Envahi de virus, aidez moi

Bonsoir
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

Bonsoir
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

• Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
• Afin de lancer la recherche, clic sur"Rechercher".
• Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.

AIDE : Tuto en images sur MBAM

Sa plante en mode sans échec, je fais l'analyse normalement



Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1316
Windows 5.1.2600 Service Pack 2

2008-10-27 13:52:17
mbam-log-2008-10-27 (13-52-17).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 177749
Temps écoulé: 51 minute(s), 15 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 7
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 21

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bfc08cff-c737-4433-bd5a-0ee7efcfee54} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Solt Lake Software (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\pro antispyware 2009 (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ErrorSafeFree (Rogue.Errorsafe) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\system34 (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\Solt Lake Software (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009 (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\SAVED (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\DELETED (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\BASE (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP609\A0183475.exe (Trojan.Shutdowner) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{004AA4CB-CEFA-470B-84B6-7AE41AC1EA5D}\RP609\A0183516.dll (Adware.Rotator) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\proas2009.exe (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081022162634375.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081022172521812.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081022191623984.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081023094041890.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081023193814265.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081025030855125.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081025094902546.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081025140435968.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081026075408843.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081026151247421.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081027091558203.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081027121700937.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081027125302218.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\SoftwareProtection\systemvital.exe (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\spcimrdagl_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\spcimrdagl_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:37, on 2008-10-27
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\DOCUME~1\EDMOND~1\LOCALS~1\Temp\RtkBtMnt.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\emMON.exe
C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\System32\regsvr32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Acer\Empowering Technology\eLock\LockServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\STK02N\STK02NM.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\SpamBlockerUtility\bin\10.2.230.0\Weather.exe
C:\Program Files\SpamBlockerUtility\bin\10.2.230.0\OEAddOn.exe
C:\Program Files\SpamBlockerUtility\bin\10.2.230.0\SBUSA.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\SpamBlockerUtility\bin\10.2.230.0\Srv.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.1/ServicesAcces.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {040918d8-abe8-4c5b-9a03-17eb4d98ec77} - C:\WINDOWS\system32\bawkcext.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SmartShopper - {2BA1C226-EC1B-4471-A65F-D0688AC6EE3A} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll
O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: SpamBlockerUtility - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\SpamBlockerUtility\bin\10.2.230.0\HostIE.dll
O2 - BHO: mxlivemedia browser enhancer - {BFEDCF21-CDB3-F31E-0FE9-1C922D172D94} - C:\WINDOWS\system32\ceeohtmxbbfglikh.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL (file missing)
O3 - Toolbar: SpamBlockerUtility - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\SpamBlockerUtility\bin\10.2.230.0\HostIE.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [Kaspersky] C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab\KAV Personal Pro\5.0\Save Kaspersky.bat
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [emMON] emMON.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [fqfnhjhkgxisan] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\ceeohtmxbbfglikh.dll"
O4 - HKLM\..\Run: [Spam Blocker for Outlook Express] C:\PROGRA~1\SPAMBL~1\bin\102230~1.0\SBInst.exe
O4 - HKLM\..\Run: [SpamBlockerUtilityOE] C:\Program Files\SpamBlockerUtility\bin\10.2.230.0\OEAddOn.exe
O4 - HKLM\..\Run: [SBUSA] "C:\Program Files\SpamBlockerUtility\bin\10.2.230.0\SBUSA.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\SpamBlockerUtility\bin\10.2.230.0\Weather.exe" -auto
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: STK02N 2.1 PNP Monitor.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll
O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/Driv [...] eqlab2.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1324ACA-971E-44A5-AFA3-5E8C4873ED24}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c0018E02.dat
O20 - Winlogon Notify: awvvu - C:\WINDOWS\system32\awvvu.dll (file missing)
O20 - Winlogon Notify: geeba - C:\WINDOWS\system32\geeba.dll (file missing)
O20 - Winlogon Notify: vtstq - C:\WINDOWS\system32\vtstq.dll (file missing)
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 14172 bytes

ComboFix 08-10-27.01 - EDMOND Serge 2008-10-27 21:02:59.8 - [color=red]FAT32[/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.591 [GMT 1:00]

