS\system32\ctdvda32.dll
2006-12-01 22:49 331,776 --------- C:\WINDOWS\system32\CTMEDENG.DLL
2006-12-01 22:49 312,352 --a------ C:\WINDOWS\system32\drivers\ctdvda2k.sys
2006-12-01 22:49 24,576 --a------ C:\WINDOWS\system32\CTMERes.DLL
2006-12-01 22:40 41,984 --------- C:\WINDOWS\Ctregrun.exe
2006-12-01 22:38 44,032 --------- C:\WINDOWS\system32\CTSVCCDA.EXE
2006-12-01 22:38 25,088 --------- C:\WINDOWS\system32\CTSVCCTL.EXE
2006-12-01 22:38 15,840 --a------ C:\WINDOWS\system32\drivers\PfModNT.sys
2006-12-01 22:30 60,532 --a------ C:\WINDOWS\system32\EBPMON2.DLL
2006-12-01 22:30 169,472 --a------ C:\WINDOWS\system32\EBAPI2.dll
2006-12-01 22:30 <REP> d-------- C:\Program Files\Fichiers communs\EPSON
2006-12-01 22:28 0 -rahs---- C:\MSDOS.SYS
2006-12-01 22:28 0 -rahs---- C:\IO.SYS
2006-12-01 22:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\UDL
2006-12-01 22:19 65,536 --a------ C:\WINDOWS\system32\EPPicMgr.dll
2006-12-01 22:19 483,328 --a------ C:\WINDOWS\system32\PICSDK.dll
2006-12-01 22:19 114,688 --a------ C:\WINDOWS\system32\EpPicPrt.dll
2006-12-01 22:18 79,679 --a------ C:\WINDOWS\system32\E_FLMAKE.DLL
2006-12-01 22:18 64,000 --a------ C:\WINDOWS\system32\E_FBCBAKE.DLL
2006-12-01 22:18 49,152 --a------ C:\WINDOWS\system32\E_DCINST.DLL
2006-12-01 22:18 34,304 --a------ C:\WINDOWS\system32\E_FBCHAKE.DLL
2006-12-01 22:18 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2006-12-01 22:14 <REP> d-------- C:\Program Files\EPSON
2006-12-01 22:08 <REP> d-------- C:\Program Files\Canon
2006-12-01 22:07 <REP> d-------- C:\Program Files\ScanSoft
2006-12-01 22:07 <REP> d-------- C:\Program Files\Fichiers communs\ScanSoft Shared
2006-12-01 22:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SSScanWizard
2006-12-01 22:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
2006-12-01 22:06 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL
2006-12-01 22:06 <REP> d-------- C:\Program Files\ArcSoft
2006-12-01 22:04 69,632 --a------ C:\WINDOWS\system32\CNQU86.DLL
2006-12-01 22:04 69,632 --a------ C:\WINDOWS\system32\CNQA3203.DLL
2006-12-01 22:04 434,176 --a------ C:\WINDOWS\system32\CNQL3203.DLL
2006-12-01 22:04 389,180 --a------ C:\WINDOWS\system32\UCS32P.DLL
2006-12-01 22:04 <REP> d--h----- C:\CanoScan
2006-12-01 22:01 <REP> d-------- C:\Program Files\WinRAR
2006-12-01 21:57 5,504 --------- C:\WINDOWS\system32\drivers\imagedrv.sys
2006-12-01 21:57 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2006-12-01 21:57 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2006-12-01 21:57 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2006-12-01 21:57 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2006-12-01 21:57 125,184 --------- C:\WINDOWS\system32\drivers\imagesrv.sys
2006-12-01 21:57 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2006-12-01 21:57 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2006-12-01 21:57 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
2006-12-01 21:57 <REP> d-------- C:\Program Files\Ahead
2006-12-01 21:54 26,496 --a------ C:\WINDOWS\system32\drivers\USBSTOR.SYS
2006-12-01 21:28 <REP> d-------- C:\Program Files\Creative
2006-12-01 21:27 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2006-12-01 21:27 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2006-12-01 21:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Otto
2006-12-01 20:46 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2006-12-01 20:46 15,360 --a------ C:\WINDOWS\system32\drivers\MPE.sys
2006-12-01 20:46 11,776 --a------ C:\WINDOWS\system32\drivers\BdaSup.sys
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
Rootkit driver pe386 is present. A rootkit scan is required
2006-12-24 12:45 -------- d-------- C:\Documents and Settings\Administrateur\Application Data\Macromedia
2006-12-24 12:33 -------- d-------- C:\Program Files\Fichiers communs\Symantec Shared
2006-12-23 18:49 -------- d-------- C:\Program Files\Fichiers communs
2006-12-21 10:01 -------- d-------- C:\Program Files\Microsoft Works
2006-12-19 08:36 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-12-17 15:13 -------- d-------- C:\Program Files\Fichiers communs\Microsoft Shared
2006-12-17 15:12 -------- d-------- C:\Program Files\Microsoft Office
2006-12-15 11:22 -------- d-------- C:\Program Files\Outlook Express
2006-12-15 11:22 -------- d-------- C:\Program Files\Fichiers communs\System
2006-12-14 22:26 -------- d-------- C:\Program Files\Google
2006-12-11 23:00 -------- d-------- C:\Program Files\Windows Media Player
2006-12-11 23:00 -------- d-------- C:\Program Files\Windows Media Connect 2
2006-12-11 22:42 -------- d-------- C:\Program Files\Internet Explorer
2006-12-11 20:27 48768 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2006-12-11 20:27 110952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2006-12-11 20:27 -------- d-------- C:\Program Files\Symantec
2006-12-11 20:27 -------- d-------- C:\Program Files\Norton Internet Security
2006-12-07 19:01 -------- d-------- C:\Program Files\Messenger
2006-12-06 19:16 -------- d-------- C:\Program Files\HP
2006-12-06 19:16 -------- d-------- C:\Program Files\Hewlett-Packard
2006-12-05 19:46 -------- d-------- C:\Program Files\MSN
2006-12-03 14:57 251 --a------ C:\Program Files\wt3d.ini
2006-12-01 21:20 -------- d-------- C:\Program Files\microsoft frontpage
2006-11-08 06:07 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-11-07 21:03 6049280 --------- C:\WINDOWS\system32\ieframe.dll
2006-11-07 21:03 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll
2006-11-07 21:03 458752 --------- C:\WINDOWS\system32\msfeeds.dll
2006-11-07 21:03 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-11-07 21:03 231424 --a------ C:\WINDOWS\system32\webcheck.dll
2006-11-07 21:03 180736 --------- C:\WINDOWS\system32\ieui.dll
2006-11-07 21:03 156160 --a------ C:\WINDOWS\system32\msls31.dll
2006-11-07 03:27 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-11-07 03:27 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-11-07 03:26 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-11-07 03:26 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-11-07 03:26 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-11-07 03:26 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-11-07 03:26 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-11-07 03:26 123904 --a------ C:\WINDOWS\system32\advpack.dll
