Bonsoir et merci pour ta réponse.

Voici le rapport de combofix
par contre g encore des petits soucis, mais j'imagine que la desinfection n'est pas terminée :

ComboFix 09-11-08.03 - audrey becourt 10/11/2009 1:02.1.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.958.181 [GMT 1:00]
Lancé depuis: c:\documents and settings\audrey becourt\Mes documents\Téléchargements\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 091109-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\audrey becourt\Application Data\DriveCleaner 2006 Free
c:\documents and settings\audrey becourt\Application Data\DriveCleaner 2006 Free\Logs\update.log
c:\documents and settings\audrey becourt\Bureau\FICHIER dernier ko
c:\documents and settings\audrey becourt\Bureau\FICHIER dernier ko
c:\progra~1\FICHIE~1\{A0D3E~1
c:\program files\BulletProofSoft.com
c:\program files\BulletProofSoft.com\Youtube Video Grabber\Clip.exe
c:\program files\BulletProofSoft.com\Youtube Video Grabber\Help.chm
c:\program files\BulletProofSoft.com\Youtube Video Grabber\Main.swf
c:\program files\BulletProofSoft.com\Youtube Video Grabber\Parse.wvi
c:\program files\BulletProofSoft.com\Youtube Video Grabber\unins000.dat
c:\program files\BulletProofSoft.com\Youtube Video Grabber\unins000.exe
c:\program files\BulletProofSoft.com\Youtube Video Grabber\YG VideoGrabber.exe
c:\windows\dobe~1
c:\windows\icroso~1.net
c:\windows\system32\clrviddc.dll
c:\windows\system32\dumphive.exe
c:\windows\system32\lo2.txtt
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games
-------\Service_gaopdxserv.sys


((((((((((((((((((((((((((((( Fichiers créés du 2009-10-10 au 2009-11-10 ))))))))))))))))))))))))))))))))))))
.

2009-11-09 23:27 . 2009-11-09 23:27 -------- d-----w- c:\documents and settings\LocalService\Bureau
2009-11-09 23:19 . 2009-09-23 12:55 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-11-09 23:18 . 2009-10-03 08:15 2924848 -c--a-w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstalla­tion.exe
2009-11-09 22:57 . 2009-11-09 23:18 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-11-09 22:40 . 2009-11-09 22:40 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Mozilla
2009-11-09 21:57 . 2009-11-09 21:57 -------- d-----w- c:\program files\Trend Micro
2009-11-09 21:39 . 2009-11-09 23:45 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 1
2009-11-06 07:26 . 1998-07-12 23:00 15872 ----a-w- c:\windows\system32\WINSKFR.DLL
2009-11-06 07:26 . 1998-07-12 23:00 6656 ----a-w- c:\windows\system32\STDFTFR.DLL
2009-10-12 12:15 . 1999-05-07 17:49 32768 ----a-w- c:\windows\system32\Mrosm32.dll
2009-10-12 10:22 . 2009-10-12 10:39 -------- d-----w- c:\program files\VirtualDJ