[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlocker
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1053176.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1059660.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1317734.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1383356.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1383771.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1387273.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1396684.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1404209.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2066842.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\269318.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2884323.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2899627.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2899657.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2904096.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\323090.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3422683.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\371966.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3750949.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\3781328.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\555302.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\600583.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\785255.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\991767.sdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\domains.txt
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000023651
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000023894
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000024237
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000024375
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000024388
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000025650
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000027539
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000032923
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000032930
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000032977
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000033079
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000036809
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000047858
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000052008
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000052121
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000052451
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000052678
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000052701
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000052995
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000053072
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000053091
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000053498
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000053560
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000054461
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000056104
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000057533
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000057972
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000058289
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000058647
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000059264
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000059452
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000059554
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000061422
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000061533
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000061625
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000062177
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000064073
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000067231
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000067977
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000068757
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000069439
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000069497
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000069767
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000078305
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000080510
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000082797
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\1000083033
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\12457
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\13117
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\13546
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\13632
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\14001
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\15473
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\16204
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\166379
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\17025
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\17040
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\180320
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\18261
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\18263
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\18571
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\19475
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\19650
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\2020
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\20570
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\211683
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\213217
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\22254
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\23270
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\233027
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\247895
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\25424
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\25469
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\25708
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\25803
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\25911
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\29115
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\29547
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\32242
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\33201
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\33695
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\33912
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\36834
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\374830
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\390259
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\396771
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\402844
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\41215
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\41364
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\42437
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\429978
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\436199
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\44228
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\44320
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\44458
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\4487
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\44878
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\45355
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\45373
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\45827
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\472390
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\49442
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\49444
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\51174
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\520094
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\528786
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\531510
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\542305
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\543041
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\546899
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\553177
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\567097
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\568256
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\572023
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\578150
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\583749
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\623694
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\6280
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\628262
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\639057
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\64517
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\64539
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\64736
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\652325
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\65429
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\6546
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\658110
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\6612
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\66566
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\6704
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\670684
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\67220
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\67733
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\685568
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\696893
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\705076
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\705126
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\705206
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\705215
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\705216
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\705461
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\708497
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\710858
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\715916
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\72846
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\72889
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\733622
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\738022
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\744650
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\746887
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\746932
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\749818
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\750036
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\752626
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\753083
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\753300
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\753335
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\753377
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\753378
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\753417
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\77567
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\78918
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\81830
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\81999
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\83216
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\83226
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\83690
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\85062
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\85381
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\87594
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\89500
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\90271
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\90300
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\90358
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\94469
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\95411
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\95645
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\95817
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\98250
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\ustat\3763.dat
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\ads.cdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\btntrans.idx
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\btntrans1.dat
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\business_promo.htm
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\buttondir.txt