2006-11-07 03:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2006-11-04 14:14 1245696 --------- C:\WINDOWS\system32\msxml4.dll
2006-11-03 10:03 8292352 --a------ C:\WINDOWS\system32\wmploc.dll
2006-11-03 09:59 99840 --a------ C:\WINDOWS\system32\wmpshell.dll
2006-11-03 09:58 272384 --a------ C:\WINDOWS\system32\wmerror.dll
2006-11-03 09:56 7680 --a------ C:\WINDOWS\system32\asferror.dll
2006-11-02 11:52 44032 --------- C:\WINDOWS\system32\wpdshextres.dll
2006-10-31 05:16 -------- d--h----- C:\Program Files\WindowsUpdate
2006-10-31 05:16 -------- d--h----- C:\Program Files\Uninstall Information
2006-10-31 05:16 -------- d-------- C:\Program Files\xerox
2006-10-31 05:16 -------- d-------- C:\Program Files\Windows Plus
2006-10-31 05:16 -------- d-------- C:\Program Files\Windows NT
2006-10-31 05:16 -------- d-------- C:\Program Files\Sonic
2006-10-31 05:16 -------- d-------- C:\Program Files\Online Services
2006-10-31 05:16 -------- d-------- C:\Program Files\NetMeeting
2006-10-31 05:16 -------- d-------- C:\Program Files\MSN Gaming Zone
2006-10-31 05:16 -------- d-------- C:\Program Files\Movie Maker
2006-10-31 05:16 -------- d-------- C:\Program Files\Java
2006-10-31 05:16 -------- d-------- C:\Program Files\Fichiers communs\TiVo Shared
2006-10-31 05:16 -------- d-------- C:\Program Files\Fichiers communs\SureThing Shared
2006-10-31 05:16 -------- d-------- C:\Program Files\Fichiers communs\SpeechEngines
2006-10-31 05:16 -------- d-------- C:\Program Files\Fichiers communs\Sonic Shared
2006-10-31 05:16 -------- d-------- C:\Program Files\Fichiers communs\Services
2006-10-31 05:16 -------- d-------- C:\Program Files\Fichiers communs\ODBC
2006-10-31 05:16 -------- d-------- C:\Program Files\Fichiers communs\MSSoap
2006-10-31 05:16 -------- d-------- C:\Program Files\Fichiers communs\Java
2006-10-31 05:16 -------- d-------- C:\Program Files\Fichiers communs\HP
2006-10-31 05:16 -------- d-------- C:\Documents and Settings\Administrateur\Application Data\Identities
2006-10-30 21:08 -------- d-------- C:\Program Files\Fichiers communs\LightScribe
2006-10-30 20:57 -------- d-------- C:\Program Files\NetWaiting
2006-10-30 20:57 -------- d-------- C:\Program Files\Conexant
2006-10-30 20:56 -------- d-------- C:\Program Files\Services en ligne
2006-10-30 20:51 -------- d-------- C:\Program Files\Fichiers communs\Adobe
2006-10-30 20:50 -------- d-------- C:\Program Files\Adobe
2006-10-30 20:48 -------- d-------- C:\Program Files\Synaptics
2006-10-30 20:44 -------- d-------- C:\Program Files\GemMasterFrench
2006-10-30 20:44 -------- d-------- C:\Program Files\FrenchOtto
2006-10-30 20:42 -------- d---s---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2006-10-30 20:40 -------- d-------- C:\Program Files\HPQ
2006-10-30 20:39 -------- d-------- C:\Program Files\Fichiers communs\InstallShield
2006-10-30 20:37 -------- d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec
2006-10-30 20:32 10344 --a------ C:\WINDOWS\system32\drivers\symlcbrd.sys
2006-10-30 03:33 9480 --a------ C:\WINDOWS\system32\icardres.dll
2006-10-30 03:33 83968 --a------ C:\WINDOWS\system32\infocardapi.dll
2006-10-30 03:33 556296 --a------ C:\WINDOWS\system32\icardagt.exe
2006-10-24 12:30 716288 --------- C:\WINDOWS\system32\WindowsCodecs.dll
2006-10-24 12:30 412160 --------- C:\WINDOWS\system32\photometadatahandler.dll
2006-10-24 12:30 276992 --------- C:\WINDOWS\system32\WMPhoto.dll
2006-10-24 12:29 352256 --------- C:\WINDOWS\system32\WindowsCodecsExt.dll
2006-10-20 21:30 769312 --a------ C:\WINDOWS\system32\PresentationNative_v0300.dll
2006-10-20 21:30 478496 --a------ C:\WINDOWS\system32\evr.dll
2006-10-20 21:30 1980704 --a------ C:\WINDOWS\system32\milcore.dll
2006-10-20 21:29 69408 --a------ C:\WINDOWS\system32\dxva2.dll
2006-10-20 21:29 344352 --a------ C:\WINDOWS\system32\PresentationHost.exe
2006-10-20 21:29 20768 --a------ C:\WINDOWS\system32\PresentationHostProxy.dll
2006-10-20 21:29 159008 --a------ C:\WINDOWS\system32\UIAutomationCore.dll
2006-10-20 21:29 104224 --a------ C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2006-10-20 02:38 716800 --a------ C:\WINDOWS\system32\sxs.dll
2006-10-18 21:58 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe
2006-10-18 21:58 8704 --a------ C:\WINDOWS\system32\uwdf.exe
2006-10-18 21:47 991744 --a------ C:\WINDOWS\system32\drmv2clt.dll
2006-10-18 21:47 937984 --a------ C:\WINDOWS\system32\WMNetMgr.dll
2006-10-18 21:47 767488 --------- C:\WINDOWS\system32\WMVSENCD.dll
2006-10-18 21:47 757248 --a------ C:\WINDOWS\system32\WMADMOD.dll
2006-10-18 21:47 656896 --------- C:\WINDOWS\system32\WMVXENCD.dll
2006-10-18 21:47 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll
2006-10-18 21:47 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll
2006-10-18 21:47 613376 --------- C:\WINDOWS\system32\wmpmde.dll
2006-10-18 21:47 603648 --a------ C:\WINDOWS\system32\WMSPDMOD.dll
2006-10-18 21:47 542720 --a------ C:\WINDOWS\system32\blackbox.dll
2006-10-18 21:47 535040 --a------ C:\WINDOWS\system32\wmdrmsdk.dll
2006-10-18 21:47 429056 --a------ C:\WINDOWS\system32\wmdrmdev.dll
2006-10-18 21:47 414208 --a------ C:\WINDOWS\system32\msscp.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\WMVADVE.DLL
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\WMVADVD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wdfapi.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MPG4DMOD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MP4SDMOD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MP43DMOD.dll
2006-10-18 21:47 37376 --a------ C:\WINDOWS\system32\wmdmps.dll
2006-10-18 21:47 35840 --a------ C:\WINDOWS\system32\wpdconns.dll
2006-10-18 21:47 356352 --a------ C:\WINDOWS\system32\wpdsp.dll
2006-10-18 21:47 348672 --a------ C:\WINDOWS\system32\wmdrmnet.dll
2006-10-18 21:47 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll
2006-10-18 21:47 321536 --a------ C:\WINDOWS\system32\mswmdm.dll
2006-10-18 21:47 317440 --------- C:\WINDOWS\system32\MP4SDECD.dll
2006-10-18 21:47 314880 --a------ C:\WINDOWS\system32\wmpdxm.dll
2006-10-18 21:47 295936 --------- C:\WINDOWS\system32\wmpeffects.dll
2006-10-18 21:47 284160 --------- C:\WINDOWS\system32\PortableDeviceApi.dll
2006-10-18 21:47 276992 --a------ C:\WINDOWS\system32\audiodev.dll
2006-10-18 21:47 27136 --a------ C:\WINDOWS\system32\mspmsnsv.dll
