help cheval de troie et autre RESOLU

Tu es infecté(e) par "Vundo". Supprime tous les cracks de ton PC s'ils sont présents car sinon ils relanceront l'infection.

Télécharge Vundofix (par Atribune) sur ton Bureau.

• Double-clique VundoFix.exe afin de le lancer
• Clique sur le bouton Scan for Vundo
• Lorsque le scan est complété, clique sur le bouton Remove Vundo
• Une invite te demandera si tu veux supprimer les fichiers, clique YES
• Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
• Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
• Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-dessus, à partir de "clique sur le bouton Scan for Vundo".

N.B : Il se peut que vundofix ne détecte rien, dans ce cas-là pas de rapport nécessaire, dis-moi juste qu'il n'a rien trouvé.

Re,

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

• Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
• Afin de lancer la recherche, clic sur"Rechercher".
• Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.

AIDE : Tuto en images sur MBAM

voila! rien que ça...


Malwarebytes' Anti-Malware 1.11
Version de la base de données: 599

Type de recherche: Examen complet (C:\|)
Eléments examinés: 108299
Temps écoulé: 1 hour(s), 56 minute(s), 51 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 27
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 11
Fichier(s) infecté(s): 314

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\fccdbcCU.dll (Trojan.Vundo) -> Unloaded module successfully.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14f48f5e-a133-438c-bc0f-c96c0023a3b8} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{14f48f5e-a133-438c-bc0f-c96c0023a3b8} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{7c109800-a5d5-438f-9640-18d17e168b88} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c109800-a5d5-438f-9640-18d17e168b88} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{db763ed8-100a-481b-8913-50a2f41dcdc3} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\playmp3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\mwc (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\AdvRemoteDbg (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Mirar (AdWare.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbrowsingadvisor_is1 (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\aldd (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\NetProject (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\multimediaControls.chl (Trojan.Zlob) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\start (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\some (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{db763ed8-100a-481b-8913-50a2f41dcdc3} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ppzpmgnb (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\DSYeLhBCJX (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\fccdbccu -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files\NetProject (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\logs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\sfx (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\Program Files\PC-Cleaner (Rogue.PC-Cleaner) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\fccdbcCU.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\UCcbdccf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UCcbdccf.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jqrqvlyq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qylvqrqj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rhcarijp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pjirachr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sexjhjew.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wejhjxes.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\NetProject\sbmdl.dll (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\NetProject\sbmntr.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\NetProject\sbsm.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\NetProject\scit.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bubbj.dll (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ryfufuxm.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\bybmpqhq\vinyjkvk.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\XPCOMEvents.dll (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\regxpcom.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP78\A0027180.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP78\A0027181.dll (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ferqbots.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hqnoduni.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\blackjack.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\browser.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\cacerts.crt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\cam.cas (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\cardlib.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\common.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\creditdebit.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\db.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\devlib.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\devlibcomm.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\filemap.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\fivecard.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\games.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\gsid.txt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\id.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\INSTALL.LOG (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\languages.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\libeay32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\licens.txt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\mfc80.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\microsoft.vc80.crt.manifest (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\microsoft.vc80.mfc.manifest (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\modstatus.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\mp3dec.asi (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\mss32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\msvcp80.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\msvcr80.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\navigator.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\omaha.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\options.cfg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\poker.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\poker.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\sc.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\shfolder.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\srvmap.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\ssleay32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\texas.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\UNWISE.EXE (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\UNWISE.INI (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\update.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\vistaelevator.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xml.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\0.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\1.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\10.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\11.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\12.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\13.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\14.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\15.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\16.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\17.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\18.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\19.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\2.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\20.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\21.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\22.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\23.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\24.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\25.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\26.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\27.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\28.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\29.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\3.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\30.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\31.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\32.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\33.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\34.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\35.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\36.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\37.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\38.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\39.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\4.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\40.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\41.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\42.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\43.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\44.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\45.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\46.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\47.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\48.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\49.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\5.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\50.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\51.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\6.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\7.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\8.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\9.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\allin_popup.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\allin_popup_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\archive.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\archive_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\avatar.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\b.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\base.css (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\bkg.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\bkg_playerlist.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\bkg_playernotes.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\browserdetect.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_blackjack.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_cashier.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_close.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_filters_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_filters_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_game.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_game.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_general.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_join.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_join.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_join_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_main.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_medium.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_minmax.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_sublevels_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_sublevels_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_timebank.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\but_timebank_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\caret.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\chatbubble.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\chatpanel_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\chips.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\decktype_settings.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\edit.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\gamelimits1.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\gamelimits2.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\gamelimits3.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\game_bjframe.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\game_blackjack.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\game_summary.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\gre_font_10p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\gre_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\hand.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\hand.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\hand_cursor.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\hand_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\harrow.cur (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\headers_bkg.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\headers_text.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\history.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\history.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\history_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\icon_mute_unmute_notes.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\input_additional.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\input_additional_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\input_boxes.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\input_lists.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\language.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\language.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\languages.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\language_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\main.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\main_bkg.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\main_listhi.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\menu_buttons.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\menu_window_headers.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\navigator_bg.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\navigator_buttons.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\navigator_moneytext.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\navigator_timer.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_bottom.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_game_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_game_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_game_small.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_game_small_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_game_top.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_left.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_medium.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_moretables.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_texts.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_top.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\panel_top_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\pointer.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_bkg_mini.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_cardback.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_cards.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_cards_4c.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_cards_large.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_cards_large_4c.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_deckside.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_font_10p_bold.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_font_10p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_font_11p_bold.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_makechoice.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_makechoice_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_pucks.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\poker_pucks_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\pol_font_10p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\pol_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\popupbkg.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\popups.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_actions.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_actions_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_active.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_active.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_active_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_inactive.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_inactive.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_inactive_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_mute.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_note.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\position_numbers.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\pot_bets.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\progress_ani.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\promo-test1.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\rus_font_10p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\rus_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\sc_bkg8.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tablelimits_bkg_mini.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tablelimits_header.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tablelimits_minmax.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tabs_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tabs_cashier.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tabs_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tab_myaccount.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tab_promotions.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\text.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\timeslider.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\timeslider_mini.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tournamentinfo_bkg.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tur_font_10p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tur_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tx_bkg10.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\tx_bkg5.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\user.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\user_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\white_line.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\win_graphics.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\xml.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\data\xml_decoder.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\sfx\c_button.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\sfx\c_chip.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\sfx\c_deal.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\sfx\p_alert.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\sfx\p_checkknock.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\blackjack_game_panel.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\blackjack_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\common.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\creditdebit.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\ext_clientspecific.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\ext_creditdebit.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\ext_game.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\ext_general.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\ext_mc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\ext_navigator.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\fcs_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\fc_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\fc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\filemap.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\filerefs.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\gameclient.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\game_common.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\game_common_message.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\game_common_mini.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\game_panel.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\game_panel_mini.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\gizmo.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\mc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\message.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\mtt_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\mtt_lobby.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\navigator.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\omaha_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\omaha_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\omaha_main_mini.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\optdef.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\poker_limits.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\sc_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\sc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\soko_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\tel_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\texas_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\texas_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\texas_main_mini.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\BetClic Poker\xrs\tournament_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\IXPCOMEvents.xpt (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\Logo.png (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\main.db (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\unins000.dat (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\unins000.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\PlayMP3z\uninstall.exe (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\WINDOWS\rs.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\moumoune.WESHWESH\Favoris\Error Cleaner.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\moumoune.WESHWESH\Favoris\Privacy Protector.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\moumoune.WESHWESH\Favoris\Spyware&Malware Protection.url (Rogue.Link) -> Quarantined and deleted successfully.

combofix ne m'a pas posé de question et voila ce qu'il dit dans le rapport:

ComboFix 08-04-17.1 - moumoune 2008-04-19 20:22:50.16 - NTFSx86 MINIMAL

Endroit: C:\Documents and Settings\moumoune.WESHWESH\Mes documents\Applications\ComboFix.exe

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:16, on 2008-04-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://secure.caramail.lycos.fr/se [...] c_home_tab
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client [...] bd=6061116
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {150B0CB9-8CC5-4C31-B100-35FA6476BF71} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {47B8F5D3-408E-426E-A415-80D144A3AC4E} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {613BD612-755E-4AE5-923F-37A20D069DF4} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7C109800-A5D5-438F-9640-18D17E168B88} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A98D0065-7326-41B5-B8D9-C5B692CDB82F} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: (no name) - {F6A3CF07-ABE7-476E-9BE0-F2DF48ED63F8} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {49D8D988-6D77-4E24-8A27-914FBCCC782F} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-3361232125-835192129-3529576560-1005\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User '?')
O4 - HKUS\S-1-5-21-3361232125-835192129-3529576560-1005\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Farm Frenzy\Images\stg_drm.ocx
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 4600227296
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Farm Frenzy\Images\armhelper.ocx
O20 - Winlogon Notify: wvUnmKax - wvUnmKax.dll (file missing)
O21 - SSODL: AvpUnknown - {80b16cef-1d34-45a6-8361-48947811abf6} - (no file)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 12144 bytes

je suis désolé...

Voial le rapport, par contre il ne me demande pas de taper quoi que ce soit...