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\components.cdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\cursors.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\d_icons_buttons_1000.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\d_icons_buttons_2000.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\d_icons_buttons_3000.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\d_icons_buttons_bar.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\d_icons_buttons_bbar1.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\d_icons_buttons_logos.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\d_icons_buttons_other.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\d_icons_weather.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\default.cdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz1.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz10.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz11.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz12.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz13.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz14.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz15.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz16.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz17.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz18.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz19.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz2.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz20.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz3.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz4.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz5.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz6.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz7.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz8.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz9.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_categorize.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_comparison.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_em_PROFL_CA_flow_b_IEB.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_explorer-Mails.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_explorer-people.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_fastutilities.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_favorites.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_Games.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_Hide.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_hotbarcom.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_Hotmail.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_hsskin.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_jemster.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_jemsterie.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_jemsteruk.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_jobsearch.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_Mails.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_new.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_premium.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_reun.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_ringtones.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_SearchBoxTrapper.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_searchfor.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_searchgo.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_weather.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_yellowpages.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\editblbuttons.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\email-def-511724-9595.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\email-t1-bg.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\hb_ie_menu.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\hotbar-premium-hotbar-premium.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\hotbar-premium.cdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\hotbar_promo.htm
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\icons2.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\ie_games_icon.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\ie_video.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\keywords.idx
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\keywords1.dat
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\layout.cdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\linkpathlegal.txt
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\progress.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\s_icons_buttons.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\sales_buttons.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\sbu_icon.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\sdfmodifier.xml
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\t2_bg.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\theweb.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\top7.cdf
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Top7_theweb.mnu
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\tsd_bg.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\weathericon.res
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\ads.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\BtnTrans.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\BtnTrans1.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\business_promo.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\buttondir.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\cursors.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\d_icons_buttons_1000.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\d_icons_buttons_2000.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\d_icons_buttons_3000.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\d_icons_buttons_bar.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\d_icons_buttons_bbar1.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\d_icons_buttons_logos.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\d_icons_buttons_other.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\d_icons_weather.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\default.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\editblbuttons.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\email-t1-bg.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\hb_ie_menu.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\hotbar-premium.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\hotbar_promo.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\icons2.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\ie_games_icon.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\ie_video.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\keywords.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\keywords1.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\layout.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\linkpathlegal.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\progress.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\s_icons_buttons.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\sales_buttons.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\samplegroups2.txt
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\samplegroups2.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\sbu_icon.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\sdfmodifier.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\t2_bg.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\top7.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\tsd_bg.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\weathericon.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility_Icons
C:\Documents and Settings\EDMOND Serge\Application Data\SpamBlockerUtility_Icons\3bSoftware_icon_1.ico
C:\Documents and Settings\EDMOND Serge\Application Data\WeatherDPA
C:\Documents and Settings\EDMOND Serge\Application Data\WeatherDPA\Weather\WeatherStartup.xml
C:\Documents and Settings\EDMOND Serge\err.log
C:\Program Files\spamblockerutility
C:\Program Files\spamblockerutility\bin\10.2.230.0\1_Trash.wav
C:\Program Files\spamblockerutility\bin\10.2.230.0\2_Balloon.wav
C:\Program Files\spamblockerutility\bin\10.2.230.0\3_Shot Gun.wav
C:\Program Files\spamblockerutility\bin\10.2.230.0\arrow.ico
C:\Program Files\spamblockerutility\bin\10.2.230.0\ASAPCom.dll
C:\Program Files\spamblockerutility\bin\10.2.230.0\Cml.exe
C:\Program Files\spamblockerutility\bin\10.2.230.0\CntntCntr.dll
C:\Program Files\spamblockerutility\bin\10.2.230.0\copyright.txt
C:\Program Files\spamblockerutility\bin\10.2.230.0\CoreSrv.dll
C:\Program Files\spamblockerutility\bin\10.2.230.0\firefox\extensions\chrome.manifest
C:\Program Files\spamblockerutility\bin\10.2.230.0\firefox\extensions\components\npclntax.xpt
C:\Program Files\spamblockerutility\bin\10.2.230.0\firefox\extensions\install.rdf
C:\Program Files\spamblockerutility\bin\10.2.230.0\firefox\extensions\plugins\npclntax_SBUSA.dll
C:\Program Files\spamblockerutility\bin\10.2.230.0\HostIE.dll
C:\Program Files\spamblockerutility\bin\10.2.230.0\HostOE.dll
C:\Program Files\spamblockerutility\bin\10.2.230.0\HostOL.dll
C:\Program Files\spamblockerutility\bin\10.2.230.0\link.ico
C:\Program Files\spamblockerutility\bin\10.2.230.0\OEAddOn.exe
C:\Program Files\spamblockerutility\bin\10.2.230.0\Redemption.dll
C:\Program Files\spamblockerutility\bin\10.2.230.0\SBClientSinkPS.dll
C:\Program Files\spamblockerutility\bin\10.2.230.0\SBOLExp.dll
C:\Program Files\spamblockerutility\bin\10.2.230.0\SBOLExt.dll
C:\Program Files\spamblockerutility\bin\10.2.230.0\SBSrvPS.dll
C:\Program Files\spamblockerutility\bin\10.2.230.0\SBTrayAppPS.dll
C:\Program Files\spamblockerutility\bin\10.2.230.0\SBUIRes.dll
C:\Program Files\spamblockerutility\bin\10.2.230.0\SBUISkin.dll
C:\Program Files\spamblockerutility\bin\10.2.230.0\SBUSA.exe
C:\Program Files\spamblockerutility\bin\10.2.230.0\SBUSAAX.dll
C:\Program Files\spamblockerutility\bin\10.2.230.0\SBUSADF.exe
C:\Program Files\spamblockerutility\bin\10.2.230.0\SBUSAHook.dll
C:\Program Files\spamblockerutility\bin\10.2.230.0\SpamBlocker.exe
C:\Program Files\spamblockerutility\bin\10.2.230.0\SpamBlockerUtilityUninstaller.exe
C:\Program Files\spamblockerutility\bin\10.2.230.0\Srv.exe
C:\Program Files\spamblockerutility\bin\10.2.230.0\Toolbar.dll
C:\Program Files\spamblockerutility\bin\10.2.230.0\Wallpaper.dll
C:\Program Files\spamblockerutility\bin\10.2.230.0\Weather.exe
C:\Program Files\spamblockerutility\bin\10.2.230.0\WeSkin.dll
C:\WINDOWS\pack.epk
C:\WINDOWS\system32\abeeg.bak1
C:\WINDOWS\system32\abeeg.bak2
C:\WINDOWS\system32\abeeg.ini
C:\WINDOWS\system32\ajlmdjrw.ini
C:\WINDOWS\system32\amtnfpjx.ini
C:\WINDOWS\system32\aonnibsi.ini
C:\WINDOWS\system32\auuantcv.ini
C:\WINDOWS\system32\avlkcgmc.ini
C:\WINDOWS\system32\cdtkxbfa.ini
C:\WINDOWS\system32\cqxvhuho.ini
C:\WINDOWS\system32\crrdgnht.ini
C:\WINDOWS\system32\cyxnaupb.ini
C:\WINDOWS\system32\dchtirdj.ini
C:\WINDOWS\system32\dnsprltd.ini
C:\WINDOWS\system32\dsunisxr.ini
C:\WINDOWS\system32\eledusro.ini
C:\WINDOWS\system32\etwfobmk.ini
C:\WINDOWS\system32\fjwptnqv.ini
C:\WINDOWS\system32\gbdhyafy.ini
C:\WINDOWS\system32\gfqxsxpm.ini
C:\WINDOWS\system32\guiqgofq.ini
C:\WINDOWS\system32\guytuawh.ini
C:\WINDOWS\system32\iahhskdd.ini
C:\WINDOWS\system32\jgvmoxln.ini
C:\WINDOWS\system32\jlfpfmrh.ini
C:\WINDOWS\system32\jsnmaami.ini
C:\WINDOWS\system32\keblcdcb.ini
C:\WINDOWS\system32\knroalsb.ini
C:\WINDOWS\system32\kqdtsscn.ini
C:\WINDOWS\system32\kqocyjdi.ini
C:\WINDOWS\system32\kyqkrfcv.ini
C:\WINDOWS\system32\lqvaphvj.ini
C:\WINDOWS\system32\lsbmmcls.ini
C:\WINDOWS\system32\ltqkruyd.ini
C:\WINDOWS\system32\mnpmvryq.ini
C:\WINDOWS\system32\nujkxndt.ini
C:\WINDOWS\system32\ohkajsod.ini
C:\WINDOWS\system32\olsieqrc.ini
C:\WINDOWS\system32\omfatsvs.ini
C:\WINDOWS\system32\orquxqru.ini
C:\WINDOWS\system32\pcxnduwl.ini
C:\WINDOWS\system32\pmyhpkny.ini
C:\WINDOWS\system32\pudykupo.ini
C:\WINDOWS\system32\pxxpdxwl.ini
C:\WINDOWS\system32\qgjfwtab.ini2
C:\WINDOWS\system32\qgjfwtab.tmp
C:\WINDOWS\system32\qgptnnqu.ini
C:\WINDOWS\system32\qhkfkfxu.ini
C:\WINDOWS\system32\qtstv.bak1
C:\WINDOWS\system32\qtstv.bak2
C:\WINDOWS\system32\qtstv.ini
C:\WINDOWS\system32\qttss.bak1
C:\WINDOWS\system32\qttss.bak2
C:\WINDOWS\system32\qttss.ini
C:\WINDOWS\system32\qttss.ini2
C:\WINDOWS\system32\qttss.tmp
C:\WINDOWS\system32\qwtdqhda.ini
C:\WINDOWS\system32\sdcaohid.ini
C:\WINDOWS\system32\skqocdfl.ini
C:\WINDOWS\system32\sqhjvaoy.ini
C:\WINDOWS\system32\ssblxjod.ini
C:\WINDOWS\system32\tnjjrbek.ini
C:\WINDOWS\system32\tvfynuox.ini
C:\WINDOWS\system32\uahjlkif.ini
C:\WINDOWS\system32\udxijwvq.ini
C:\WINDOWS\system32\uvvwa.bak1
C:\WINDOWS\system32\uvvwa.bak2
C:\WINDOWS\system32\uvvwa.ini
C:\WINDOWS\system32\vmovjsba.ini
C:\WINDOWS\system32\vyjlnmqc.ini
C:\WINDOWS\system32\wainqcpf.ini
C:\WINDOWS\system32\wiksigvt.ini
C:\WINDOWS\system32\wmrqshfr.ini
C:\WINDOWS\system32\wyktvrgd.ini
C:\WINDOWS\system32\xolgsypw.ini
C:\WINDOWS\system32\xsnfjoar.ini
C:\WINDOWS\system32\xsujximx.ini
C:\WINDOWS\system32\xysumjgd.ini
C:\WINDOWS\system32\yhhhluuy.ini
C:\WINDOWS\system32\yvtrorjt.ini
D:\Autorun.inf