2006-10-18 21:47 2603008 --------- C:\WINDOWS\system32\WpdShext.dll
2006-10-18 21:47 259072 --------- C:\WINDOWS\system32\MPG4DECD.dll
2006-10-18 21:47 259072 --------- C:\WINDOWS\system32\MP43DECD.dll
2006-10-18 21:47 2450944 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-10-18 21:47 242688 --a------ C:\WINDOWS\system32\wmpasf.dll
2006-10-18 21:47 229376 --a------ C:\WINDOWS\system32\cewmdm.dll
2006-10-18 21:47 222208 --a------ C:\WINDOWS\system32\WMASF.dll
2006-10-18 21:47 212992 --a------ C:\WINDOWS\system32\MFPLAT.dll
2006-10-18 21:47 211456 --a------ C:\WINDOWS\system32\qasf.dll
2006-10-18 21:47 204288 --a------ C:\WINDOWS\system32\wmpsrcwp.dll
2006-10-18 21:47 199168 --------- C:\WINDOWS\system32\PortableDeviceWMDRM.dll
2006-10-18 21:47 179712 --a------ C:\WINDOWS\system32\msnetobj.dll
2006-10-18 21:47 175616 --a------ C:\WINDOWS\system32\mspmsp.dll
2006-10-18 21:47 166912 --------- C:\WINDOWS\system32\PortableDeviceTypes.dll
2006-10-18 21:47 1661440 --a------ C:\WINDOWS\system32\wmpencen.dll
2006-10-18 21:47 1574912 --------- C:\WINDOWS\system32\WMVENCOD.dll
2006-10-18 21:47 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2006-10-18 21:47 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll
2006-10-18 21:47 1543680 --------- C:\WINDOWS\system32\WMVDECOD.dll
2006-10-18 21:47 1382912 --------- C:\WINDOWS\system32\WMVSDECD.dll
2006-10-18 21:47 133632 --------- C:\WINDOWS\system32\WPDShServiceObj.dll
2006-10-18 21:47 1329152 --a------ C:\WINDOWS\system32\WMSPDMOE.dll
2006-10-18 21:47 132096 --------- C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
2006-10-18 21:47 130048 --------- C:\WINDOWS\system32\wmpps.dll
2006-10-18 21:47 11264 --a------ C:\WINDOWS\system32\LAPRXY.dll
2006-10-18 21:47 1117696 --a------ C:\WINDOWS\system32\WMADMOE.dll
2006-10-18 21:47 101888 --------- C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2006-10-18 20:03 100864 --a------ C:\WINDOWS\system32\logagent.exe
2006-10-18 20:00 249856 --a------ C:\WINDOWS\system32\drmupgds.exe
2006-10-18 20:00 17408 --------- C:\WINDOWS\system32\wpdshextautoplay.exe
2006-10-17 12:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-10-17 12:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe
2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll
2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll
2006-10-17 12:03 17408 --a------ C:\WINDOWS\system32\corpol.dll
2006-10-17 11:58 61952 --------- C:\WINDOWS\system32\icardie.dll
2006-10-17 11:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2006-10-17 11:57 266752 --------- C:\WINDOWS\system32\iertutil.dll
2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-10-17 11:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll
2006-10-16 16:10 23856 --a------ C:\WINDOWS\system32\spupdsvc.exe
2006-10-14 20:22 1698048 --------- C:\WINDOWS\system32\XpsSvcs.dll
2006-10-14 20:21 580352 --------- C:\WINDOWS\system32\XPSSHHDR.dll
2006-10-14 16:43 124416 --------- C:\WINDOWS\system32\prntvpt.dll
2006-10-13 13:36 65536 --a------ C:\WINDOWS\system32\nwwks.dll
2006-10-13 13:36 64000 --a------ C:\WINDOWS\system32\nwapi32.dll
2006-10-13 13:36 145920 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-09 16:15 1669632 --a------ C:\WINDOWS\system32\msvidctl.dll
2006-10-09 16:12 456192 --a------ C:\WINDOWS\system32\encdec.dll
2006-10-09 16:12 291840 --a------ C:\WINDOWS\system32\sbe.dll
2006-10-09 16:12 235008 --a------ C:\WINDOWS\system32\psisdecd.dll
2006-10-02 15:28 312128 --------- C:\WINDOWS\system32\msdelta.dll
2006-09-28 20:23 561152 --a------ C:\WINDOWS\system32\NETw3c32.dll
2006-09-28 20:23 53248 --a------ C:\WINDOWS\iwlandrvxpver.dll
2006-09-28 20:23 2732032 --a------ C:\WINDOWS\system32\NETw3r32.dll
2006-09-28 20:13 95344 --------- C:\WINDOWS\system32\WUDFCoinstaller.dll
2006-09-28 18:56 55808 --------- C:\WINDOWS\system32\WudfSvc.dll
2006-09-28 18:56 316416 --------- C:\WINDOWS\system32\WUDFx.dll
2006-09-28 18:56 165376 --------- C:\WINDOWS\system32\WudfPlatform.dll
2006-09-28 18:56 146432 --------- C:\WINDOWS\system32\WudfHost.exe
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
"hpWirelessAssistant"="C:\\Program Files\\hpq\\HP Wireless Assistant\\HP Wireless Assistant.exe"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"nwiz"="nwiz.exe /installquiet /nodetect"
"MsmqIntCert"="regsvr32 /s mqrt.dll"
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe"
"ccApp"="\"c:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\""
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"QPService"="\"C:\\Program Files\\HP\\QuickPlay\\QPService.exe\""
"HP Software Update"="C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe"
"QlbCtrl"=hex(2):25,50,72,6f,67,72,61,6d,46,69,6c,65,73,25,5c,48,65,77,6c,65,\
74,74,2d,50,61,63,6b,61,72,64,5c,48,50,20,51,75,69,63,6b,20,4c,61,75,6e,63,\
68,20,42,75,74,74,6f,6e,73,5c,51,6c,62,43,74,72,6c,2e,65,78,65,20,2f,53,74,\
61,72,74,00
"Cpqset"="C:\\Program Files\\Hewlett-Packard\\Default Settings\\cpqset.exe"
"RecGuard"="C:\\Windows\\SMINST\\RecGuard.exe"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"OpwareSE2"="\"C:\\Program Files\\ScanSoft\\OmniPageSE2.0\\OpwareSE2.exe\""
"RemoteCenter"=""
"CTDVDDet"="C:\\Program Files\\Creative\\USB SBAudigy2 NX\\DVDAudio\\CTDVDDet.EXE"
"CTSysVol"="C:\\Program Files\\Creative\\USB SBAudigy2 NX\\Surround Mixer\\CTSysVol.exe /r"
"SbUsb AudCtrl"="RunDll32 sbusbdll.dll,RCMonitor"
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"HP Component Manager"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb10.exe"
"WOOWATCH"="C:\\PROGRA~1\\Wanadoo\\Watch.exe"
"WOOTASKBARICON"="C:\\PROGRA~1\\Wanadoo\\GestMaj.exe TaskBarIcon.exe"
"PWRISOVM.EXE"="C:\\Program Files\\PowerISO\\PWRISOVM.EXE"
"CanalPlayer"="C:\\Program Files\\Lecteur CANALPLAY\\CanalPlayer.exe"
"EoEngine"=""
"EoNet"=""
"TomTomHOME.exe"="\"C:\\Program Files\\TomTom HOME\\TomTomHOME.exe\" -s"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,3a,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Connexion facile … Internet.job
C:\WINDOWS\tasks\Norton AntiVirus - Effectuer une analyse complŠte du systŠme - Gilles.job
Completion time: 06-12-24 13:20:43.40
C:\ComboFix.txt ... 06-12-24 13:20
.........
Merci de votre aide !
Bref, dès que j'ai vu ma bourde, Gestionnaire de Taches, j'ai killé tous les processus suspects, supprimés les fichiers bizarres situés dans C:\.