ComboFix 08-04-18.3 - moumoune 2008-04-20 16:25:15.17 - NTFSx86 MINIMAL

Endroit: C:\Documents and Settings\moumoune.WESHWESH\Bureau\ComboFix.exe

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\Program Files\BrowsingAdvisor
C:\Program Files\BrowsingAdvisor\BrowsingAdvisor.dat
C:\Program Files\BrowsingAdvisor\pcre3.dll
C:\Program Files\BrowsingAdvisor\uninstall.exe
C:\Program Files\GamesBar
C:\Program Files\GamesBar\Localization-French.ini
C:\Program Files\Zylom Games
C:\Program Files\Zylom Games\Chocolatier Deluxe\chocolatier.dll
C:\Program Files\Zylom Games\Chocolatier Deluxe\chocolatier.exe
C:\Program Files\Zylom Games\Chocolatier Deluxe\GameInstlr.exe
C:\Program Files\Zylom Games\Chocolatier Deluxe\realarcade.ico
C:\Program Files\Zylom Games\Chocolatier Deluxe\zylom.ico
C:\Program Files\Zylom Games\UninstallPlugin.exe
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\fmod.dll
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\GameInstlr.exe
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\gd.xml
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\4 - Hobbies\1.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\4 - Hobbies\1.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\4 - Hobbies\2.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\4 - Hobbies\2.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\4 - Hobbies\3.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\4 - Hobbies\3.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\4 - Hobbies\4.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\4 - Hobbies\4.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\4 - Hobbies\5.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\4 - Hobbies\5.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\4 - Hobbies\bg.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\4 - Hobbies\Challenge\box.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\4 - Hobbies\Challenge\catbutton.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\4 - Hobbies\Collection\bg.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\4 - Hobbies\Collection\colbutton.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\4 - Hobbies\Collection\colbutton_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\4 - Hobbies\menu.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\5 - Dream Holiday\1.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\5 - Dream Holiday\1.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\5 - Dream Holiday\2.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\5 - Dream Holiday\2.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\5 - Dream Holiday\3.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\5 - Dream Holiday\3.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\5 - Dream Holiday\4.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\5 - Dream Holiday\4.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\5 - Dream Holiday\5.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\5 - Dream Holiday\5.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\5 - Dream Holiday\bg.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\5 - Dream Holiday\Challenge\box.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\5 - Dream Holiday\Challenge\catbutton.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\5 - Dream Holiday\Collection\bg.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\5 - Dream Holiday\Collection\colbutton.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\5 - Dream Holiday\Collection\colbutton_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\5 - Dream Holiday\menu.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\6 - Around the House\1.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\6 - Around the House\1.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\6 - Around the House\2.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\6 - Around the House\2.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\6 - Around the House\3.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\6 - Around the House\3.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\6 - Around the House\4.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\6 - Around the House\4.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\6 - Around the House\5.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\6 - Around the House\5.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\6 - Around the House\bg.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\6 - Around the House\Challenge\box.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\6 - Around the House\Challenge\catbutton.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\6 - Around the House\Collection\bg.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\6 - Around the House\Collection\colbutton.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\6 - Around the House\Collection\colbutton_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\6 - Around the House\menu.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\7 - People\1.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\7 - People\1.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\7 - People\2.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\7 - People\2.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\7 - People\3.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\7 - People\3.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\7 - People\4.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\7 - People\4.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\7 - People\5.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\7 - People\5.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\7 - People\bg.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\7 - People\Challenge\box.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\7 - People\Challenge\catbutton.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\7 - People\Collection\bg.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\7 - People\Collection\colbutton.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\7 - People\Collection\colbutton_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\7 - People\menu.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\challenge\bg.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\challenge\bg_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\challenge\corner.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\challenge\corner_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\collection\bg_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\collection\bg_tv.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\collection\corner.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\collection\flash.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\collection\l.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\collection\l_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\collection\s_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\collection\tv_flash_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\collection\tv_strip.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\configdialog\b_bg_arrow.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\configdialog\b_bg_arrow_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\configdialog\b_bg_arrow_left.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\configdialog\b_express.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\configdialog\b_expressklassiek_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\configdialog\b_extra_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\configdialog\b_klassiek.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\configdialog\b_size.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\configdialog\b_size_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\configdialog\b_size_extra.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\configdialog\bg_green_dialog.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\configdialog\bg_green_dialog_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\configdialog\bg_strip.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\configdialog\piece_extra_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\configdialog\tab_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\configdialog\tab_l.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\configdialog\tab_r.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\configdialog\vink.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\configdialog\vink_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\aktie_icon.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\b_action.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\b_add.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\b_annuleer.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\b_close.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\b_credits.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\b_credits_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\b_dialog_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\b_help.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\b_no.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\b_ok.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\b_quit.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\b_remove.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\b_round.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\b_round_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\b_start.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\b_terug.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\b_volgende.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\b_vorige.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\b_yes.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\bg_credits.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\bg_example.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\bg_green_dialog.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\bg_green_dialog_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\bg_help.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\bg_options.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\dialog_players.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\endgame.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\finish_image.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\overlay_dialog.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\overlay_dialog_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\overlay_dialog_girl.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\pause_image.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\slider.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\slider_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\slider_arrows.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\dialog\slider_arrows_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\l-up.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\l_down.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\l_down.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\l_down_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\l_up.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\l_up_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\m_down.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\m_down_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\m_l.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\m_l_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\m_m.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\m_m_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\m_r.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\m_r_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\m_up.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\m_up_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\r_down.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\r_down.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\r_down_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\r_up.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\infodialog\r_up_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\inputlabel_bg.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\l_down.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\l_down_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\l_mid.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\l_mid_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\l_up.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\l_up_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\loadingbar_800x600_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\loadingbar_empty.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\loadingbar_over.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\mid_down.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\mid_down_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\mid_mid.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\mid_up.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\mid_up_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\r_down.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\r_down_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\r_mid.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\r_mid_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\r_up.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\dialog\r_up_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\fonts\_Advert14.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\fonts\_Advert15.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\fonts\_Advert8.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\fonts\_CenturyGothic10Bold.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\fonts\_CenturyGothic11Bold.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\fonts\_CenturyGothic14Bold.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\fonts\_CenturyGothic25Bold.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\fonts\_CenturyGothic8.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\fonts\_CenturyGothic8Bold.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\fonts\_CenturyGothic9Bold.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\fonts\Advert14.xml
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\fonts\Advert15.xml
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\fonts\Advert8.xml
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\fonts\centurygothic10bold.xml
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\fonts\centurygothic11bold.xml
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\fonts\centurygothic14bold.xml
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\fonts\centurygothic25bold.xml
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\fonts\centurygothic8.xml
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\fonts\centurygothic8bold.xml
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\fonts\centurygothic9bold.xml
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\_b_alpha.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\arrow_help_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\b_-.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\b_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\b_back.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\b_help.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\b_square.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\b_x.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\beam_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\border_l_down.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\border_l_up.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\border_mid_down.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\border_mid_l.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\border_mid_r.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\border_mid_up.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\border_r_down.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\border_r_up.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\border_thumb.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\border_thumb_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\cursor.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\example_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\hand.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\hand_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\hand_mini.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\hand_mini_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\hand_right.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\hand_right_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\large_puzzlepiece_black.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\large_puzzlepiece_black_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\large_puzzlepiece_white.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\large_puzzlepiece_white_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\puzzle_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\Puzzlebook.ico
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\scrollbar_down.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\scrollbar_slider.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\scrollbar_up.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\scrollbarback.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\tools_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\tray.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\gui\tray_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\icons\finished.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\icons\finished_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\icons\last.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\icons\last_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\icons\numbers.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\icons\numbers_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\icons\numvers_2.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\icons\puzzle.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\icons\puzzle_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\icons\safe_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\icons\save.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\icons\Thumbs.db
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\linkButtons\1\colbutton.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\linkButtons\1\colbutton_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\linkButtons\2\colbutton.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\linkButtons\2\colbutton_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\linkButtons\3\colbutton.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\linkButtons\3\colbutton_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\linkButtons\4\colbutton.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\linkButtons\4\colbutton_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\loading\bg.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\loading\loadingbar.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\loading\Loadingbar_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\loading\loadingbar_empty.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\loading\Thumbs.db
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\properties\challenge.xml
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\properties\collection.xml
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\properties\default.xml
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\properties\Dialogs.xml
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\properties\resources.xml
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Borders_Off.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Borders_On.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Button_Click.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Dialog_Close.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Dialog_Close_OLD.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Dialog_Select_Difficulty_Level.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Disabled_Button_Error.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Hint_FadeIn.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Move_Puzzle_to_Collection.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\music_ingame.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\music_menu.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Next_Level_Block_Shift.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Opgelost.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Pieces_Thrown_Out_Of_Puzzle_Box.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Puzzle_Completed.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Puzzle_Completed_alternative.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Puzzle_Piece_Appears.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Puzzle_Piece_Pick_Up.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Puzzle_Piece_Put_Down_Fits.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Puzzle_Piece_Put_Down_Standard.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Puzzle_Piece_Put_Down_Wrong.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Puzzle_Piece_Rotate.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Puzzle_Piece_Shoots_Back.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Puzzle_Sorting_Sound1.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Puzzle_Sorting_Sound2.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Score_Sound.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Tray_Expand.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Tray_Shrink.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Unlock_New_Puzzle.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Zylom_Pause_Sound.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\sounds\Zylom_Unpause_Sound.ogg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\_b_alpha.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\_b_puzzlecollection.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\b_-.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\b_challenge.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\b_challenge_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\b_collection.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\b_collection_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\b_help.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\b_help_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\b_options.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\b_options_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\b_quit.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\b_quit_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\b_square.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\b_x.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\background.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\glow.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\mouth.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\tail.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\tail_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\title\Thumbs.db
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\b_example.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\b_example_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\b_help.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\b_hint.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\b_hint_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\b_instellingen.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\b_meer-spellen.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\b_menu.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\b_menu_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\b_pause.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\b_pause_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\b_randen.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\b_randen_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\b_sorteer.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\b_sorteer_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\b_stop.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\b_zylom.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\b_zylom_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\clock.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\clock_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\dropdown.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\dropdown_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\line_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\menu_.png
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\numbers.jpg
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\media\toolbar\Thumbs.db
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\msvcr71.dll
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\players\moon.plr
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\players\players.plrs
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\realarcade.ico
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\savegames\moon\col4p2.sav
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\savegames\moon\col4p3.sav
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\savegames\moon\col4p4.sav
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\savegames\moon\col4p5.sav
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\UnInstall.log
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\wrapperresources.dat
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\zylom.ico
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\zylompuzzles.dll
C:\Program Files\Zylom Games\Zylom puzzles Deluxe\zylompuzzlesPromo.exe
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\pack.epk
C:\WINDOWS\resources\AvpUnknown.dll
C:\WINDOWS\resources\CheckWin.dll
C:\WINDOWS\system32\awttuSll.dll
C:\WINDOWS\system32\axgqlhmx.dll
C:\WINDOWS\system32\dcads-remove.exe
C:\WINDOWS\system32\drivers\ETNADiag.exe
C:\WINDOWS\system32\drivers\nxhtnxme.dat
C:\WINDOWS\system32\hxysoaiw.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\nmllm.bak1
C:\WINDOWS\system32\nmllm.ini2
C:\WINDOWS\system32\nsm11B.dll
C:\WINDOWS\system32\nsv7C.dll
C:\WINDOWS\system32\superiorads-uninst.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-20 to 2008-04-20 ))))))))))))))))))))))))))))))))))))
.