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-09-27 au 2008-10-27 ))))))))))))))))))))))))))))))))))))
.

2008-10-27 19:10 . 2008-10-27 19:10 <REP> d-------- C:\Documents and Settings\EDMOND Serge\Application Data\v3.0
2008-10-27 14:05 . 2008-10-27 14:05 <REP> d-------- C:\Program Files\SmartShopper
2008-10-27 14:05 . 2008-10-27 14:05 <REP> d-------- C:\Documents and Settings\EDMOND Serge\Application Data\SmartShopper
2008-10-27 14:05 . 2008-10-27 14:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SBUSA
2008-10-27 11:48 . 2008-10-27 11:48 172,544 --a------ C:\WINDOWS\system32\ceeohtmxbbfglikh.dll
2008-10-25 19:32 . 2008-10-25 19:32 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2008-10-25 19:31 . 2004-10-15 11:51 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-10-25 19:31 . 2004-10-15 11:51 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-10-25 19:31 . 2004-10-15 11:51 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-10-25 19:31 . 2004-10-15 12:05 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-10-25 19:31 . 2004-10-15 11:51 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-10-25 19:31 . 2004-10-15 12:05 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-10-25 19:31 . 2004-10-15 11:51 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-10-25 19:31 . 2008-10-25 19:31 <REP> d-------- C:\Documents and Settings\Administrateur
2008-10-25 13:29 . 2008-10-25 13:29 <REP> d-------- C:\Documents and Settings\EDMOND Serge\Application Data\Malwarebytes
2008-10-25 13:29 . 2008-10-22 16:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-25 13:29 . 2008-10-22 16:10 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-25 13:28 . 2008-10-25 13:29 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-25 13:28 . 2008-10-25 13:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-24 17:59 . 2008-10-24 17:59 <REP> d-------- C:\Program Files\Trend Micro
2008-10-22 16:26 . 2008-10-27 12:17 78,625 --a------ C:\WINDOWS\system32\ozivqtkoctro.exe
2008-10-08 19:35 . 2008-10-08 19:35 <REP> d-------- C:\lockimmo
2008-10-08 19:15 . 2008-10-08 19:15 <REP> d-------- C:\Program Files\EBP
2008-10-08 19:07 . 2008-10-08 19:07 <REP> d-------- C:\Program Files\CTV PROD
2008-10-06 15:46 . 2004-08-04 00:55 20,992 --a------ C:\WINDOWS\system32\dshowext.ax
2008-10-06 15:46 . 2004-08-04 00:55 20,992 --a------ C:\WINDOWS\system32\dllcache\dshowext.ax
2008-10-03 12:49 . 2008-10-03 12:49 <REP> d-------- C:\WINDOWS\STK02N
2008-10-03 12:49 . 2007-03-12 14:25 101,520 --a------ C:\WINDOWS\system32\drivers\STK02NW2.sys
2008-10-03 12:49 . 2007-03-12 14:28 40,960 --a------ C:\WINDOWS\system32\STK02NP.ax
2008-10-03 12:49 . 2007-03-12 14:25 33,728 --a------ C:\WINDOWS\system32\drivers\STK02NW1.sys
2008-10-03 12:39 . 2003-09-19 15:45 21,248 --a------ C:\WINDOWS\system32\drivers\pfc.sys
2008-10-03 12:38 . 2001-08-24 08:25 1,706,800 --a------ C:\WINDOWS\system32\gdiplus.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-15 17:59 332,800 ----a-w C:\WINDOWS\system32\dllcache\netapi32.dll
2008-10-03 18:12 6,066,176 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2008-09-15 16:39 1,846,144 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-15 16:39 1,846,144 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
2008-09-11 14:40 --------- d-----w C:\Documents and Settings\EDMOND Serge\Application Data\Teleca
2008-09-11 14:40 --------- d-----w C:\Documents and Settings\EDMOND Serge\Application Data\Sony Ericsson
2008-09-11 14:33 --------- d-----w C:\Program Files\Sony Ericsson
2008-09-11 14:33 --------- d-----w C:\Program Files\Fichiers communs\Teleca Shared
2008-09-11 14:33 --------- d-----w C:\Program Files\Fichiers communs\Sony Ericsson Shared
2008-09-11 14:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Teleca
2008-09-11 14:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2008-08-28 11:04 333,056 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-08-28 11:04 333,056 ----a-w C:\WINDOWS\system32\dllcache\srv.sys
2008-08-27 10:11 3,593,216 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-08-25 09:39 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-08-25 09:38 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-08-23 06:56 635,848 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-08-23 06:54 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2008-08-14 14:39 2,188,032 ------w C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-08-14 14:39 2,144,768 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 14:39 2,144,768 ------w C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-08-14 14:39 2,065,024 ------w C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-08-14 14:39 2,022,912 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-14 14:39 2,022,912 ------w C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-08-14 10:51 138,368 ----a-w C:\WINDOWS\system32\dllcache\afd.sys
2007-11-09 20:04 58,912 ----a-w C:\Documents and Settings\EDMOND Serge\Application Data\GDIPFONTCACHEV1.DAT
2006-12-25 18:45 0 ----a-w C:\Documents and Settings\EDMOND Serge\popstation.exe
2004-07-23 13:23 3,890 ----a-w C:\Program Files\0x0409.ini
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BFEDCF21-CDB3-F31E-0FE9-1C922D172D94}]
2008-10-27 11:48 172544 --a------ C:\WINDOWS\system32\ceeohtmxbbfglikh.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"preload"="C:\Windows\RUNXMLPL.exe" [2005-05-19 32768]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-07-20 7581696]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-07-20 86016]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 53248]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ntiMUI"="C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2006-05-15 45056]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PCMService"="C:\Program Files\Acer\Acer Arcade\PCMService.exe" [2006-04-27 151552]
"ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-07-18 438272]
"Boot"="C:\Acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584]
"Acer ePresentation HPD"="C:\Acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-06-07 208896]
"eLockMonitor"="C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe" [2006-03-31 16384]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-03-17 345088]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 413696]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-07-03 185784]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 286720]
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960]
"SetDefPrt"="C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 49152]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 933888]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-19 266497]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-24 487424]
"fqfnhjhkgxisan"="C:\WINDOWS\system32\ceeohtmxbbfglikh.dll" [2008-10-27 172544]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 C:\WINDOWS\SkyTel.exe]
"emMON"="emMON.exe" [2006-05-30 C:\WINDOWS\emMON.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2006-09-30 45056]
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2006-10-03 110592]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 282624]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
STK02N 2.1 PNP Monitor.lnk - C:\WINDOWS\STK02N\STK02NM.exe [2008-10-03 163840]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoClose"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.mkdmp3enc"= C:\PROGRA~1\Acer\ACERAR~1\Kernel\Burner\MKDMP3Enc.ACM
"VIDC.VDOM"= vdowave.drv
"VIDC.TR20"= tr2032.dll
"vidc.vivo"= ivvideo.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"=
"C:\\Program Files\\eMule\\EMULE.EXE"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\System32\\dpvsetup.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader
"6112:TCP"= 6112:TCP:Blizzard Downloader