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-10 00:17 . 2009-09-29 07:45 -------- d-----w- c:\documents and settings\audrey becourt\Application Data\Skype
2009-11-09 23:17 . 2008-02-18 08:21 -------- d-----w- c:\program files\Lavasoft
2009-11-09 23:01 . 2009-09-29 07:46 -------- d-----w- c:\documents and settings\audrey becourt\Application Data\skypePM
2009-11-09 21:59 . 2007-07-14 15:10 -------- d-----w- c:\program files\Lexmark Toolbar
2009-11-06 07:26 . 2009-01-04 11:00 -------- d-----w- c:\program files\ZNsoft Corporation
2009-11-04 19:55 . 2007-07-14 15:14 -------- d-----w- c:\program files\lx_cats
2009-11-01 09:03 . 2005-12-09 05:49 85256 ----a-w- c:\windows\system32\perfc00C.dat
2009-11-01 09:03 . 2005-12-09 05:49 511392 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-17 08:33 . 2007-07-12 13:01 -------- d-----w- c:\documents and settings\audrey becourt\Application Data\U3
2009-10-15 18:18 . 2006-09-11 18:24 -------- d-----w- c:\documents and settings\audrey becourt\Application Data\Azureus
2009-10-15 12:55 . 2006-12-25 15:58 129224 -c--a-w- c:\windows\system32\GDIPFONTCACHEV1.DA­T
2009-10-12 12:15 . 2008-01-19 18:26 -------- d-----w- c:\program files\Steinberg
2009-10-05 14:11 . 2009-10-05 14:11 -------- d-----w- c:\program files\Audacity
2009-10-01 13:10 . 2009-10-01 13:10 -------- d-----w- c:\program files\US122_Install
2009-09-29 07:46 . 2009-09-29 07:46 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-09-29 07:44 . 2009-09-29 07:43 -------- d-----r- c:\program files\Skype
2009-09-29 07:43 . 2009-09-29 07:43 -------- d-----w- c:\program files\Fichiers communs\Skype
2009-09-29 07:43 . 2009-09-29 07:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-09-24 19:12 . 2009-09-24 19:12 -------- d-----w- c:\program files\Sibelius Software
2009-09-16 10:14 . 2009-09-16 10:14 20299296 ----a-w- c:\documents and settings\audrey becourt\Application Data\TomTom\HOME\Profiles\ptz0844z.default\Updates\v2_7_2_18­25_win.exe
2007-03-23 11:44 . 2007-03-23 11:44 604 -c-ha-w- c:\program files\STLL Notifier
2002-09-18 01:28 . 2006-12-25 15:12 3205496 -c----w- c:\program files\F.msi
1996-12-02 15:44 . 1996-12-02 15:44 582144 ----a-w- c:\program files\Fichiers communs\dao350.dll
2009-08-08 23:11 . 2009-08-08 23:11 10437264 ----a-w- c:\program files\mozilla firefox\plugins\PDFNetC.dll
2009-08-08 23:30 . 2009-08-08 23:30 107760 ----a-w- c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2009-02-19 1471728]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-04-08 251240]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-09-02 25623336]
"Google Update"="c:\documents and settings\audrey becourt\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-10-01 133104]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-14 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-14 688218]
"MPSWiFiManager"="c:\program files\Club-Internet\Agent Wifi\AgentWifi.exe" [2005-04-11 135168]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"Tvs"="c:\program files\TOSHIBA\Tvs\TvsTray.exe" [2005-11-30 73728]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"NDSTray.exe"="NDSTray.exe" [BU]
"CFSServ.exe"="CFSServ.exe" [BU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\audrey felix\Menu D‚marrer\Programmes\D‚marrage\
Club Internet.lnk - c:\program files\Club-Internet\Lanceur\lanceur.exe [2006-10-5 5484544]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Nike+ Utility.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Nike+ Utility.lnk
backup=c:\windows\pss\Nike+ Utility.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3629:UDP"= 3629:UDP:Windows Media Format SDK (wmplayer.exe)
"3628:UDP"= 3628:UDP:Windows Media Format SDK (wmplayer.exe)
"3631:UDP"= 3631:UDP:Windows Media Format SDK (wmplayer.exe)

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [10/11/2009 00:19 64288]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [07/04/2008 10:37 114768]
R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [11/09/2007 00:45 124832]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [07/04/2008 10:37 20560]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24/09/2009 12:17 1169232]
R2 lxcy_device;lxcy_device;c:\windows\system32\lxcycoms.exe -service --> c:\windows\system32\lxcycoms.exe -service [?]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [08/04/2009 11:38 92008]
S3 mdxgthkn;mdxgthkn;\??\c:\docume~1\AUDREY~2\LOCALS~1\Temp\mdxgthkn.sys --> c:\docume~1\AUDREY~2\LOCALS~1\Temp\mdxgthkn.sys [?]
S3 US122;US122 Driver;c:\windows\system32\drivers\US122.sys [13/02/2003 12:40 215708]
S3 US122DL;US122 Firmware Downloader;c:\windows\system32\drivers\US122DL.sys [13/02/2003 12:45 17263]
S3 Us122WdmService;US122 Wdm Audio;c:\windows\system32\drivers\US122Wdm.sys [13/02/2003 12:40 84092]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - MBR
*Deregistered* - mbr
.
Contenu du dossier 'Tâches planifiées'

2009-11-10 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:06]

2009-08-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3117846246-626433616-840302518-1006Core.job
- c:\documents and settings\audrey becourt\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-01 06:48]

2009-11-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3117846246-626433616-840302518-1006UA.job
- c:\documents and settings\audrey becourt\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-01 06:48]

2006-05-12 c:\windows\Tasks\Rappel d'enregistrement 1.job
- c:\windows\system32\OOBE\oobebaln.exe [2005-12-09 02:34]