2008-04-19 13:05 . 2008-04-19 13:05 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2008-04-19 12:55 . 2008-04-19 15:17 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-19 12:55 . 2008-04-19 12:55 <REP> d-------- C:\Documents and Settings\moumoune.WESHWESH\Application Data\Malwarebytes
2008-04-19 12:55 . 2008-04-19 12:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-18 21:33 . 2008-04-19 12:42 <REP> d-------- C:\VundoFix Backups
2008-04-18 17:32 . 2008-04-18 17:32 <REP> d-------- C:\WINDOWS\system32\892267
2008-04-17 17:34 . 2008-04-18 00:28 990 ---hs---- C:\WINDOWS\system32\urxsnulw.ini
2008-04-14 17:31 . 2008-04-15 17:31 294 ---hs---- C:\WINDOWS\system32\qiksinyg.ini
2008-04-11 21:40 . 2008-04-11 21:40 335 --a------ C:\WINDOWS\mozregistry.dat
2008-04-11 14:03 . 2008-04-12 17:26 1,290 ---hs---- C:\WINDOWS\system32\racwsyul.ini
2008-04-11 01:04 . 2008-04-11 01:04 <REP> d-------- C:\Documents and Settings\moumoune.WESHWESH\Application Data\TmpRecentIcons
2008-04-10 23:39 . 2008-04-10 23:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Legacy Interactive
2008-04-10 23:38 . 2008-04-10 23:38 0 --ah----- C:\WINDOWS\SwSys2.bmp
2008-04-10 23:38 . 2008-04-10 23:38 0 --ah----- C:\WINDOWS\SwSys1.bmp
2008-04-10 23:00 . 2008-04-19 17:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\bybmpqhq
2008-03-30 15:59 . 2008-03-30 15:59 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-30 15:59 . 2008-03-30 15:59 1,409 --a------ C:\WINDOWS\QTFont.for
2008-03-30 01:26 . 2008-03-30 14:04 <REP> d-------- C:\SphinxME