J'ai trouvé sur les forums de http://forum.telecharger.01net.com/telecharger/securite_virus_et_assimiles/trojan_et_spywares/trojan-spywin32amxrootkit_lzx32syspe386resolu-410119/messages-1.html01Net
ce problème résolu, mais je préféré IDN donc je poste ici 
Voici mon Log Hijack This:
Logfile of HijackThis v1.99.1
Scan saved at 13:16:55, on 24/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\USB SBAudigy2 NX\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\USB SBAudigy2 NX\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [SbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [CanalPlayer] C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [System] C:\WINDOWS\system32\kernels1118.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll
O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - D:\Video\Common\Database\bin\fbserver.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Service Norton Protection Center (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Puis mon log ComboFix:
Administrateur - 06-12-24 13:19:56,39 Service Pack 2
ComboFix 06.11.27 - Running from: "C:\Program Files\Mozilla Firefox"
((((((((((((((((((((((((((((((( Files Created from 2006-11-24 to 2006-12-24 ))))))))))))))))))))))))))))))))))
2006-12-24 13:04 218,112 --a------ C:\HijackThis.exe
2006-12-24 12:44 <REP> d--hs---- C:\WINDOWS\CSC
2006-12-24 12:44 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Mozilla
2006-12-24 00:59 3,648 --a------ C:\WINDOWS\system32\kernels1118.exe
2006-12-23 23:37 <REP> d-------- C:\Program Files\VisualRoute
2006-12-23 23:13 765,952 --a------ C:\WINDOWS\system32\xvidcore.dll
2006-12-23 23:13 558,592 --a------ C:\WINDOWS\system32\x264vfw.dll
2006-12-23 23:13 5,120 --a------ C:\WINDOWS\system32\ff_vfw.dll
2006-12-23 23:13 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2006-12-23 23:13 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2006-12-23 23:13 144,384 --a------ C:\WINDOWS\system32\Iacenc.dll
2006-12-23 23:13 1,415,680 --a------ C:\WINDOWS\system32\WMV9VCM.dll
2006-12-23 23:13 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2006-12-23 22:06 <REP> d-------- C:\Program Files\MSBuild
2006-12-23 22:03 <REP> d-------- C:\WINDOWS\system32\XPSViewer
2006-12-23 22:03 <REP> d-------- C:\WINDOWS\system32\en-us
2006-12-23 22:02 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2006-12-23 22:02 <REP> d-------- C:\Program Files\Reference Assemblies
2006-12-23 20:28 <REP> d-------- C:\Program Files\MSN Messenger
2006-12-23 20:03 <REP> d-------- C:\wmdownloads
2006-12-23 19:08 101,376 --a------ C:\WINDOWS\system32\drivers\ACEDRV07.sys
2006-12-23 19:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MAGIX
2006-12-23 18:52 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll
2006-12-23 18:52 309,616 --a------ C:\WINDOWS\system32\wmv8dmod.dll
2006-12-23 18:50 94,208 --a------ C:\WINDOWS\system32\DLLCPY32.dll
2006-12-23 18:50 65,536 --a------ C:\WINDOWS\system32\DLLPTL32.dll
2006-12-23 18:50 61,440 --a------ C:\WINDOWS\system32\DLLCDF32.dll
2006-12-23 18:50 57,344 --a------ C:\WINDOWS\system32\DLLTPO32.dll
2006-12-23 18:50 53,248 --a------ C:\WINDOWS\system32\DLLPRJ32.dll
2006-12-23 18:50 49,152 --a------ C:\WINDOWS\system32\DLLPRF32.dll
2006-12-23 18:50 49,152 --a------ C:\WINDOWS\system32\DLLIO32.dll
2006-12-23 18:50 462,848 --a------ C:\WINDOWS\system32\DLLAV32.dll
2006-12-23 18:50 45,056 --a------ C:\WINDOWS\system32\DLLIMG32.dll
2006-12-23 18:50 430,080 --a------ C:\WINDOWS\system32\MXRestore.exe
2006-12-23 18:50 40,960 --a------ C:\WINDOWS\system32\DLLRD32.dll
2006-12-23 18:50 36,864 --a------ C:\WINDOWS\system32\DLLPNT32.dll
2006-12-23 18:50 32,768 --a------ C:\WINDOWS\system32\STRING32.dll
2006-12-23 18:50 32,768 --a------ C:\WINDOWS\system32\DLLMSC32.dll
2006-12-23 18:50 32,768 --a------ C:\WINDOWS\system32\DLLISO32.dll
2006-12-23 18:50 32,768 --a------ C:\WINDOWS\system32\DLLDIR32.dll
2006-12-23 18:50 24,576 --a------ C:\WINDOWS\system32\TTIC32.dll
2006-12-23 18:50 24,576 --a------ C:\WINDOWS\system32\TTI32.dll
2006-12-23 18:50 24,576 --a------ C:\WINDOWS\system32\DLLIX.dll
2006-12-23 18:50 188,416 --a------ C:\WINDOWS\system32\DLLRES32.dll
2006-12-23 18:50 163,840 --a------ C:\WINDOWS\system32\DLLDEV32.dll
2006-12-23 18:50 151,552 --a------ C:\WINDOWS\system32\DLLDRV32.dll
2006-12-23 18:50 114,688 --a------ C:\WINDOWS\system32\DLLCDA32.dll
2006-12-23 18:49 <REP> d-------- C:\Program Files\Fichiers communs\MAGIX Shared
2006-12-23 18:46 85,504 --a------ C:\WINDOWS\system32\HtmlWH.dll
2006-12-23 18:46 1,089,536 --a------ C:\WINDOWS\system32\ROBOEX32.DLL
2006-12-23 18:43 638,976 --a------ C:\WINDOWS\system32\mgxoschk.dll
2006-12-23 18:43 <REP> d-------- C:\WINDOWS\system32\MAGIX
2006-12-23 18:38 <REP> d-------- C:\WINDOWS\Minidump
2006-12-22 16:15 <REP> d-------- C:\WINDOWS\vbSkinner
2006-12-19 08:22 <REP> d-------- C:\Program Files\TomTom HOME
2006-12-17 16:12 <REP> d-------- C:\Program Files\Fichiers communs\fluxDVD
2006-12-17 16:11 125,760 --a------ C:\WINDOWS\system32\MSWAY.dll
2006-12-17 16:11 <REP> d-------- C:\Program Files\Fichiers communs\mpDRM
2006-12-17 16:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\mpDRM
2006-12-17 15:13 24,816 --a------ C:\WINDOWS\system32\mdimon.dll
2006-12-17 15:12 <REP> d-------- C:\WINDOWS\SHELLNEW
2006-12-17 15:12 <REP> d-------- C:\Program Files\Microsoft.NET
2006-12-17 15:12 <REP> d-------- C:\Program Files\Fichiers communs\DESIGNER
2006-12-17 15:08 <REP> d-------- C:\WINDOWS\system32\appmgmt
2006-12-17 15:03 <REP> d-------- C:\Program Files\PowerISO
2006-12-17 15:02 96,256 --a------ C:\WINDOWS\system32\drivers\sptd4045.sys
2006-12-17 15:02 642,560 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2006-12-16 13:12 <REP> d-------- C:\Program Files\uTorrent
2006-12-14 22:26 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2006-12-14 22:26 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2006-12-14 22:00 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2006-12-14 20:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2006-12-14 07:05 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2006-12-14 07:05 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2006-12-14 07:05 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2006-12-14 07:05 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2006-12-14 07:04 68,888 --a------ C:\WINDOWS\system32\xinput1_3.dll