R0 tffsport;M-Systems DiskOnChip 2000;C:\WINDOWS\system32\DRIVERS\tffsport.sys [2004-08-03 149376]
R2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;C:\WINDOWS\system32\eLock2BurnerLockDriver.sys [2006-06-08 17664]
R2 eLock2FSCTLDriver;eLock2FSCTLDriver;C:\WINDOWS\system32\eLock2FSCTLDriver.sys [2006-06-06 90112]
R2 LockServ;LockServ;C:\Acer\Empowering Technology\eLock\LockServ.exe [2006-06-28 520192]
S3 DCamUSBSTK02N;Standard Camera;C:\WINDOWS\system32\DRIVERS\STK02NW2.sys [2007-03-12 101520]
S3 epindd;epindd;C:\WINDOWS\system32\drivers\epindd.sys [2006-01-13 8448]
S3 ids00026;ids00026;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys [ ]
S3 ids00118;ids00118;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00118.sys [ ]
S3 ids0014f;ids0014f;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0014f.sys [ ]
S3 ids0015d;ids0015d;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0015d.sys [ ]
S3 ids0018a;ids0018a;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0018a.sys [ ]
S3 ids00196;ids00196;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00196.sys [ ]
S3 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 69632]
S3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120;C:\WINDOWS\system32\DRIVERS\libusb0.sys [2006-04-22 29184]
S3 se44bus;Sony Ericsson Device 068 driver (WDM);C:\WINDOWS\system32\DRIVERS\se44bus.sys [2006-11-30 61536]
S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se44mdfl.sys [2006-11-30 9360]
S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se44mdm.sys [2006-11-30 97088]
S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se44mgmt.sys [2006-11-30 88624]
S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS);C:\WINDOWS\system32\DRIVERS\se44nd5.sys [2006-11-30 18704]
S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se44obex.sys [2006-11-30 86432]
S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM);C:\WINDOWS\system32\DRIVERS\se44unic.sys [2006-11-30 90800]
S3 USB28xxBGA;USB 2860 Device;C:\WINDOWS\system32\DRIVERS\emBDA.sys [2006-09-12 292864]
S3 USB28xxOEM;USB 28xx OEM Filter;C:\WINDOWS\system32\DRIVERS\emOEM.sys [2006-08-21 7168]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9a7b8b1c-d66a-11dc-bb6b-0016cf52f8a1}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
.
Contenu du dossier 'Tâches planifiées'