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-20 14:15 --------- d-----w C:\Documents and Settings\moumoune.WESHWESH\Application Data\DNA
2008-04-19 19:02 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-04-19 19:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-10 23:31 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-10 23:30 --------- d-----w C:\Program Files\SpywareBlaster
2008-04-10 22:52 --------- d-----w C:\Program Files\bfgclient
2008-04-10 22:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
2008-04-10 22:35 0 ----a-w C:\Program Files\temp01
2008-04-10 21:24 --------- d-----w C:\Program Files\Legacy Interactive
2008-04-03 18:49 1,142 ----a-w C:\Documents and Settings\moumoune.WESHWESH\Application Data\wklnhst.dat
2008-04-02 16:58 --------- d-----w C:\Documents and Settings\moumoune.WESHWESH\Application Data\Sphinx
2008-03-23 23:23 --------- d-----w C:\Program Files\Java
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-12 17:03 --------- d-----w C:\Program Files\Microsoft Works
2008-03-12 17:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-12 15:20 --------- d-----w C:\Documents and Settings\moumoune.WESHWESH\Application Data\OpenOffice.org2
2008-03-12 09:41 --------- d-----w C:\Program Files\NRJ
2008-03-12 08:59 --------- d-----w C:\Program Files\Windows Media Components
2008-03-11 08:42 --------- d-----w C:\Documents and Settings\moumoune.WESHWESH\Application Data\DivX
2008-03-10 01:48 --------- d-----w C:\Documents and Settings\moumoune.WESHWESH\Application Data\LimeWire
2008-03-10 01:32 --------- d-----w C:\Program Files\DivX
2008-03-09 11:13 --------- d-----w C:\Program Files\Fichiers communs\xing shared
2008-03-09 11:13 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-03-08 14:53 --------- d-----w C:\Program Files\DNA
2008-03-08 14:52 --------- d-----w C:\Program Files\Windows Live
2008-03-08 14:52 --------- d-----w C:\Program Files\ContextEnhancer
2008-03-08 14:52 --------- d-----w C:\Documents and Settings\moumoune.WESHWESH\Application Data\BitTorrent
2008-03-08 14:39 --------- d-----w C:\Program Files\Chocolatier 2 Secret Ingredients DeLEGiON
2008-03-08 12:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\Bluetooth
2008-03-08 00:34 --------- d-----w C:\Program Files\Real
2008-03-01 00:10 --------- d-----w C:\Program Files\Ubi Soft
2008-02-29 01:07 --------- d-----w C:\Documents and Settings\moumoune.WESHWESH\Application Data\PlayFirst
2008-02-29 01:03 --------- d-----w C:\Program Files\Zylom Games
2008-02-21 02:05 9,464 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-02-21 02:05 9,336 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-02-21 02:05 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-02-21 02:05 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
2008-02-21 02:05 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-02-21 02:05 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-02-21 02:05 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2008-02-21 02:05 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2008-02-21 02:05 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2008-02-21 02:05 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-02-21 02:04 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-02-21 02:04 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-02-21 02:04 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-02-21 02:04 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-02-21 02:04 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2008-02-21 02:04 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-02-21 02:04 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-02-21 02:04 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-02-21 02:04 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-02-21 02:04 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-02-21 02:04 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-02-21 02:04 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-02-21 02:03 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-02-21 02:03 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-16 09:02 663,552 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-02 01:14 57,344 ----a-w C:\WINDOWS\system32\lyc_language.dll
2008-02-01 10:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-01-12 17:58 774,144 -c--a-w C:\Program Files\RngInterstitial.dll
2006-11-24 13:59 251 -c--a-w C:\Program Files\wt3d.ini
2007-12-08 14:28 168 --sh--r C:\WINDOWS\system32\7EF1021042.sys
2007-12-08 14:28 5,954 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot@2008-01-23_22.10.24,48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-03-20 07:56:50 1,846,016 ----a-w C:\WINDOWS\$hf_mig$\KB941693\SP2QFE\win32k.sys
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\updspapi.dll
+ 2007-12-04 18:30:15 551,936 -c--a-w C:\WINDOWS\$hf_mig$\KB943055\SP2QFE\oleaut32.dll
+ 2007-03-06 01:34:33 15,072 -c--a-w C:\WINDOWS\$hf_mig$\KB943055\spmsg.dll
+ 2007-03-06 01:34:38 216,800 -c--a-w C:\WINDOWS\$hf_mig$\KB943055\spuninst.exe
+ 2007-03-06 01:34:31 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB943055\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB943055\update\update.exe
+ 2007-03-06 01:35:48 394,976 -c--a-w C:\WINDOWS\$hf_mig$\KB943055\update\updspapi.dll
+ 2007-12-18 14:32:57 450,560 ----a-w C:\WINDOWS\$hf_mig$\KB944338\SP2QFE\jscript.dll
+ 2007-12-18 14:32:57 417,792 ----a-w C:\WINDOWS\$hf_mig$\KB944338\SP2QFE\vbscript.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB944338\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB944338\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\updspapi.dll
+ 2007-12-07 00:47:14 1,024,512 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\browseui.dll
+ 2007-12-07 00:47:14 152,064 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\cdfview.dll
+ 2007-12-07 00:47:14 1,056,768 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\danim.dll
+ 2007-12-07 00:47:15 357,888 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\dxtmsft.dll
+ 2007-12-07 00:47:15 205,824 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\dxtrans.dll
+ 2007-12-07 00:47:15 55,808 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\extmgr.dll
+ 2007-12-06 10:05:52 18,432 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\iedw.exe
+ 2007-12-07 00:47:15 251,904 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\iepeers.dll
+ 2007-12-07 00:47:15 96,768 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\inseng.dll
+ 2007-12-07 00:47:15 16,384 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\jsproxy.dll
+ 2007-12-07 00:47:18 3,087,360 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\mshtml.dll
+ 2007-12-07 00:47:18 449,024 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\mshtmled.dll
+ 2007-12-07 00:47:18 146,432 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\msrating.dll
+ 2007-12-07 00:47:19 532,480 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\mstime.dll
+ 2007-12-07 00:47:19 39,424 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\pngfilt.dll
+ 2007-12-07 00:47:20 1,499,648 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\shdocvw.dll
+ 2007-12-07 00:47:20 474,624 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\shlwapi.dll
+ 2007-12-06 23:40:30 369,152 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\spru040c.dll
+ 2007-12-07 00:47:21 620,032 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\urlmon.dll
+ 2007-12-07 00:47:21 670,208 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\spmsg.dll
+ 2007-03-06 01:34:38 216,800 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\spuninst.exe
+ 2007-03-06 01:34:31 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\update\update.exe
+ 2007-03-06 01:35:48 394,976 -c--a-w C:\WINDOWS\$hf_mig$\KB944533\update\updspapi.dll
+ 2008-02-20 05:20:23 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsapi.dll
+ 2008-02-20 18:50:24 45,568 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsrslvr.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\updspapi.dll
+ 2007-12-18 09:38:59 179,712 -c--a-w C:\WINDOWS\$hf_mig$\KB946026\SP2QFE\mrxdav.sys
+ 2007-03-06 01:34:33 15,072 -c--a-w C:\WINDOWS\$hf_mig$\KB946026\spmsg.dll
+ 2007-03-06 01:34:38 216,800 -c--a-w C:\WINDOWS\$hf_mig$\KB946026\spuninst.exe
+ 2007-03-06 01:34:31 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB946026\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 -c--a-w C:\WINDOWS\$hf_mig$\KB946026\update\update.exe
+ 2007-03-06 01:35:48 394,976 -c--a-w C:\WINDOWS\$hf_mig$\KB946026\update\updspapi.dll
+ 2008-02-16 09:31:57 1,024,512 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\browseui.dll
+ 2008-02-16 09:31:57 152,064 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\cdfview.dll
+ 2008-02-16 09:31:58 1,056,768 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\danim.dll
+ 2008-02-16 09:31:58 357,888 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\dxtmsft.dll
+ 2008-02-16 09:31:58 205,312 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\dxtrans.dll
+ 2008-02-16 09:31:58 55,808 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\extmgr.dll
+ 2008-02-15 09:07:53 18,432 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\iedw.exe
+ 2008-02-16 09:31:58 251,904 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\iepeers.dll
+ 2008-02-16 09:31:58 96,768 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\inseng.dll
+ 2008-02-16 09:31:58 16,384 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\jsproxy.dll
+ 2008-02-16 09:31:59 3,087,872 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\mshtml.dll
+ 2008-02-16 09:31:59 449,024 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\mshtmled.dll
+ 2008-02-16 09:31:59 146,432 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\msrating.dll
+ 2008-02-16 09:31:59 532,480 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\mstime.dll
+ 2008-02-16 09:31:59 39,424 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\pngfilt.dll
+ 2008-02-16 09:32:00 1,499,648 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\shdocvw.dll
+ 2008-02-16 09:32:00 474,624 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\shlwapi.dll
+ 2008-02-15 23:03:14 370,176 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\spru040c.dll
+ 2008-02-16 09:32:00 620,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\urlmon.dll
+ 2008-02-16 09:32:00 670,208 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB947864\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB947864\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB947864\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB947864\update\updspapi.dll
+ 2008-02-20 06:52:42 282,624 ----a-w C:\WINDOWS\$hf_mig$\KB948590\SP2QFE\gdi32.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\updspapi.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\update.exe
+ 2007-03-06 01:35:47 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\updspapi.dll
- 2007-05-01 00:01:41 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2008-03-12 09:43:28 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2007-05-01 00:01:42 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2008-03-12 09:43:28 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2007-05-01 00:01:42 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2008-03-12 09:43:29 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2007-05-01 00:01:38 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-12 09:43:30 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-05-01 00:01:43 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2008-03-12 09:43:31 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2007-05-01 00:01:44 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2008-03-12 09:43:31 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2007-05-01 00:01:44 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2008-03-12 09:43:32 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2007-05-01 00:01:45 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2008-03-12 09:43:32 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2007-05-01 00:01:41 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-03-12 09:43:26 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-04-20 14:19:38 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
- 2007-03-13 08:57:10 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2000-08-31 06:00:00 73,728 ----a-w C:\WINDOWS\fdsv.exe
+ 2000-08-31 06:00:00 80,412 ----a-w C:\WINDOWS\grep.exe
- 2006-11-24 20:45:14 155,136 -c--a-r C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\accicons.exe
+ 2008-03-12 20:45:11 155,136 ----a-r C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\accicons.exe
- 2006-11-24 20:45:14 22,528 -c--a-r C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\bindico.exe
+ 2008-03-12 20:45:11 22,528 ----a-r C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\bindico.exe
- 2006-11-24 20:45:14 73,216 -c--a-r C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\fpicon.exe
+ 2008-03-12 20:45:11 73,216 ----a-r C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\fpicon.exe
- 2006-11-24 20:45:14 28,160 -c--a-r C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\misc.exe
+ 2008-03-12 20:45:11 28,160 ----a-r C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\misc.exe
- 2006-11-24 20:45:14 104,960 -c--a-r C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\outicon.exe
+ 2008-03-12 20:45:11 104,960 ----a-r C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\outicon.exe
- 2006-11-24 20:45:14 11,264 -c--a-r C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\PEicons.exe