2006-12-14 07:04 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2006-12-14 07:04 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2006-12-14 07:04 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2006-12-14 07:04 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2006-12-13 18:01 <REP> d-------- C:\WINDOWS\Sun
2006-12-11 22:59 <REP> d-------- C:\WINDOWS\system32\LogFiles
2006-12-11 22:59 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2006-12-11 22:40 <REP> d-------- C:\WINDOWS\WBEM
2006-12-11 22:40 <REP> d-------- C:\WINDOWS\system32\fr-fr
2006-12-11 22:39 <REP> d--h-c--- C:\WINDOWS\ie7
2006-12-11 22:38 121,856 --------- C:\WINDOWS\system32\xmllite.dll
2006-12-11 22:38 <REP> d-------- C:\WINDOWS\network diagnostic
2006-12-11 22:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2006-12-11 19:55 32,768 --a------ C:\WINDOWS\system32\WooDial2000.dll
2006-12-11 19:54 40,960 --a------ C:\WINDOWS\system32\FTRTSVC.exe
2006-12-11 19:54 36,864 --a------ C:\WINDOWS\system32\IfHelper.dll
2006-12-11 19:54 32,768 --a------ C:\WINDOWS\system32\ffJmpWeb.dll
2006-12-11 19:54 <REP> d-------- C:\WINDOWS\system32\AlertModule
2006-12-11 19:54 <REP> d-------- C:\Program Files\Wanadoo Messager
2006-12-11 19:52 <REP> d-------- C:\Program Files\Wanadoo
2006-12-07 18:59 <REP> d-------- C:\Program Files\MSXML 4.0
2006-12-07 11:15 791 --a------ C:\restonav.bat
2006-12-07 09:51 23,040 --------- C:\WINDOWS\kb913800.exe
2006-12-07 09:46 <REP> d-------- C:\WINDOWS\system32\PreInstall
2006-12-07 08:29 <REP> d-------- C:\WINDOWS\system32\SoftwareDistribution
2006-12-06 19:17 626,960 -ra------ C:\WINDOWS\system32\hpvaut32.dll
2006-12-06 19:17 487,424 -ra------ C:\WINDOWS\system32\hpvcp70.dll
2006-12-06 19:17 344,064 -ra------ C:\WINDOWS\system32\hpvcr70.dll
2006-12-04 22:20 <REP> d-------- C:\Program Files\Securitoo
2006-12-04 18:40 <REP> d-------- C:\Program Files\Picasa2
2006-12-04 15:10 <REP> d-------- C:\WINDOWS\pss
2006-12-03 18:22 <REP> d--h----- C:\WINDOWS\PIF
2006-12-02 19:07 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
2006-12-02 19:06 <REP> d-------- C:\Program Files\Real
2006-12-02 19:06 <REP> d-------- C:\Program Files\Fichiers communs\Real
2006-12-02 18:43 <REP> d-------- C:\Program Files\Sunbelt Software
2006-12-02 17:42 676,864 --a------ C:\WINDOWS\system32\drivers\hardlock.sys
2006-12-02 17:42 <REP> d-------- C:\WETOCOM
2006-12-02 17:42 <REP> d-------- C:\HSF
2006-12-02 17:41 99,968 --a------ C:\WINDOWS\system32\drivers\aksusb.sys
2006-12-02 17:41 7,168 --a------ C:\WINDOWS\system32\akscoinst.dll
2006-12-02 17:41 6,656 --a------ C:\WINDOWS\system32\haspvdd.dll
2006-12-02 17:41 47,616 --a------ C:\WINDOWS\system32\drivers\Haspnt.sys
2006-12-02 17:41 383 --a------ C:\WINDOWS\system32\haspdos.sys
2006-12-02 17:41 328,448 --a------ C:\WINDOWS\system32\drivers\akshasp.sys
2006-12-02 17:41 104,448 --a------ C:\WINDOWS\system32\drivers\aksclass.sys
2006-12-02 16:43 <REP> d-------- C:\Program Files\Mozilla Firefox
2006-12-02 16:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google
2006-12-02 16:37 278,528 --a------ C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2006-12-02 16:36 81,920 --a------ C:\WINDOWS\system32\W32N50.dll
2006-12-02 16:36 17,134 --a------ C:\WINDOWS\system32\PCANDIS5.sys
2006-12-02 16:36 <REP> d-------- C:\Program Files\Inventel
2006-12-02 01:39 <REP> d--hs---- C:\RECYCLER
2006-12-02 01:34 <REP> d-------- C:\Program Files\WIDCOMM
2006-12-02 01:21 <REP> d-------- C:\WINDOWS\Prefetch
2006-12-02 01:19 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2006-12-02 01:19 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2006-12-01 23:10 <REP> d-------- C:\Program Files\EasyAction
2006-12-01 23:09 299,008 --a------ C:\WINDOWS\uninst.exe
2006-12-01 23:05 <REP> d-------- C:\Program Files\Mes Jeux T‚l‚charg‚s
2006-12-01 22:52 90,112 --a------ C:\WINDOWS\system32\OpenAL32.dll
2006-12-01 22:52 90,112 --------- C:\WINDOWS\Updreg.EXE
2006-12-01 22:52 892,160 --a------ C:\WINDOWS\system32\drivers\sbusb.sys
2006-12-01 22:52 84,992 --------- C:\WINDOWS\system32\SFCVRT32.DLL
2006-12-01 22:52 82,432 --------- C:\WINDOWS\system32\CTWFLT32.DLL
2006-12-01 22:52 68,608 --a------ C:\WINDOWS\system32\sbusbdll.dll
2006-12-01 22:52 59,392 --a------ C:\WINDOWS\system32\a3d.dll
2006-12-01 22:52 53,552 --------- C:\WINDOWS\CTCCW.DLL
2006-12-01 22:52 49,152 --a------ C:\WINDOWS\system32\INETWH32.DLL
2006-12-01 22:52 40,960 --------- C:\WINDOWS\system32\AC3API.DLL
2006-12-01 22:52 36,864 --a------ C:\WINDOWS\system32\sfman32.dll
2006-12-01 22:52 26,768 --------- C:\WINDOWS\system32\CTL3D.DLL
2006-12-01 22:52 24,976 --------- C:\WINDOWS\CTRES.DLL
2006-12-01 22:52 20,480 --a------ C:\WINDOWS\INRES.DLL
2006-12-01 22:52 190,208 --a------ C:\WINDOWS\system32\drivers\ctoss2k.sys
2006-12-01 22:52 172,032 --a------ C:\WINDOWS\system32\sfms32.dll
2006-12-01 22:52 140,032 --a------ C:\WINDOWS\system32\drivers\ctsfm2k.sys
2006-12-01 22:52 <REP> d-------- C:\WINDOWS\system32\Data
2006-12-01 22:50 65,536 --a------ C:\WINDOWS\system32\CTDetres.dll
2006-12-01 22:49 77,824 --a------ C:\WINDOWS\system32\ctdvda32.dll
2006-12-01 22:49 331,776 --------- C:\WINDOWS\system32\CTMEDENG.DLL
2006-12-01 22:49 312,352 --a------ C:\WINDOWS\system32\drivers\ctdvda2k.sys
2006-12-01 22:49 24,576 --a------ C:\WINDOWS\system32\CTMERes.DLL
2006-12-01 22:40 41,984 --------- C:\WINDOWS\Ctregrun.exe
2006-12-01 22:38 44,032 --------- C:\WINDOWS\system32\CTSVCCDA.EXE
2006-12-01 22:38 25,088 --------- C:\WINDOWS\system32\CTSVCCTL.EXE
2006-12-01 22:38 15,840 --a------ C:\WINDOWS\system32\drivers\PfModNT.sys
2006-12-01 22:30 60,532 --a------ C:\WINDOWS\system32\EBPMON2.DLL
2006-12-01 22:30 169,472 --a------ C:\WINDOWS\system32\EBAPI2.dll
2006-12-01 22:30 <REP> d-------- C:\Program Files\Fichiers communs\EPSON
2006-12-01 22:28 0 -rahs---- C:\MSDOS.SYS
2006-12-01 22:28 0 -rahs---- C:\IO.SYS
2006-12-01 22:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\UDL
2006-12-01 22:19 65,536 --a------ C:\WINDOWS\system32\EPPicMgr.dll
2006-12-01 22:19 483,328 --a------ C:\WINDOWS\system32\PICSDK.dll
2006-12-01 22:19 114,688 --a------ C:\WINDOWS\system32\EpPicPrt.dll
2006-12-01 22:18 79,679 --a------ C:\WINDOWS\system32\E_FLMAKE.DLL
2006-12-01 22:18 64,000 --a------ C:\WINDOWS\system32\E_FBCBAKE.DLL
2006-12-01 22:18 49,152 --a------ C:\WINDOWS\system32\E_DCINST.DLL
2006-12-01 22:18 34,304 --a------ C:\WINDOWS\system32\E_FBCHAKE.DLL
2006-12-01 22:18 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2006-12-01 22:14 <REP> d-------- C:\Program Files\EPSON