2008-10-15 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57]
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{040918d8-abe8-4c5b-9a03-17eb4d98ec77} - C:\WINDOWS\system32\bawkcext.dll
Toolbar-{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
WebBrowser-{96EBBE6A-2864-4345-B32B-26EE9BE524B5} - (no file)
WebBrowser-{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
HKLM-Run-Kaspersky - C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab\KAV Personal Pro\5.0\Save Kaspersky.bat
Notify-awvvu - C:\WINDOWS\system32\awvvu.dll
Notify-geeba - C:\WINDOWS\system32\geeba.dll
Notify-vtstq - C:\WINDOWS\system32\vtstq.dll
Notify-WgaLogon - (no file)


.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\EDMOND Serge\Application Data\Mozilla\Firefox\Profiles\vczkfyv9.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://wanadoo.fr/
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-27 21:09:41
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\regsvr32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\EDMOND~1\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Pr

Toujours quelques publicités, qui restent.

ComboFix 08-10-27.01 - EDMOND Serge 2008-10-28 13:48:47.9 - [color=red]FAT32[/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.604 [GMT 1:00]
Commutateurs utilisés :: C:\Documents and Settings\EDMOND Serge\Bureau\CFScript.txt
* Un nouveau point de restauration a été créé

[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]

FILE ::
C:\WINDOWS\system32\ceeohtmxbbfglikh.dll
C:\WINDOWS\system32\ozivqtkoctro.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\EDMOND Serge\Application Data\SmartShopper
C:\Documents and Settings\EDMOND Serge\Application Data\SmartShopper\cs\Config.xml
C:\Documents and Settings\EDMOND Serge\Application Data\SmartShopper\cs\db\Aliases.dbs
C:\Documents and Settings\EDMOND Serge\Application Data\SmartShopper\cs\db\Sites.dbs
C:\Documents and Settings\EDMOND Serge\Application Data\SmartShopper\cs\dwld\Phishinglist.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SmartShopper\cs\dwld\WhiteList.xip
C:\Documents and Settings\EDMOND Serge\Application Data\SmartShopper\cs\report\aggr_storage.xml
C:\Documents and Settings\EDMOND Serge\Application Data\SmartShopper\cs\report\send_storage.xml
C:\Documents and Settings\EDMOND Serge\Application Data\SmartShopper\cs\res1\WhiteList.dbs
C:\Program Files\SmartShopper
C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll
C:\Program Files\SmartShopper\cs\antiphishing\antiphishing.html
C:\Program Files\SmartShopper\cs\antiphishing\phishAlert.gif
C:\Program Files\SmartShopper\cs\antiphishing\x.gif
C:\Program Files\SmartShopper\cs\antiphishing\xActive.gif
C:\Program Files\SmartShopper\Uninst.exe
C:\WINDOWS\system32\ceeohtmxbbfglikh.dll
C:\WINDOWS\system32\ozivqtkoctro.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-09-28 au 2008-10-28 ))))))))))))))))))))))))))))))))))))
.