+ 2008-03-12 20:45:12 11,264 ----a-r C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\PEicons.exe
- 2006-11-24 20:45:14 30,208 -c--a-r C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\pptico.exe
+ 2008-03-12 20:45:11 30,208 ----a-r C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\pptico.exe
- 2006-11-24 20:45:14 35,328 -c--a-r C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\wordicon.exe
+ 2008-03-12 20:45:11 35,328 ----a-r C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\wordicon.exe
- 2006-11-24 20:45:14 69,120 -c--a-r C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\xlicons.exe
+ 2008-03-12 20:45:11 69,120 ----a-r C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\xlicons.exe
+ 2008-03-12 15:39:18 217,864 ----a-r C:\WINDOWS\Installer\{90120000-006E-040C-0000-0000000FF1CE}\misc.exe
+ 2008-02-29 02:01:30 123,008 ----a-r C:\WINDOWS\Installer\{A70FA218-6598-4AC9-813D-63597C5DD068}\WLXPhotoGalleryIcon.exe
+ 2008-02-12 09:08:15 295,606 -c--a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A81200000003}\SC_Reader.exe
- 2005-03-18 14:23:10 53,248 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2005-03-18 16:23:10 53,248 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll
- 2005-03-18 14:23:10 12,800 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll
+ 2005-03-18 16:23:10 12,800 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll
- 2005-03-18 14:23:14 473,600 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll
+ 2005-03-18 16:23:14 473,600 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll
- 2005-03-18 14:23:10 145,920 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll
+ 2005-03-18 16:23:10 145,920 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll
- 2005-03-18 14:23:10 159,232 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll
+ 2005-03-18 16:23:10 159,232 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll
- 2005-03-18 14:23:14 364,544 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll
+ 2005-03-18 16:23:14 364,544 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll
- 2005-03-18 14:23:12 178,176 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll
+ 2005-03-18 16:23:12 178,176 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll
- 2005-03-18 14:23:14 223,232 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll
+ 2005-03-18 16:23:14 223,232 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll
- 2005-09-28 12:11:52 577,536 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-09-28 13:11:52 577,536 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll
+ 2008-02-02 11:28:18 2,942 -c--a-w C:\WINDOWS\mozver.dat
- 2000-08-31 07:00:00 51,200 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
+ 2002-12-13 12:42:56 8,192 ----a-w C:\WINDOWS\RegisteredPackages\{3695EB93-6443-448D-8E2E-1F6F4FC79BC1}\asferror.dll
+ 2002-11-06 01:10:14 167,936 ----a-w C:\WINDOWS\RegisteredPackages\{89FDAB62-6F46-4C7E-A559-E00B9A0BACB6}\wmserror.dll
+ 2002-11-06 01:45:32 327,680 ----a-w C:\WINDOWS\RegisteredPackages\{89FDAB62-6F46-4C7E-A559-E00B9A0BACB6}\wmsservertypelib.dll
+ 2000-08-31 06:00:00 98,816 ----a-w C:\WINDOWS\sed.exe
+ 2000-08-31 06:00:00 161,792 ----a-w C:\WINDOWS\swreg.exe
+ 2000-08-31 06:00:00 136,704 ----a-w C:\WINDOWS\swsc.exe
+ 2000-08-31 06:00:00 212,480 ----a-w C:\WINDOWS\swxcacls.exe
+ 2004-08-10 12:00:00 2,000 -c--a-w C:\WINDOWS\system\KEYBOARD.DRV
+ 2004-08-10 12:00:00 73,680 -c--a-w C:\WINDOWS\system\MCIAVI.DRV
+ 2004-08-10 12:00:00 25,280 -c--a-w C:\WINDOWS\system\MCISEQ.DRV
+ 2004-08-10 12:00:00 28,160 -c--a-w C:\WINDOWS\system\MCIWAVE.DRV
+ 2004-08-10 12:00:00 2,032 -c--a-w C:\WINDOWS\system\MOUSE.DRV
+ 2004-08-10 12:00:00 1,744 -c--a-w C:\WINDOWS\system\SOUND.DRV
+ 2004-08-10 12:00:00 3,360 -c--a-w C:\WINDOWS\system\SYSTEM.DRV
+ 2004-08-10 12:00:00 4,096 -c--a-w C:\WINDOWS\system\TIMER.DRV
+ 2004-08-10 12:00:00 2,176 -c--a-w C:\WINDOWS\system\VGA.DRV
+ 2004-08-10 12:00:00 13,600 -c--a-w C:\WINDOWS\system\WFWNET.DRV
+ 2004-08-10 12:00:00 146,944 -c--a-w C:\WINDOWS\system\WINSPOOL.DRV
- 2004-08-10 12:00:00 8,704 ----a-w C:\WINDOWS\system32\asferror.dll
+ 2002-12-13 12:42:56 8,192 ----a-w C:\WINDOWS\system32\asferror.dll
+ 2008-03-29 17:45:49 1,146,232 ----a-w C:\WINDOWS\system32\aswBoot.exe
+ 2008-03-29 17:23:22 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
- 2007-10-11 06:13:38 1,024,000 ----a-w C:\WINDOWS\system32\browseui.dll
+ 2008-02-16 09:02:34 1,024,000 ----a-w C:\WINDOWS\system32\browseui.dll
- 2007-10-11 06:13:38 152,064 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2008-02-16 09:02:34 152,064 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2004-08-10 12:00:00 10,544 ----a-w C:\WINDOWS\system32\comm.drv
- 2005-07-22 17:59:04 2,319,568 ----a-w C:\WINDOWS\system32\d3dx9_27.dll
+ 2005-07-22 18:59:04 2,319,568 ----a-w C:\WINDOWS\system32\d3dx9_27.dll
- 2007-10-11 06:13:38 1,056,768 ----a-w C:\WINDOWS\system32\danim.dll
+ 2008-02-16 09:02:34 1,056,768 ----a-w C:\WINDOWS\system32\danim.dll
+ 2004-08-10 12:00:00 1,788 -c--a-w C:\WINDOWS\system32\Dcache.bin
+ 2005-09-08 05:20:00 2,496 ----a-w C:\WINDOWS\system32\DLA\DLADResN.SYS
+ 2004-08-10 12:00:00 41,216 -c--a-w C:\WINDOWS\system32\dllcache\amdk6.sys
+ 2004-08-10 12:00:00 41,600 -c--a-w C:\WINDOWS\system32\dllcache\amdk7.sys
- 2004-08-10 12:00:00 8,704 -c--a-w C:\WINDOWS\system32\dllcache\asferror.dll
+ 2002-12-13 12:42:56 8,192 -c--a-w C:\WINDOWS\system32\dllcache\asferror.dll
+ 2004-08-10 12:00:00 14,080 -c--a-w C:\WINDOWS\system32\dllcache\battc.sys
- 2007-10-11 06:13:38 1,024,000 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
+ 2008-02-16 09:02:34 1,024,000 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
- 2007-10-11 06:13:38 152,064 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll
+ 2008-02-16 09:02:34 152,064 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll
+ 2004-08-10 12:00:00 262,528 -c--a-w C:\WINDOWS\system32\dllcache\cinemst2.sys
+ 2004-08-10 12:00:00 11,776 -c--a-w C:\WINDOWS\system32\dllcache\cpqdap01.sys
+ 2004-08-10 12:00:00 40,704 -c--a-w C:\WINDOWS\system32\dllcache\crusoe.sys
- 2007-10-11 06:13:38 1,056,768 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll
+ 2008-02-16 09:02:34 1,056,768 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll
- 2006-06-26 17:41:32 148,480 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-02-20 05:35:05 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2004-08-10 12:00:00 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
+ 2008-02-20 05:35:05 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
- 2007-10-11 06:13:39 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-02-16 09:02:34 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2007-10-11 06:13:39 205,312 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-02-16 09:02:35 205,312 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-10-11 06:13:39 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-02-16 09:02:35 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2004-08-10 12:00:00 12,416 -c--a-w C:\WINDOWS\system32\dllcache\fsvga.sys
- 2007-06-19 13:32:25 282,112 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
+ 2008-02-20 06:51:00 282,624 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
+ 2004-08-10 02:47:52 17,024 -c--a-w C:\WINDOWS\system32\dllcache\hidir.sys
- 2007-10-10 11:16:27 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2008-02-15 09:23:37 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
- 2007-10-11 06:13:39 251,392 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2008-02-16 09:02:35 251,392 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
- 2007-10-11 06:13:39 96,768 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2008-02-16 09:02:35 96,768 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
- 2007-11-14 07:28:02 450,560 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2007-12-18 14:41:58 450,560 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
- 2007-10-11 06:13:39 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-02-16 09:02:35 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2004-08-10 12:00:00 2,000 -c--a-w C:\WINDOWS\system32\dllcache\keyboard.drv
+ 2004-08-10 12:00:00 2,560 -c--a-w C:\WINDOWS\system32\dllcache\lz32.dll
+ 2004-08-10 12:00:00 73,680 -c--a-w C:\WINDOWS\system32\dllcache\mciavi.drv
+ 2004-08-10 12:00:00 25,280 -c--a-w C:\WINDOWS\system32\dllcache\mciseq.drv
+ 2004-08-10 12:00:00 28,160 -c--a-w C:\WINDOWS\system32\dllcache\mciwave.drv
+ 2004-08-10 12:00:00 63,744 -c--a-w C:\WINDOWS\system32\dllcache\mf.sys
+ 2004-08-10 12:00:00 2,032 -c--a-w C:\WINDOWS\system32\dllcache\mouse.drv
- 2004-08-10 12:00:00 181,248 -c--a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
+ 2007-12-18 09:51:35 179,584 -c--a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
- 2007-10-30 10:18:16 3,079,680 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-02-16 22:32:38 3,080,704 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-10-11 06:13:40 449,024 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-02-16 09:02:36 449,024 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2007-10-11 06:13:40 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-02-16 09:02:37 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2007-10-11 06:13:40 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-02-16 09:02:37 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2004-08-10 12:00:00 12,032 -c--a-w C:\WINDOWS\system32\dllcache\nikedrv.sys
+ 2004-08-10 12:00:00 2,944 -c--a-w C:\WINDOWS\system32\dllcache\null.sys
- 2007-05-17 11:29:50 549,376 -c--a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
+ 2007-12-04 18:41:36 550,912 -c--a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
+ 2004-08-10 12:00:00 3,456 -c--a-w C:\WINDOWS\system32\dllcache\oprghdlr.sys
+ 2004-08-10 12:00:00 25,088 -c--a-w C:\WINDOWS\system32\dllcache\pciidex.sys
- 2007-10-11 06:13:40 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-02-16 09:02:37 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2004-08-10 12:00:00 39,552 -c--a-w C:\WINDOWS\system32\dllcache\processr.sys
+ 2004-08-10 12:00:00 12,032 -c--a-w C:\WINDOWS\system32\dllcache\rio8drv.sys
+ 2004-08-10 12:00:00 12,032 -c--a-w C:\WINDOWS\system32\dllcache\riodrv.sys
+ 2004-08-10 12:00:00 96,256 -c--a-w C:\WINDOWS\system32\dllcache\scsiport.sys
- 2007-10-11 06:13:40 1,495,040 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
+ 2008-02-16 09:02:38 1,495,040 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
- 2007-10-11 06:13:41 474,624 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2008-02-16 09:02:38 474,624 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2004-08-10 12:00:00 25,472 -c--a-w C:\WINDOWS\system32\dllcache\sonydcam.sys
+ 2004-08-10 12:00:00 1,744 -c--a-w C:\WINDOWS\system32\dllcache\sound.drv
+ 2004-08-10 12:00:00 3,360 -c--a-w C:\WINDOWS\system32\dllcache\system.drv
+ 2004-08-10 12:00:00 4,096 -c--a-w C:\WINDOWS\system32\dllcache\timer.drv
+ 2004-08-10 12:00:00 21,376 -c--a-w C:\WINDOWS\system32\dllcache\tsbvcap.sys
+ 2004-08-10 12:00:00 12,416 -c--a-w C:\WINDOWS\system32\dllcache\tunmp.sys
- 2007-10-11 06:13:41 617,472 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-02-16 09:02:39 617,984 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2004-08-10 12:00:00 23,808 -c--a-w C:\WINDOWS\system32\dllcache\usbcamd.sys
+ 2004-08-10 12:00:00 23,936 -c--a-w C:\WINDOWS\system32\dllcache\usbcamd2.sys
+ 2004-08-10 12:00:00 16,000 -c--a-w C:\WINDOWS\system32\dllcache\usbintel.sys
- 2004-08-10 12:00:00 417,792 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2007-12-18 14:41:59 417,792 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2004-08-10 12:00:00 2,176 -c--a-w C:\WINDOWS\system32\dllcache\vga.drv
+ 2004-08-10 12:00:00 13,600 -c--a-w C:\WINDOWS\system32\dllcache\wfwnet.drv
- 2007-03-08 15:33:58 1,843,712 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
+ 2008-03-20 08:09:22 1,845,376 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
- 2007-10-11 06:13:41 663,552 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-02-16 09:02:39 663,552 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2004-08-10 12:00:00 2,864 -c--a-w C:\WINDOWS\system32\dllcache\winsock.dll
+ 2004-08-10 12:00:00 146,944 -c--a-w C:\WINDOWS\system32\dllcache\winspool.drv
+ 2004-08-10 12:00:00 2,112 -c--a-w C:\WINDOWS\system32\dllcache\winspool.exe
+ 2004-08-10 12:00:00 2,736 -c--a-w C:\WINDOWS\system32\dllcache\wowdeb.exe
+ 2004-08-10 12:00:00 3,200 -c--a-w C:\WINDOWS\system32\dllcache\wowfax.dll
- 2006-06-26 17:41:32 148,480 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-02-20 05:35:05 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-03-29 17:26:52 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
+ 2008-03-29 17:35:49 20,560 ----a-w C:\WINDOWS\system32\drivers\aswFsBlk.sys
+ 2008-01-17 15:34:01 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
+ 2008-03-29 17:35:21 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
+ 2008-03-29 17:29:08 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
+ 2008-03-29 17:31:34 75,856 ----a-w C:\WINDOWS\system32\drivers\aswSP.sys
+ 2008-03-29 17:27:33 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
+ 2004-08-10 12:00:00 2,944 ----a-w C:\WINDOWS\system32\drivers\drmkaud.sys
- 2004-08-10 12:00:00 181,248 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
+ 2007-12-18 09:51:35 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
+ 2004-08-10 12:00:00 2,944 ----a-w C:\WINDOWS\system32\drivers\null.sys
- 2007-10-11 06:13:39 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-02-16 09:02:34 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2007-10-11 06:13:39 205