2006-12-01 22:08 <REP> d-------- C:\Program Files\Canon
2006-12-01 22:07 <REP> d-------- C:\Program Files\ScanSoft
2006-12-01 22:07 <REP> d-------- C:\Program Files\Fichiers communs\ScanSoft Shared
2006-12-01 22:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SSScanWizard
2006-12-01 22:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
2006-12-01 22:06 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL
2006-12-01 22:06 <REP> d-------- C:\Program Files\ArcSoft
2006-12-01 22:04 69,632 --a------ C:\WINDOWS\system32\CNQU86.DLL
2006-12-01 22:04 69,632 --a------ C:\WINDOWS\system32\CNQA3203.DLL
2006-12-01 22:04 434,176 --a------ C:\WINDOWS\system32\CNQL3203.DLL
2006-12-01 22:04 389,180 --a------ C:\WINDOWS\system32\UCS32P.DLL
2006-12-01 22:04 <REP> d--h----- C:\CanoScan
2006-12-01 22:01 <REP> d-------- C:\Program Files\WinRAR
2006-12-01 21:57 5,504 --------- C:\WINDOWS\system32\drivers\imagedrv.sys
2006-12-01 21:57 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2006-12-01 21:57 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2006-12-01 21:57 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2006-12-01 21:57 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2006-12-01 21:57 125,184 --------- C:\WINDOWS\system32\drivers\imagesrv.sys
2006-12-01 21:57 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2006-12-01 21:57 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2006-12-01 21:57 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
2006-12-01 21:57 <REP> d-------- C:\Program Files\Ahead
2006-12-01 21:54 26,496 --a------ C:\WINDOWS\system32\drivers\USBSTOR.SYS
2006-12-01 21:28 <REP> d-------- C:\Program Files\Creative
2006-12-01 21:27 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2006-12-01 21:27 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2006-12-01 21:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Otto
2006-12-01 20:46 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2006-12-01 20:46 15,360 --a------ C:\WINDOWS\system32\drivers\MPE.sys
2006-12-01 20:46 11,776 --a------ C:\WINDOWS\system32\drivers\BdaSup.sys
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
Rootkit driver pe386 is present. A rootkit scan is required
2006-12-24 12:45 -------- d-------- C:\Documents and Settings\Administrateur\Application Data\Macromedia
2006-12-24 12:33 -------- d-------- C:\Program Files\Fichiers communs\Symantec Shared
2006-12-23 18:49 -------- d-------- C:\Program Files\Fichiers communs
2006-12-21 10:01 -------- d-------- C:\Program Files\Microsoft Works
2006-12-19 08:36 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-12-17 15:13 -------- d-------- C:\Program Files\Fichiers communs\Microsoft Shared
2006-12-17 15:12 -------- d-------- C:\Program Files\Microsoft Office
2006-12-15 11:22 -------- d-------- C:\Program Files\Outlook Express
2006-12-15 11:22 -------- d-------- C:\Program Files\Fichiers communs\System
2006-12-14 22:26 -------- d-------- C:\Program Files\Google
2006-12-11 23:00 -------- d-------- C:\Program Files\Windows Media Player
2006-12-11 23:00 -------- d-------- C:\Program Files\Windows Media Connect 2
2006-12-11 22:42 -------- d-------- C:\Program Files\Internet Explorer
2006-12-11 20:27 48768 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2006-12-11 20:27 110952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2006-12-11 20:27 -------- d-------- C:\Program Files\Symantec
2006-12-11 20:27 -------- d-------- C:\Program Files\Norton Internet Security
2006-12-07 19:01 -------- d-------- C:\Program Files\Messenger
2006-12-06 19:16 -------- d-------- C:\Program Files\HP
2006-12-06 19:16 -------- d-------- C:\Program Files\Hewlett-Packard
2006-12-05 19:46 -------- d-------- C:\Program Files\MSN
2006-12-03 14:57 251 --a------ C:\Program Files\wt3d.ini
2006-12-01 21:20 -------- d-------- C:\Program Files\microsoft frontpage
2006-11-08 06:07 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-11-07 21:03 6049280 --------- C:\WINDOWS\system32\ieframe.dll
2006-11-07 21:03 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll
2006-11-07 21:03 458752 --------- C:\WINDOWS\system32\msfeeds.dll
2006-11-07 21:03 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-11-07 21:03 231424 --a------ C:\WINDOWS\system32\webcheck.dll
2006-11-07 21:03 180736 --------- C:\WINDOWS\system32\ieui.dll
2006-11-07 21:03 156160 --a------ C:\WINDOWS\system32\msls31.dll
2006-11-07 03:27 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-11-07 03:27 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-11-07 03:26 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-11-07 03:26 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-11-07 03:26 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-11-07 03:26 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-11-07 03:26 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-11-07 03:26 123904 --a------ C:\WINDOWS\system32\advpack.dll
2006-11-07 03:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2006-11-04 14:14 1245696 --------- C:\WINDOWS\system32\msxml4.dll
2006-11-03 10:03 8292352 --a------ C:\WINDOWS\system32\wmploc.dll
2006-11-03 09:59 99840 --a------ C:\WINDOWS\system32\wmpshell.dll
2006-11-03 09:58 272384 --a------ C:\WINDOWS\system32\wmerror.dll
2006-11-03 09:56 7680 --a------ C:\WINDOWS\system32\asferror.dll
2006-11-02 11:52 44032 --------- C:\WINDOWS\system32\wpdshextres.dll
2006-10-31 05:16 -------- d--h----- C:\Program Files\WindowsUpdate
2006-10-31 05:16 -------- d--h----- C:\Program Files\Uninstall Information
2006-10-31 05:16 -------- d-------- C:\Program Files\xerox
2006-10-31 05:16 -------- d-------- C:\Program Files\Windows Plus
2006-10-31 05:16 -------- d-------- C:\Program Files\Windows NT
2006-10-31 05:16 -------- d-------- C:\Program Files\Sonic
2006-10-31 05:16 -------- d-------- C:\Program Files\Online Services
2006-10-31 05:16 -------- d-------- C:\Program Files\NetMeeting
2006-10-31 05:16 -------- d-------- C:\Program Files\MSN Gaming Zone
2006-10-31 05:16 -------- d-------- C:\Program Files\Movie Maker
2006-10-31 05:16 -------- d-------- C:\Program Files\Java
2006-10-31 05:16 -------- d-------- C:\Program Files\Fichiers communs\TiVo Shared
2006-10-31 05:16 -------- d-------- C:\Program Files\Fichiers communs\SureThing Shared
2006-10-31 05:16 -------- d-------- C:\Program Files\Fichiers communs\SpeechEngines
2006-10-31 05:16 -------- d-------- C:\Program Files\Fichiers communs\Sonic Shared