2008-10-27 19:10 . 2008-10-27 19:10 <REP> d-------- C:\Documents and Settings\EDMOND Serge\Application Data\v3.0
2008-10-27 14:05 . 2008-10-27 14:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SBUSA
2008-10-25 19:32 . 2008-10-25 19:32 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2008-10-25 19:31 . 2004-10-15 11:51 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-10-25 19:31 . 2004-10-15 11:51 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-10-25 19:31 . 2004-10-15 11:51 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-10-25 19:31 . 2004-10-15 12:05 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-10-25 19:31 . 2004-10-15 11:51 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-10-25 19:31 . 2004-10-15 12:05 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-10-25 19:31 . 2004-10-15 11:51 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-10-25 19:31 . 2008-10-25 19:31 <REP> d-------- C:\Documents and Settings\Administrateur
2008-10-25 13:29 . 2008-10-25 13:29 <REP> d-------- C:\Documents and Settings\EDMOND Serge\Application Data\Malwarebytes
2008-10-25 13:29 . 2008-10-22 16:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-25 13:29 . 2008-10-22 16:10 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-25 13:28 . 2008-10-25 13:29 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-25 13:28 . 2008-10-25 13:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-24 17:59 . 2008-10-24 17:59 <REP> d-------- C:\Program Files\Trend Micro
2008-10-08 19:35 . 2008-10-08 19:35 <REP> d-------- C:\lockimmo
2008-10-08 19:15 . 2008-10-08 19:15 <REP> d-------- C:\Program Files\EBP
2008-10-08 19:07 . 2008-10-08 19:07 <REP> d-------- C:\Program Files\CTV PROD
2008-10-06 15:46 . 2004-08-04 00:55 20,992 --a------ C:\WINDOWS\system32\dshowext.ax
2008-10-06 15:46 . 2004-08-04 00:55 20,992 --a------ C:\WINDOWS\system32\dllcache\dshowext.ax
2008-10-03 12:49 . 2008-10-03 12:49 <REP> d-------- C:\WINDOWS\STK02N
2008-10-03 12:49 . 2007-03-12 14:25 101,520 --a------ C:\WINDOWS\system32\drivers\STK02NW2.sys
2008-10-03 12:49 . 2007-03-12 14:28 40,960 --a------ C:\WINDOWS\system32\STK02NP.ax
2008-10-03 12:49 . 2007-03-12 14:25 33,728 --a------ C:\WINDOWS\system32\drivers\STK02NW1.sys
2008-10-03 12:39 . 2003-09-19 15:45 21,248 --a------ C:\WINDOWS\system32\drivers\pfc.sys
2008-10-03 12:38 . 2001-08-24 08:25 1,706,800 --a------ C:\WINDOWS\system32\gdiplus.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-15 17:59 332,800 ----a-w C:\WINDOWS\system32\dllcache\netapi32.dll
2008-10-03 18:12 6,066,176 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2008-09-15 16:39 1,846,144 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-15 16:39 1,846,144 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
2008-09-11 14:40 --------- d-----w C:\Documents and Settings\EDMOND Serge\Application Data\Teleca
2008-09-11 14:40 --------- d-----w C:\Documents and Settings\EDMOND Serge\Application Data\Sony Ericsson
2008-09-11 14:33 --------- d-----w C:\Program Files\Sony Ericsson
2008-09-11 14:33 --------- d-----w C:\Program Files\Fichiers communs\Teleca Shared
2008-09-11 14:33 --------- d-----w C:\Program Files\Fichiers communs\Sony Ericsson Shared
2008-09-11 14:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Teleca
2008-09-11 14:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2008-08-28 11:04 333,056 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-08-28 11:04 333,056 ----a-w C:\WINDOWS\system32\dllcache\srv.sys
2008-08-27 10:11 3,593,216 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-08-25 09:39 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-08-25 09:38 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-08-23 06:56 635,848 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-08-23 06:54 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2008-08-14 14:39 2,188,032 ------w C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-08-14 14:39 2,144,768 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 14:39 2,144,768 ------w C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-08-14 14:39 2,065,024 ------w C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-08-14 14:39 2,022,912 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-14 14:39 2,022,912 ------w C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-08-14 10:51 138,368 ----a-w C:\WINDOWS\system32\dllcache\afd.sys
2007-11-09 20:04 58,912 ----a-w C:\Documents and Settings\EDMOND Serge\Application Data\GDIPFONTCACHEV1.DAT
2006-12-25 18:45 0 ----a-w C:\Documents and Settings\EDMOND Serge\popstation.exe
2004-07-23 13:23 3,890 ----a-w C:\Program Files\0x0409.ini
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"preload"="C:\Windows\RUNXMLPL.exe" [2005-05-19 32768]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-07-20 7581696]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-07-20 86016]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 53248]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ntiMUI"="C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2006-05-15 45056]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PCMService"="C:\Program Files\Acer\Acer Arcade\PCMService.exe" [2006-04-27 151552]
"ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-07-18 438272]
"Boot"="C:\Acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584]
"Acer ePresentation HPD"="C:\Acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-06-07 208896]
"eLockMonitor"="C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe" [2006-03-31 16384]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-03-17 345088]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 413696]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-07-03 185784]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 286720]
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960]
"SetDefPrt"="C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 49152]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 933888]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-19 266497]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-24 487424]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 C:\WINDOWS\SkyTel.exe]
"emMON"="emMON.exe" [2006-05-30 C:\WINDOWS\emMON.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2006-09-30 45056]
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2006-10-03 110592]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 282624]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
STK02N 2.1 PNP Monitor.lnk - C:\WINDOWS\STK02N\STK02NM.exe [2008-10-03 163840]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoClose"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.mkdmp3enc"= C:\PROGRA~1\Acer\ACERAR~1\Kernel\Burner\MKDMP3Enc.ACM
"VIDC.VDOM"= vdowave.drv
"VIDC.TR20"= tr2032.dll
"vidc.vivo"= ivvideo.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"=
"C:\\Program Files\\eMule\\EMULE.EXE"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\System32\\dpvsetup.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader
"6112:TCP"= 6112:TCP:Blizzard Downloader