décidément !!! voila la suite de combofix et le rapport hijack :

- 2007-10-11 06:13:39 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-02-16 09:02:34 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2007-10-11 06:13:39 205,312 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-02-16 09:02:35 205,312 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-10-11 06:13:39 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-02-16 09:02:35 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2004-08-10 12:00:00 12,416 -c--a-w C:\WINDOWS\system32\dllcache\fsvga.sys
- 2007-06-19 13:32:25 282,112 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
+ 2008-02-20 06:51:00 282,624 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
+ 2004-08-10 02:47:52 17,024 -c--a-w C:\WINDOWS\system32\dllcache\hidir.sys
- 2007-10-10 11:16:27 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2008-02-15 09:23:37 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
- 2007-10-11 06:13:39 251,392 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2008-02-16 09:02:35 251,392 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
- 2007-10-11 06:13:39 96,768 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2008-02-16 09:02:35 96,768 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
- 2007-11-14 07:28:02 450,560 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2007-12-18 14:41:58 450,560 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
- 2007-10-11 06:13:39 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-02-16 09:02:35 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2004-08-10 12:00:00 2,000 -c--a-w C:\WINDOWS\system32\dllcache\keyboard.drv
+ 2004-08-10 12:00:00 2,560 -c--a-w C:\WINDOWS\system32\dllcache\lz32.dll
+ 2004-08-10 12:00:00 73,680 -c--a-w C:\WINDOWS\system32\dllcache\mciavi.drv
+ 2004-08-10 12:00:00 25,280 -c--a-w C:\WINDOWS\system32\dllcache\mciseq.drv
+ 2004-08-10 12:00:00 28,160 -c--a-w C:\WINDOWS\system32\dllcache\mciwave.drv
+ 2004-08-10 12:00:00 63,744 -c--a-w C:\WINDOWS\system32\dllcache\mf.sys
+ 2004-08-10 12:00:00 2,032 -c--a-w C:\WINDOWS\system32\dllcache\mouse.drv
- 2004-08-10 12:00:00 181,248 -c--a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
+ 2007-12-18 09:51:35 179,584 -c--a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
- 2007-10-30 10:18:16 3,079,680 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-02-16 22:32:38 3,080,704 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-10-11 06:13:40 449,024 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-02-16 09:02:36 449,024 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2007-10-11 06:13:40 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-02-16 09:02:37 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2007-10-11 06:13:40 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-02-16 09:02:37 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2004-08-10 12:00:00 12,032 -c--a-w C:\WINDOWS\system32\dllcache\nikedrv.sys
+ 2004-08-10 12:00:00 2,944 -c--a-w C:\WINDOWS\system32\dllcache\null.sys
- 2007-05-17 11:29:50 549,376 -c--a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
+ 2007-12-04 18:41:36 550,912 -c--a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
+ 2004-08-10 12:00:00 3,456 -c--a-w C:\WINDOWS\system32\dllcache\oprghdlr.sys
+ 2004-08-10 12:00:00 25,088 -c--a-w C:\WINDOWS\system32\dllcache\pciidex.sys
- 2007-10-11 06:13:40 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-02-16 09:02:37 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2004-08-10 12:00:00 39,552 -c--a-w C:\WINDOWS\system32\dllcache\processr.sys
+ 2004-08-10 12:00:00 12,032 -c--a-w C:\WINDOWS\system32\dllcache\rio8drv.sys
+ 2004-08-10 12:00:00 12,032 -c--a-w C:\WINDOWS\system32\dllcache\riodrv.sys
+ 2004-08-10 12:00:00 96,256 -c--a-w C:\WINDOWS\system32\dllcache\scsiport.sys
- 2007-10-11 06:13:40 1,495,040 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
+ 2008-02-16 09:02:38 1,495,040 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
- 2007-10-11 06:13:41 474,624 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2008-02-16 09:02:38 474,624 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2004-08-10 12:00:00 25,472 -c--a-w C:\WINDOWS\system32\dllcache\sonydcam.sys
+ 2004-08-10 12:00:00 1,744 -c--a-w C:\WINDOWS\system32\dllcache\sound.drv
+ 2004-08-10 12:00:00 3,360 -c--a-w C:\WINDOWS\system32\dllcache\system.drv
+ 2004-08-10 12:00:00 4,096 -c--a-w C:\WINDOWS\system32\dllcache\timer.drv
+ 2004-08-10 12:00:00 21,376 -c--a-w C:\WINDOWS\system32\dllcache\tsbvcap.sys
+ 2004-08-10 12:00:00 12,416 -c--a-w C:\WINDOWS\system32\dllcache\tunmp.sys
- 2007-10-11 06:13:41 617,472 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-02-16 09:02:39 617,984 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2004-08-10 12:00:00 23,808 -c--a-w C:\WINDOWS\system32\dllcache\usbcamd.sys
+ 2004-08-10 12:00:00 23,936 -c--a-w C:\WINDOWS\system32\dllcache\usbcamd2.sys
+ 2004-08-10 12:00:00 16,000 -c--a-w C:\WINDOWS\system32\dllcache\usbintel.sys
- 2004-08-10 12:00:00 417,792 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2007-12-18 14:41:59 417,792 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2004-08-10 12:00:00 2,176 -c--a-w C:\WINDOWS\system32\dllcache\vga.drv
+ 2004-08-10 12:00:00 13,600 -c--a-w C:\WINDOWS\system32\dllcache\wfwnet.drv
- 2007-03-08 15:33:58 1,843,712 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
+ 2008-03-20 08:09:22 1,845,376 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
- 2007-10-11 06:13:41 663,552 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-02-16 09:02:39 663,552 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2004-08-10 12:00:00 2,864 -c--a-w C:\WINDOWS\system32\dllcache\winsock.dll
+ 2004-08-10 12:00:00 146,944 -c--a-w C:\WINDOWS\system32\dllcache\winspool.drv
+ 2004-08-10 12:00:00 2,112 -c--a-w C:\WINDOWS\system32\dllcache\winspool.exe
+ 2004-08-10 12:00:00 2,736 -c--a-w C:\WINDOWS\system32\dllcache\wowdeb.exe
+ 2004-08-10 12:00:00 3,200 -c--a-w C:\WINDOWS\system32\dllcache\wowfax.dll
- 2006-06-26 17:41:32 148,480 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-02-20 05:35:05 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-03-29 17:26:52 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
+ 2008-03-29 17:35:49 20,560 ----a-w C:\WINDOWS\system32\drivers\aswFsBlk.sys
+ 2008-01-17 15:34:01 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
+ 2008-03-29 17:35:21 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
+ 2008-03-29 17:29:08 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
+ 2008-03-29 17:31:34 75,856 ----a-w C:\WINDOWS\system32\drivers\aswSP.sys
+ 2008-03-29 17:27:33 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
+ 2004-08-10 12:00:00 2,944 ----a-w C:\WINDOWS\system32\drivers\drmkaud.sys
- 2004-08-10 12:00:00 181,248 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
+ 2007-12-18 09:51:35 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
+ 2004-08-10 12:00:00 2,944 ----a-w C:\WINDOWS\system32\drivers\null.sys
- 2007-10-11 06:13:39 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-02-16 09:02:34 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2007-10-11 06:13:39 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-02-16 09:02:35 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2005-09-01 06:13:34 21,892 -c--a-w C:\WINDOWS\system32\emptyregdb.dat
+ 2008-02-02 00:42:04 35,076 -c--a-w C:\WINDOWS\system32\emptyregdb.dat
- 2007-10-11 06:13:39 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-02-16 09:02:35 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
- 1999-01-12 21:54:26 1,109,264 ----a-w C:\WINDOWS\system32\FM20.DLL
+ 2006-10-26 13:10:08 1,190,688 ----a-w C:\WINDOWS\system32\FM20.DLL
+ 2006-10-26 13:10:06 33,088 ----a-w C:\WINDOWS\system32\FM20ENU.DLL
- 1999-03-29 14:11:04 29,456 ----a-w C:\WINDOWS\system32\FM20FRA.DLL
+ 2006-10-26 13:42:36 36,160 ----a-w C:\WINDOWS\system32\FM20FRA.DLL
- 2007-12-08 14:39:04 181,832 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-04-10 20:20:28 300,440 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2007-10-11 06:13:39 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2008-02-16 09:02:35 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2007-10-11 06:13:39 96,768 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2008-02-16 09:02:35 96,768 ----a-w C:\WINDOWS\system32\inseng.dll
- 2007-09-24 20:30:28 135,168 ----a-w C:\WINDOWS\system32\java.exe
+ 2008-02-22 00:23:35 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2007-09-24 20:30:30 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2008-02-22 00:23:39 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2007-09-24 21:31:42 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2008-02-22 01:33:32 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
- 2007-11-14 07:28:02 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2007-12-18 14:41:58 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
- 2007-10-11 06:13:39 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-02-16 09:02:35 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2004-08-10 12:00:00 2,000 ----a-w C:\WINDOWS\system32\keyboard.drv
+ 2004-08-10 12:00:00 224,448 ----a-w C:\WINDOWS\system32\lanman.drv
- 2007-03-15 16:19:28 1,476,992 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
+ 2008-03-20 16:06:36 1,480,232 ----a-w C:\WINDOWS\system32\LegitCheckControl.DLL
+ 2004-08-10 12:00:00 2,560 ----a-w C:\WINDOWS\system32\lz32.dll
+ 2007-11-20 15:52:00 2,884,992 -c--a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
+ 2007-11-20 15:52:00 218,496 -c--a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2004-08-10 12:00:00 73,680 ----a-w C:\WINDOWS\system32\mciavi.drv
+ 2004-08-10 12:00:00 25,280 ----a-w C:\WINDOWS\system32\mciseq.drv
+ 2004-08-10 12:00:00 28,160 ----a-w C:\WINDOWS\system32\mciwave.drv
+ 2004-08-10 12:00:00 2,032 ----a-w C:\WINDOWS\system32\mouse.drv
+ 2004-08-10 12:00:00 20,992 ----a-w C:\WINDOWS\system32\msacm32.drv
+ 2004-08-10 12:00:00 188,416 ----a-w C:\WINDOWS\system32\msh261.drv
+ 2004-08-03 22:55:04 294,912 ----a-w C:\WINDOWS\system32\msh263.drv
- 2007-10-30 10:18:16 3,079,680 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-02-16 22:32:38 3,080,704 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-10-11 06:13:40 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-02-16 09:02:36 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2007-10-11 06:13:40 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-02-16 09:02:37 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
- 1998-08-09 18:07:32 118,784 -c--a-w C:\WINDOWS\system32\MSSTDFMT.DLL
+ 2006-07-24 09:50:38 125,744 ----a-w C:\WINDOWS\system32\MSSTDFMT.DLL
- 2007-10-11 06:13:40 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-02-16 09:02:37 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2004-08-10 12:00:00 2,656 -c--a-w C:\WINDOWS\system32\netware.drv
- 2007-05-17 11:29:50 549,376 ----a-w C:\WINDOWS\system32\oleaut32.dll
+ 2007-12-04 18:41:36 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
- 2007-03-24 10:27:16 53,770 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-04-11 10:17:53 53,770 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2007-03-17 13:59:51 64,922 ----a-w C:\WINDOWS\system32\perfc00C.dat
+ 2008-04-11 10:17:53 64,922 ----a-w C:\WINDOWS\system32\perfc00C.dat
- 2007-03-24 10:27:16 382,026 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-04-11 10:17:53 382,026 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2007-03-17 13:59:51 447,222 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2008-04-11 10:17:53 447,222 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2008-03-09 11:12:40 278,528 ----a-w C:\WINDOWS\system32\pncrt.dll
+ 2008-03-09 11:12:41 6,656 ----a-w C:\WINDOWS\system32\pndx5016.dll
+ 2008-03-09 11:12:41 5,632 ----a-w C:\WINDOWS\system32\pndx5032.dll
- 2007-10-11 06:13:40 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-02-16 09:02:37 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2005-03-30 13:55:24 339,968 -c--a-w C:\WINDOWS\system32\Px.dll
+ 2008-02-21 02:05:38 551,672 -c----w C:\WINDOWS\system32\Px.dll
+ 2008-02-21 02:05:38 66,296 ------w C:\WINDOWS\system32\pxcpya64.exe
- 2005-10-31 01:01:00 442,368 -c--a-w C:\WINDOWS\system32\pxdrv.dll
+ 2008-02-21 02:05:38 518,904 -c----w C:\WINDOWS\system32\pxdrv.dll
+ 2008-02-21 02:05:40 72,440 ------w C:\WINDOWS\system32\pxhpinst.exe
+ 2008-02-21 02:05:38 64,760 ------w C:\WINDOWS\system32\pxinsa64.exe
- 2005-03-30 13:54:30 172,032 -c--a-w C:\WINDOWS\system32\PxMas.dll
+ 2008-02-21 02:05:40 187,128 -c----w C:\WINDOWS\system32\PxMas.dll
- 2005-03-30 13:58:32 1,077,248 -c--a-w C:\WINDOWS\system32\PxSFS.DLL
+ 2008-02-21 02:05:38 1,628,920 -c----w C:\WINDOWS\system32\PxSFS.DLL
- 2005-03-30 13:54:02 339,968 -c--a-w C:\WINDOWS\system32\PxWave.dll
+ 2008-02-21 02:05:38 379,640 -c----w C:\WINDOWS\system32\PxWave.dll
- 2008-01-16 20:56:52 8,013,036 ----a-w C:\WINDOWS\system32\Restore\rstrlog.dat
+ 2008-04-11 19:53:52 221,876 ----a-w C:\WINDOWS\system32\Restore\rstrlog.dat
+ 2008-03-09 11:12:57 185,944 ----a-w C:\WINDOWS\system32\rmoc3260.dll
- 2007-10-11 06:13:40 1,495,040 ----a-w C:\WINDOWS\system32\shdocvw.dll
+ 2008-02-16 09:02:38 1,495,040 ----a-w C:\WINDOWS\system32\shdocvw.dll
- 2007-10-11 06:13:41 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll
+ 2008-02-16 09:02:38 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll
+ 2004-08-10 12:00:00 1,744 ----a-w C:\WINDOWS\system32\sound.drv
+ 2004-08-10 12:00:00 3,360 ----a-w C:\WINDOWS\system32\system.drv
+ 2004-08-10 12:00:00 4,096 ----a-w C:\WINDOWS\system32\timer.drv
- 2007-10-11 06:13:41 617,472 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-02-16 09:02:39 617,984 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2004-08-10 12:00:00 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2007-12-18 14:41:59 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2004-08-10 12:00:00 2,176 ----a-w C:\WINDOWS\system32\vga.drv
- 2005-08-12 01:00:00 28,672 ----a-w C:\WINDOWS\system32\VXBLOCK.dll
+ 2008-02-21 02:05:38 88,824 ----a-w C:\WINDOWS\system32\vxblock.dll
+ 2004-08-10 12:00:00 23,552 ----a-w C:\WINDOWS\system32\wdmaud.drv
+ 2004-08-10 12:00:00 13,600 ----a-w C:\WINDOWS\system32\wfwnet.drv
+ 2002-11-06 01:45:32 327,680 ----a-w C:\WINDOWS\system32\windows media\server\wmsservertypelib.dll
+ 2004-08-10 12:00:00 2,864 ----a-w C:\WINDOWS\system32\winsock.dll
+ 2004-08-10 12:00:00 146,944 ----a-w C:\WINDOWS\system32\winspool.drv
+ 2004-08-10 12:00:00 2,112 ----a-w C:\WINDOWS\system32\winspool.exe
+ 2002-11-06 01:10:14 167,936 ----a-w C:\WINDOWS\system32\wmserror.dll
+ 2004-08-10 12:00:00 2,736 ----a-w C:\WINDOWS\system32\wowdeb.exe
- 2007-10-29 15:35:14 121,856 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2008-02-15 23:03:14 370,176 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2000-08-31 06:00:00 49,152 ----a-w C:\WINDOWS\VFind.exe
+ 2006-10-26 12:40:34 95,744 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
+ 2006-10-26 12:40:36 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll
+ 2006-10-26 12:40:36 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll
+ 2006-10-26 12:40:36 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll
+ 2006-10-26 12:40:36 1,093,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2006-10-26 12:40:36 1,079,808 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
+ 2006-10-26 12:40:36 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2006-10-26 12:40:36 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2006-10-26 12:40:36 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
+ 2006-10-26 12:40:36 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
+ 2006-10-26 12:40:36 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
+ 2006-10-26 12:40:36 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
+ 2006-10-26 12:40:36 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
+ 2006-10-26 12:40:36 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
+ 2006-10-26 12:40:36 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
+ 2006-10-26 12:40:36 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
+ 2006-10-26 12:40:36 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
+ 2000-08-31 06:00:00 68,096 ----a-w C:\WINDOWS\zip.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-20 10:41 68856]
"DellSupport"="C:\Program Files\Dell Support\DSAgnt.exe" [2006-07-16 23:29 389120]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-04-12 20:07 288576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 20:48 761947]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-25 01:30 282624 C:\WINDOWS\stsystra.exe]
"PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [2006-08-22 17:32 184320]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-05-01 11:28 667718]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-05-01 11:28 602182]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-11 21:53 1838592]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-09-29 16:01 67584]
"DMXLauncher"="C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe" [2004-10-20 02:01 86016]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 07:20 122940]
"CTSVolFE.exe"="C:\Program Files\Creative\Mixer\CTSVolFE.exe" [2005-02-23 17:57 57344]
"Corel Photo Downloader"="C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe" [2006-08-14 16:20 462336]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-10 14:00 110592 C:\WINDOWS\system32\bthprops.cpl]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 11:45 63712]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-01-15 17:20 77824]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2007-03-30 20:00 138008]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-03-30 20:00 162584]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-03-30 19:59 138008]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-08-09 06:03 221184]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-03-09 13:12 185896]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 14:00 15360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2006-11-16 12:30:06 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ComPlusSetup]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wvUnmKax]
wvUnmKax.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001