2006-10-31 05:16 -------- d-------- C:\Program Files\Fichiers communs\Services
2006-10-31 05:16 -------- d-------- C:\Program Files\Fichiers communs\ODBC
2006-10-31 05:16 -------- d-------- C:\Program Files\Fichiers communs\MSSoap
2006-10-31 05:16 -------- d-------- C:\Program Files\Fichiers communs\Java
2006-10-31 05:16 -------- d-------- C:\Program Files\Fichiers communs\HP
2006-10-31 05:16 -------- d-------- C:\Documents and Settings\Administrateur\Application Data\Identities
2006-10-30 21:08 -------- d-------- C:\Program Files\Fichiers communs\LightScribe
2006-10-30 20:57 -------- d-------- C:\Program Files\NetWaiting
2006-10-30 20:57 -------- d-------- C:\Program Files\Conexant
2006-10-30 20:56 -------- d-------- C:\Program Files\Services en ligne
2006-10-30 20:51 -------- d-------- C:\Program Files\Fichiers communs\Adobe
2006-10-30 20:50 -------- d-------- C:\Program Files\Adobe
2006-10-30 20:48 -------- d-------- C:\Program Files\Synaptics
2006-10-30 20:44 -------- d-------- C:\Program Files\GemMasterFrench
2006-10-30 20:44 -------- d-------- C:\Program Files\FrenchOtto
2006-10-30 20:42 -------- d---s---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2006-10-30 20:40 -------- d-------- C:\Program Files\HPQ
2006-10-30 20:39 -------- d-------- C:\Program Files\Fichiers communs\InstallShield
2006-10-30 20:37 -------- d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec
2006-10-30 20:32 10344 --a------ C:\WINDOWS\system32\drivers\symlcbrd.sys
2006-10-30 03:33 9480 --a------ C:\WINDOWS\system32\icardres.dll
2006-10-30 03:33 83968 --a------ C:\WINDOWS\system32\infocardapi.dll
2006-10-30 03:33 556296 --a------ C:\WINDOWS\system32\icardagt.exe
2006-10-24 12:30 716288 --------- C:\WINDOWS\system32\WindowsCodecs.dll
2006-10-24 12:30 412160 --------- C:\WINDOWS\system32\photometadatahandler.dll
2006-10-24 12:30 276992 --------- C:\WINDOWS\system32\WMPhoto.dll
2006-10-24 12:29 352256 --------- C:\WINDOWS\system32\WindowsCodecsExt.dll
2006-10-20 21:30 769312 --a------ C:\WINDOWS\system32\PresentationNative_v0300.dll
2006-10-20 21:30 478496 --a------ C:\WINDOWS\system32\evr.dll
2006-10-20 21:30 1980704 --a------ C:\WINDOWS\system32\milcore.dll
2006-10-20 21:29 69408 --a------ C:\WINDOWS\system32\dxva2.dll
2006-10-20 21:29 344352 --a------ C:\WINDOWS\system32\PresentationHost.exe
2006-10-20 21:29 20768 --a------ C:\WINDOWS\system32\PresentationHostProxy.dll
2006-10-20 21:29 159008 --a------ C:\WINDOWS\system32\UIAutomationCore.dll
2006-10-20 21:29 104224 --a------ C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2006-10-20 02:38 716800 --a------ C:\WINDOWS\system32\sxs.dll
2006-10-18 21:58 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe
2006-10-18 21:58 8704 --a------ C:\WINDOWS\system32\uwdf.exe
2006-10-18 21:47 991744 --a------ C:\WINDOWS\system32\drmv2clt.dll
2006-10-18 21:47 937984 --a------ C:\WINDOWS\system32\WMNetMgr.dll
2006-10-18 21:47 767488 --------- C:\WINDOWS\system32\WMVSENCD.dll
2006-10-18 21:47 757248 --a------ C:\WINDOWS\system32\WMADMOD.dll
2006-10-18 21:47 656896 --------- C:\WINDOWS\system32\WMVXENCD.dll
2006-10-18 21:47 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll
2006-10-18 21:47 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll
2006-10-18 21:47 613376 --------- C:\WINDOWS\system32\wmpmde.dll
2006-10-18 21:47 603648 --a------ C:\WINDOWS\system32\WMSPDMOD.dll
2006-10-18 21:47 542720 --a------ C:\WINDOWS\system32\blackbox.dll
2006-10-18 21:47 535040 --a------ C:\WINDOWS\system32\wmdrmsdk.dll
2006-10-18 21:47 429056 --a------ C:\WINDOWS\system32\wmdrmdev.dll
2006-10-18 21:47 414208 --a------ C:\WINDOWS\system32\msscp.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\WMVADVE.DLL
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\WMVADVD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wdfapi.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MPG4DMOD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MP4SDMOD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MP43DMOD.dll
2006-10-18 21:47 37376 --a------ C:\WINDOWS\system32\wmdmps.dll
2006-10-18 21:47 35840 --a------ C:\WINDOWS\system32\wpdconns.dll
2006-10-18 21:47 356352 --a------ C:\WINDOWS\system32\wpdsp.dll
2006-10-18 21:47 348672 --a------ C:\WINDOWS\system32\wmdrmnet.dll
2006-10-18 21:47 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll
2006-10-18 21:47 321536 --a------ C:\WINDOWS\system32\mswmdm.dll
2006-10-18 21:47 317440 --------- C:\WINDOWS\system32\MP4SDECD.dll
2006-10-18 21:47 314880 --a------ C:\WINDOWS\system32\wmpdxm.dll
2006-10-18 21:47 295936 --------- C:\WINDOWS\system32\wmpeffects.dll
2006-10-18 21:47 284160 --------- C:\WINDOWS\system32\PortableDeviceApi.dll
2006-10-18 21:47 276992 --a------ C:\WINDOWS\system32\audiodev.dll
2006-10-18 21:47 27136 --a------ C:\WINDOWS\system32\mspmsnsv.dll
2006-10-18 21:47 2603008 --------- C:\WINDOWS\system32\WpdShext.dll
2006-10-18 21:47 259072 --------- C:\WINDOWS\system32\MPG4DECD.dll
2006-10-18 21:47 259072 --------- C:\WINDOWS\system32\MP43DECD.dll
2006-10-18 21:47 2450944 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-10-18 21:47 242688 --a------ C:\WINDOWS\system32\wmpasf.dll
2006-10-18 21:47 229376 --a------ C:\WINDOWS\system32\cewmdm.dll
2006-10-18 21:47 222208 --a------ C:\WINDOWS\system32\WMASF.dll
2006-10-18 21:47 212992 --a------ C:\WINDOWS\system32\MFPLAT.dll
2006-10-18 21:47 211456 --a------ C:\WINDOWS\system32\qasf.dll
2006-10-18 21:47 204288 --a------ C:\WINDOWS\system32\wmpsrcwp.dll
2006-10-18 21:47 199168 --------- C:\WINDOWS\system32\PortableDeviceWMDRM.dll
2006-10-18 21:47 179712 --a------ C:\WINDOWS\system32\msnetobj.dll
2006-10-18 21:47 175616 --a------ C:\WINDOWS\system32\mspmsp.dll
2006-10-18 21:47 166912 --------- C:\WINDOWS\system32\PortableDeviceTypes.dll
2006-10-18 21:47 1661440 --a------ C:\WINDOWS\system32\wmpencen.dll
2006-10-18 21:47 1574912 --------- C:\WINDOWS\system32\WMVENCOD.dll
2006-10-18 21:47 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2006-10-18 21:47 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll
2006-10-18 21:47 1543680 --------- C:\WINDOWS\system32\WMVDECOD.dll
2006-10-18 21:47 1382912 --------- C:\WINDOWS\system32\WMVSDECD.dll
2006-10-18 21:47 133632 --------- C:\WINDOWS\system32\WPDShServiceObj.dll
2006-10-18 21:47 1329152 --a------ C:\WINDOWS\system32\WMSPDMOE.dll
2006-10-18 21:47 132096 --------- C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