R0 tffsport;M-Systems DiskOnChip 2000;C:\WINDOWS\system32\DRIVERS\tffsport.sys [2004-08-03 149376]
R2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;C:\WINDOWS\system32\eLock2BurnerLockDriver.sys [2006-06-08 17664]
R2 eLock2FSCTLDriver;eLock2FSCTLDriver;C:\WINDOWS\system32\eLock2FSCTLDriver.sys [2006-06-06 90112]
R2 LockServ;LockServ;C:\Acer\Empowering Technology\eLock\LockServ.exe [2006-06-28 520192]
S3 DCamUSBSTK02N;Standard Camera;C:\WINDOWS\system32\DRIVERS\STK02NW2.sys [2007-03-12 101520]
S3 epindd;epindd;C:\WINDOWS\system32\drivers\epindd.sys [2006-01-13 8448]
S3 ids00026;ids00026;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys [ ]
S3 ids00118;ids00118;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00118.sys [ ]
S3 ids0014f;ids0014f;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0014f.sys [ ]
S3 ids0015d;ids0015d;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0015d.sys [ ]
S3 ids0018a;ids0018a;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0018a.sys [ ]
S3 ids00196;ids00196;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00196.sys [ ]
S3 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 69632]
S3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120;C:\WINDOWS\system32\DRIVERS\libusb0.sys [2006-04-22 29184]
S3 se44bus;Sony Ericsson Device 068 driver (WDM);C:\WINDOWS\system32\DRIVERS\se44bus.sys [2006-11-30 61536]
S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se44mdfl.sys [2006-11-30 9360]
S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se44mdm.sys [2006-11-30 97088]
S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se44mgmt.sys [2006-11-30 88624]
S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS);C:\WINDOWS\system32\DRIVERS\se44nd5.sys [2006-11-30 18704]
S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se44obex.sys [2006-11-30 86432]
S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM);C:\WINDOWS\system32\DRIVERS\se44unic.sys [2006-11-30 90800]
S3 USB28xxBGA;USB 2860 Device;C:\WINDOWS\system32\DRIVERS\emBDA.sys [2006-09-12 292864]
S3 USB28xxOEM;USB 28xx OEM Filter;C:\WINDOWS\system32\DRIVERS\emOEM.sys [2006-08-21 7168]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9a7b8b1c-d66a-11dc-bb6b-0016cf52f8a1}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a

*Newly Created Service* - CATCHME
.
Contenu du dossier 'Tâches planifiées'

2008-10-15 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57]
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-28 13:51:23
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-10-28 13:51:59
ComboFix-quarantined-files.txt 2008-10-28 12:51:58
ComboFix2.txt 2008-10-27 20:13:24

Avant-CF: 32,209,633,280 octets libres
Après-CF: 32,454,148,096 octets libres

217 --- E O F --- 2008-10-27 13:00:27

Re,

• Fais un scan en ligne Kaspersky avec Internet Explorer :
• Clique sur
• Clique maintenant sur J'accepte.
• Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
• Patiente pendant l'installation des Mises à jour.
• Choisis par la suite l'analyse du Poste de travail
• Sauvegarde puis colle le rapport généré en fin d'analyse.

AIDE : Tuto sur le scan en ligne

NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.

Re,

Supprime ce fichier :
C:\WINDOWS\system32\cunfcscs.dll