*Newly Created Service* - MDMXSDK
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-04-20 14:16:00 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2008-04-19 00:14:00 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
"2008-04-18 13:00:00 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
"2008-04-20 13:00:01 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-20 16:28:52
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...


**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\bxxuyoem]
"ImagePath"="system32\drivers\nxhtnxme.dat"
.
Temps d'accomplissement: 2008-04-20 16:30:59
ComboFix-quarantined-files.txt 2008-04-20 14:29:56

Pre-Run: 27,269,341,184 octets libres
Post-Run: 27,257,274,368 octets libres

1006 --- E O F --- 2008-04-10 19:53:04



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:53:36, on 22/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://secure.caramail.lycos.fr/se [...] c_home_tab
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client [...] bd=6061116
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {49D8D988-6D77-4E24-8A27-914FBCCC782F} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-3361232125-835192129-3529576560-1005\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User '?')
O4 - HKUS\S-1-5-21-3361232125-835192129-3529576560-1005\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Farm Frenzy\Images\stg_drm.ocx
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 4600227296
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Farm Frenzy\Images\armhelper.ocx
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: wvUnmKax - wvUnmKax.dll (file missing)
O21 - SSODL: AvpUnknown - {80b16cef-1d34-45a6-8361-48947811abf6} - (no file)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 11908 bytes

Désactive toute protection résidente ( antivirus…) !

Copie le texte se situant dans le cadre ci-dessous, sans le mot citation :

Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier ComboFix-Do.txt dans Combofix.exe comme ci-dessous :



Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un nouveau rapport Hijackthis.
S'il n'y a pas de redémarrage, poste quand même les rapports.

et j'aimerais savoir si le logiciel Betclic poker était infecté par un virus. Car il a été desinstallé. J'aimerais savoir si je peux le réinstaller. Merci!!

il m'affiche une nouvelle fenêtre avec ceci :


0 bytes size received / Se ha recibido un archivo vacio

0 bytes size received / Se ha recibido un archivo vacio


dslé!!

Microsoft Windows XP [version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\moumoune.WESHWESH>dir /a "%windir%\SwSys2.bmp"
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est B4EE-E5E6

Répertoire de C:\WINDOWS

2008-04-10 23:38 0 SwSys2.bmp
1 fichier(s) 0 octets
0 Rép(s) 25,855,418,368 octets libres

Le PC va bien!!! ça fait plaisir!!


2008-04-24 ---- 19:23:22.48

----------------------------------
§§§§§§ [SwSys2] §§§§§§
----------------------------------
[X] Registre

-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete


********************
[Registre]
********************


[HKEY_USERS\S-1-5-21-3361232125-835192129-3529576560-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\*]
"h"="C:\\WINDOWS\\SwSys2.bmp"

[HKEY_USERS\S-1-5-21-3361232125-835192129-3529576560-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\bmp]
"a"="C:\\WINDOWS\\SwSys2.bmp"

*******************
[Fichier]
*******************

c:\Documents and Settings\moumoune.WESHWESH\Recent\SwSys2.bmp.lnk
c:\WINDOWS\SwSys2.bmp


*********************
[Même date]
*********************

[2008-04-10 ] ---> C:\WINDOWS\SwSys1.bmp
[2008-04-10 ] ---> C:\WINDOWS\SwSys2.bmp
[2008-04-10 ] ---> C:\WINDOWS\system32\clkcnt.txt



Outil Aide Diagnostic By !aur3n7 Version 1.1
----------------------------------
§§§§§ Fin Rapport §§§§§
----------------------------------

je suis désolé mais je comprend pas la notice... lol
Déjà il n'y a qu'une seule ligne à copier, et ensuite, quand je la colle, le rapport qu'on me donne est vierge...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:17, on 2008-04-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://secure.caramail.lycos.fr/se [...] c_home_tab
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client [...] bd=6061116
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {49D8D988-6D77-4E24-8A27-914FBCCC782F} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-3361232125-835192129-3529576560-1005\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User '?')
O4 - HKUS\S-1-5-21-3361232125-835192129-3529576560-1005\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Farm Frenzy\Images\stg_drm.ocx
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 4600227296
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Farm Frenzy\Images\armhelper.ocx
O21 - SSODL: AvpUnknown - {80b16cef-1d34-45a6-8361-48947811abf6} - (no file)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 11654 bytes



PS: j'ai réinstaller betclick poker.......................................................... J'ai pas pu m'en empêcher. Je me suis dit que s'il y a tellement de monde dessus c'est que ça doit pas être si dangereux.....

j'ai eu un problème il y a quelque temps et on m'a conseillé d'installer antivir. Seulement il y avait des problèmes, je ne pouvait plus acceder à ma boite mail.. On a tout essayer pour les régler mais rien n'a fonctionné. Est ce vraiment indispensable?