2006-10-18 21:47 130048 --------- C:\WINDOWS\system32\wmpps.dll
2006-10-18 21:47 11264 --a------ C:\WINDOWS\system32\LAPRXY.dll
2006-10-18 21:47 1117696 --a------ C:\WINDOWS\system32\WMADMOE.dll
2006-10-18 21:47 101888 --------- C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2006-10-18 20:03 100864 --a------ C:\WINDOWS\system32\logagent.exe
2006-10-18 20:00 249856 --a------ C:\WINDOWS\system32\drmupgds.exe
2006-10-18 20:00 17408 --------- C:\WINDOWS\system32\wpdshextautoplay.exe
2006-10-17 12:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-10-17 12:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe
2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll
2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll
2006-10-17 12:03 17408 --a------ C:\WINDOWS\system32\corpol.dll
2006-10-17 11:58 61952 --------- C:\WINDOWS\system32\icardie.dll
2006-10-17 11:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2006-10-17 11:57 266752 --------- C:\WINDOWS\system32\iertutil.dll
2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-10-17 11:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll
2006-10-16 16:10 23856 --a------ C:\WINDOWS\system32\spupdsvc.exe
2006-10-14 20:22 1698048 --------- C:\WINDOWS\system32\XpsSvcs.dll
2006-10-14 20:21 580352 --------- C:\WINDOWS\system32\XPSSHHDR.dll
2006-10-14 16:43 124416 --------- C:\WINDOWS\system32\prntvpt.dll
2006-10-13 13:36 65536 --a------ C:\WINDOWS\system32\nwwks.dll
2006-10-13 13:36 64000 --a------ C:\WINDOWS\system32\nwapi32.dll
2006-10-13 13:36 145920 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-09 16:15 1669632 --a------ C:\WINDOWS\system32\msvidctl.dll
2006-10-09 16:12 456192 --a------ C:\WINDOWS\system32\encdec.dll
2006-10-09 16:12 291840 --a------ C:\WINDOWS\system32\sbe.dll
2006-10-09 16:12 235008 --a------ C:\WINDOWS\system32\psisdecd.dll
2006-10-02 15:28 312128 --------- C:\WINDOWS\system32\msdelta.dll
2006-09-28 20:23 561152 --a------ C:\WINDOWS\system32\NETw3c32.dll
2006-09-28 20:23 53248 --a------ C:\WINDOWS\iwlandrvxpver.dll
2006-09-28 20:23 2732032 --a------ C:\WINDOWS\system32\NETw3r32.dll
2006-09-28 20:13 95344 --------- C:\WINDOWS\system32\WUDFCoinstaller.dll
2006-09-28 18:56 55808 --------- C:\WINDOWS\system32\WudfSvc.dll
2006-09-28 18:56 316416 --------- C:\WINDOWS\system32\WUDFx.dll
2006-09-28 18:56 165376 --------- C:\WINDOWS\system32\WudfPlatform.dll
2006-09-28 18:56 146432 --------- C:\WINDOWS\system32\WudfHost.exe
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
"hpWirelessAssistant"="C:\\Program Files\\hpq\\HP Wireless Assistant\\HP Wireless Assistant.exe"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"nwiz"="nwiz.exe /installquiet /nodetect"
"MsmqIntCert"="regsvr32 /s mqrt.dll"
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe"
"ccApp"="\"c:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\""
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"QPService"="\"C:\\Program Files\\HP\\QuickPlay\\QPService.exe\""
"HP Software Update"="C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe"
"QlbCtrl"=hex(2):25,50,72,6f,67,72,61,6d,46,69,6c,65,73,25,5c,48,65,77,6c,65,\
74,74,2d,50,61,63,6b,61,72,64,5c,48,50,20,51,75,69,63,6b,20,4c,61,75,6e,63,\
68,20,42,75,74,74,6f,6e,73,5c,51,6c,62,43,74,72,6c,2e,65,78,65,20,2f,53,74,\
61,72,74,00
"Cpqset"="C:\\Program Files\\Hewlett-Packard\\Default Settings\\cpqset.exe"
"RecGuard"="C:\\Windows\\SMINST\\RecGuard.exe"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"OpwareSE2"="\"C:\\Program Files\\ScanSoft\\OmniPageSE2.0\\OpwareSE2.exe\""
"RemoteCenter"=""
"CTDVDDet"="C:\\Program Files\\Creative\\USB SBAudigy2 NX\\DVDAudio\\CTDVDDet.EXE"
"CTSysVol"="C:\\Program Files\\Creative\\USB SBAudigy2 NX\\Surround Mixer\\CTSysVol.exe /r"
"SbUsb AudCtrl"="RunDll32 sbusbdll.dll,RCMonitor"
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"HP Component Manager"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb10.exe"
"WOOWATCH"="C:\\PROGRA~1\\Wanadoo\\Watch.exe"
"WOOTASKBARICON"="C:\\PROGRA~1\\Wanadoo\\GestMaj.exe TaskBarIcon.exe"
"PWRISOVM.EXE"="C:\\Program Files\\PowerISO\\PWRISOVM.EXE"
"CanalPlayer"="C:\\Program Files\\Lecteur CANALPLAY\\CanalPlayer.exe"
"EoEngine"=""
"EoNet"=""
"TomTomHOME.exe"="\"C:\\Program Files\\TomTom HOME\\TomTomHOME.exe\" -s"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,3a,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Connexion facile … Internet.job
C:\WINDOWS\tasks\Norton AntiVirus - Effectuer une analyse complŠte du systŠme - Gilles.job
Completion time: 06-12-24 13:20:43.40
C:\ComboFix.txt ... 06-12-24 13:20
.........
Merci de votre aide !
Autres pages sur : spy win32 rootkit lzx32 sys pe386
Lassé par la pub ? Créez un compte
Bonjour,
Merci de nous faire confiance![:)]( ":)")
Télécharge Rustbfix (par ejvindh)
Sauvegarde-le sur ton Bureau.
Double clique rustbfix.exe afin de lancer l'outil.
Si une infection Rustock.b est détectée, une invite t'indiquera qu'il est nécessaire de redémarrer le PC. Ce redémarrage pourrait être plus long que d'habitude, et il est possible que deux redémarrages soient requis. Tout cela se fera automatiquement.
Suite au(x) redémarrage(s), deux rapports s'ouvriront : (C:\avenger.txt & C:\rustbfix\pelog.txt).
Copie/Colle le contenu de ces deux rapports, ainsi qu'un nouveau log HijackThis dans ta prochaine réponse.
Merci de nous faire confiance
Télécharge Rustbfix (par ejvindh)
Sauvegarde-le sur ton Bureau.
Double clique rustbfix.exe afin de lancer l'outil.
Si une infection Rustock.b est détectée, une invite t'indiquera qu'il est nécessaire de redémarrer le PC. Ce redémarrage pourrait être plus long que d'habitude, et il est possible que deux redémarrages soient requis. Tout cela se fera automatiquement.
Suite au(x) redémarrage(s), deux rapports s'ouvriront : (C:\avenger.txt & C:\rustbfix\pelog.txt).
Copie/Colle le contenu de ces deux rapports, ainsi qu'un nouveau log HijackThis dans ta prochaine réponse.
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumSupprimer connexion internet windows 7
- ForumDll c windows system32 hhctrl.ocx
- ForumProbleme dialer analyse hijackthis
- ForumProbleme infection, hijackthis dans le post
- ForumAide pour analyser un rapport hijackthis
- ForumWindows has detected spyware infection
- ForumMicrosoft windows genuine advantage
- ForumTrojan, rapport hijackthis a analyser
- ForumAide analyse log hijackthis
- ForumAnalyse hijackthis probleme demarrage
- Voir plus