Friday, April 25, 2008 11:06:34 PM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 24/04/2008
Enregistrements dans la base antivirus Kaspersky : 647796
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
C:\
D:\
Statistiques de l'analyse
Total d'objets analysés 84463
Nombre de virus trouvés 11
Nombre d'objets infectés 41 / 0
Nombre d'objets suspects 0
Durée de l'analyse 01:24:50

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\dbc2e.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\dbdam L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\dbdao L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\dbeam L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\dbeao L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\dbm L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\dbu2d.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\dbvm.cf1 L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\dbvmh.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\fii.cf1 L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\fiih.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\hp L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\hpt2i.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\rpm.cf1 L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\rpm1m.cf1 L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\rpm1mh.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\rpmh.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\safeweb\goog-black-enchashm.cf1 L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\safeweb\goog-black-enchashmh.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\safeweb\goog-black-urlm.cf1 L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\safeweb\goog-black-urlmh.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\safeweb\goog-malware-domainm.cf1 L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\safeweb\goog-malware-domainmh.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\safeweb\goog-white-domainm.cf1 L'objet est verrouillé ignoré
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Google Desktop\8c35ed789098\safeweb\goog-white-domainmh.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\temp\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\temp\Fichiers Internet temporaires\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\temp\History\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\AUPNP.log L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\DSAgnt.log L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\DSAgnt_GTActions.log L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\glog.log L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.40404 Infecté : not-virus:Hoax.Win32.Agent.cg ignoré
C:\Documents and Settings\moumoune.WESHWESH\Application Data\Mozilla\Firefox\Profiles\p4pbr8ff.default\cert8.db L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Application Data\Mozilla\Firefox\Profiles\p4pbr8ff.default\GoogleToolbarData\googlesafebrowsing.db L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Application Data\Mozilla\Firefox\Profiles\p4pbr8ff.default\history.dat L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Application Data\Mozilla\Firefox\Profiles\p4pbr8ff.default\key3.db L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Application Data\Mozilla\Firefox\Profiles\p4pbr8ff.default\parent.lock L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Application Data\Mozilla\Firefox\Profiles\p4pbr8ff.default\search.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Application Data\Mozilla\Firefox\Profiles\p4pbr8ff.default\urlclassifier2.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Local Settings\Application Data\Mozilla\Firefox\Profiles\p4pbr8ff.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Local Settings\Application Data\Mozilla\Firefox\Profiles\p4pbr8ff.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Local Settings\Application Data\Mozilla\Firefox\Profiles\p4pbr8ff.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Local Settings\Application Data\Mozilla\Firefox\Profiles\p4pbr8ff.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Local Settings\Temp\~DFF72F.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\Mes documents\Applications\Setup.exe Infecté : Trojan-Downloader.Win32.Zlob.kpu ignoré
C:\Documents and Settings\moumoune.WESHWESH\ntuser.dat L'objet est verrouillé ignoré
C:\Documents and Settings\moumoune.WESHWESH\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré
C:\QooBox\Quarantine\C\WINDOWS\Resources\AvpUnknown.dll.vir Infecté : Trojan.Win32.Agent.jqa ignoré
C:\QooBox\Quarantine\C\WINDOWS\Resources\CheckWin.dll.vir Infecté : Trojan.Win32.Agent.jqa ignoré
C:\QooBox\Quarantine\C\WINDOWS\system32\awttuSll.dll.vir Infecté : Packed.Win32.Monder.gen ignoré
C:\QooBox\Quarantine\C\WINDOWS\system32\axgqlhmx.dll.vir Infecté : Trojan.Win32.KillAV.rf ignoré
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\nxhtnxme.dat.vir L'objet est verrouillé ignoré
C:\QooBox\Quarantine\C\WINDOWS\system32\hxysoaiw.dll.vir Infecté : Trojan.Win32.KillAV.rf ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP106\A0036117.dll Infecté : Trojan-Dropper.Win32.Agent.qfy ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP106\A0036127.dll Infecté : Trojan-Dropper.Win32.Agent.qfy ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP107\A0037262.dll Infecté : Packed.Win32.Monder.gen ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP108\A0038411.dll Infecté : Packed.Win32.Monder.gen ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP109\A0039571.dll Infecté : Packed.Win32.Monder.gen ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP109\A0039587.dll Infecté : Trojan-Downloader.Win32.Zlob.lqb ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP109\A0039588.exe Infecté : Trojan-Downloader.Win32.Zlob.lka ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP109\A0039612.dll Infecté : Trojan-Downloader.Win32.Zlob.lqb ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP109\A0039613.exe Infecté : Trojan-Downloader.Win32.Zlob.lka ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP109\A0039629.dll Infecté : Packed.Win32.Monder.gen ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP109\A0039640.dll Infecté : Trojan-Downloader.Win32.Zlob.lqb ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP109\A0039641.exe Infecté : Trojan-Downloader.Win32.Zlob.lka ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP109\A0040668.dll Infecté : Trojan-Downloader.Win32.Zlob.lqb ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP109\A0040669.exe Infecté : Trojan-Downloader.Win32.Zlob.lka ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP110\A0040700.dll Infecté : Trojan-Downloader.Win32.Zlob.lqb ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP110\A0040701.exe Infecté : Trojan-Downloader.Win32.Zlob.lka ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP110\A0040729.dll Infecté : Trojan-Downloader.Win32.Zlob.lqb ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP110\A0040730.exe Infecté : Trojan-Downloader.Win32.Zlob.lka ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP110\A0040759.dll Infecté : Packed.Win32.Monder.gen ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP110\A0040761.dll Infecté : Packed.Win32.Monder.gen ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP110\A0040763.dll Infecté : Packed.Win32.Monder.gen ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP110\A0040765.dll Infecté : Trojan-Downloader.Win32.Zlob.lqb ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP110\A0040766.exe Infecté : Trojan-Downloader.Win32.Zlob.ljz ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP110\A0040767.exe Infecté : Trojan-Downloader.Win32.Zlob.lka ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP110\A0040768.exe Infecté : not-virus:Hoax.Win32.Gavec.bc ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP110\A0040769.dll Infecté : not-virus:Hoax.Win32.Agent.cg ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP110\A0040770.exe Infecté : Trojan-Downloader.Win32.Obfuscated.ra ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP110\A0040863.dll Infecté : Packed.Win32.Monder.gen ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP110\A0040967.dll Infecté : Trojan.Win32.KillAV.rf ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP110\A0040968.dll Infecté : Trojan.Win32.KillAV.rf ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP110\A0040969.dll Infecté : Trojan.Win32.Agent.jqa ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP110\A0040970.dll Infecté : Trojan.Win32.Agent.jqa ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP110\A0040971.dll Infecté : Packed.Win32.Monder.gen ignoré
C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP118\change.log L'objet est verrouillé ignoré
C:\VundoFix Backups\sgmaohsm.dll.bad Infecté : Packed.Win32.Monder.gen ignoré
C:\WINDOWS\CSC\00000001 L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt L'objet est verrouillé ignoré
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{EF4F516B-0D35-47B7-966C-CA7C79CD7370}.crmlog L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\EventCache\{B0B045F7-79F7-4F17-8858-85A3C688109B}.bin L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\DEFAULT.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Media Ce.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ODiag.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\OSession.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\sam L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\security L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SOFTWARE.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SYSTEM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\TEMP\Perflib_Perfdata_7f0.dat L'objet est verrouillé ignoré
C:\WINDOWS\TEMP\_avast4_\Webshlock.txt L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
Analyse terminée.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:38, on 2008-04-26
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\BetClic Poker\poker.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client [...] bd=6061116
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {49D8D988-6D77-4E24-8A27-914FBCCC782F} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-3361232125-835192129-3529576560-1005\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User '?')
O4 - HKUS\S-1-5-21-3361232125-835192129-3529576560-1005\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" (User '?')
O4 - HKUS\S-1-5-21-3361232125-835192129-3529576560-1005\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Farm Frenzy\Images\stg_drm.ocx
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 4600227296
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Farm Frenzy\Images\armhelper.ocx
O21 - SSODL: AvpUnknown - {80b16cef-1d34-45a6-8361-48947811abf6} - (no file)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 12050 bytes

-->- Recherche:

C:\Combofix: trouvé !
C:\Vundofix backups: trouvé !
C:\Qoobox: trouvé !
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\moumoune.WESHWESH\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\moumoune.WESHWESH\Mes documents\Applications\protection\vundoFix.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\QooBox\Quarantine\C\Combofix: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\moumoune.WESHWESH\Bureau\ComboFix.exe: supprimé !
C:\Documents and Settings\moumoune.WESHWESH\Mes documents\Applications\protection\vundoFix.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Combofix: supprimé !
C:\Vundofix backups: supprimé !
C:\Qoobox: supprimé !
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !

Point de restauration crée !
Fichiers temporaires nettoyés !
Corbeille vidée!
Sauvegarde du registre crée !



je suis désolé je n'avais plus Internet pendant un moment. Merci infiniment pour votre aide. C'est vraiment super ce que vous faites.

Merci encore et bonne continuation