2006-05-12 c:\windows\Tasks\Rappel d'enregistrement 2.job
- c:\windows\system32\OOBE\oobebaln.exe [2005-12-09 02:34]

2006-05-12 c:\windows\Tasks\Rappel d'enregistrement 3.job
- c:\windows\system32\OOBE\oobebaln.exe [2005-12-09 02:34]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\audrey becourt\Application Data\Mozilla\Firefox\Profiles\wt54lii5.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - plugin: c:\documents and settings\audrey becourt\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre1.5.0_15\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_15\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_15\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_15\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_15\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_15\bin\NPJPI150_15.dll

---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", true);
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHELINS SUPPRIMES - - - -

AddRemove-BulletProofSoft Youtube Video Grabber Trial Version_is1 - c:\program files\BulletProofSoft.com\Youtube Video Grabber\unins000.exe
AddRemove-Convert Image To PDF_is1 - c:\program files\Softinterface



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-10 01:15
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x85D4F7F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\atapi -> 0x85d4f7f8
Warning: possible MBR rootkit infection !
user & kernel MBR OK
Use "Recovery Console" command "fixmbr" to clear infection !

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(708)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3412)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\eappprxy.dll
c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_fre.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\system32\lxcycoms.exe
c:\program files\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Heure de fin: 2009-11-10 1:24 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-11-10 00:24

Avant-CF: 11 548 139 520 octets libres
Après-CF: 11 399 086 080 octets libres

- - End Of File - - ECC122580BC87991A209E25D6CF04876

ComboFix 09-11-09.02 - audrey becourt 11/11/2009 16:18.2.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.958.503 [GMT 1:00]
Lancé depuis: c:\documents and settings\audrey becourt\Mes documents\Téléchargements\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\audrey becourt\Bureau\CFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 091111-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\docume~1\AUDREY~2\LOCALS~1\Temp\mdxgthkn.sys"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Legacy_MDXGTHKN
-------\Service_mdxgthkn


((((((((((((((((((((((((((((( Fichiers créés du 2009-10-11 au 2009-11-11 ))))))))))))))))))))))))))))))))))))
.

2009-11-10 07:53 . 2009-11-10 07:51 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-10 07:50 . 2009-11-10 07:50 242984 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\SBRE.dll
2009-11-10 07:49 . 2009-11-10 07:49 5908024 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Resources.dll
2009-11-10 07:49 . 2009-11-10 07:49 327000 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\RPAPI.dll
2009-11-10 07:49 . 2009-11-10 07:49 87496 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\PrivacyClean.dll
2009-11-10 07:48 . 2009-11-10 07:48 933120 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\CEAPI.dll
2009-11-10 07:48 . 2009-11-10 07:48 640608 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AutoLaunch.exe
2009-11-10 07:48 . 2009-11-10 07:48 815760 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2009-11-10 07:48 . 2009-11-10 07:48 822904 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2009-11-10 07:48 . 2009-11-10 07:48 1638104 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2009-11-10 07:48 . 2009-11-10 07:48 788368 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe
2009-11-10 07:48 . 2009-11-10 07:48 1179232 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe
2009-11-10 07:36 . 2008-12-16 12:31 354304 -c----w- c:\windows\system32\dllcache\winhttp.dll
2009-11-10 07:36 . 2008-04-21 21:15 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-11-09 23:27 . 2009-11-09 23:27 -------- d-----w- c:\documents and settings\LocalService\Bureau
2009-11-09 23:19 . 2009-09-23 12:55 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-11-09 23:18 . 2009-10-03 08:15 2924848 -c--a-w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
2009-11-09 22:57 . 2009-11-09 23:18 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-11-09 22:40 . 2009-11-09 22:40 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Mozilla
2009-11-09 21:57 . 2009-11-09 21:57 -------- d-----w- c:\program files\Trend Micro
2009-11-09 21:39 . 2009-11-11 15:08 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 1
2009-11-06 07:26 . 1998-07-12 23:00 15872 ----a-w- c:\windows\system32\WINSKFR.DLL
2009-11-06 07:26 . 1998-07-12 23:00 6656 ----a-w- c:\windows\system32\STDFTFR.DLL

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-11 15:32 . 2009-09-29 07:45 -------- d-----w- c:\documents and settings\audrey becourt\Application Data\Skype
2009-11-11 15:06 . 2009-09-29 07:46 -------- d-----w- c:\documents and settings\audrey becourt\Application Data\skypePM
2009-11-11 14:27 . 2005-12-16 05:15 -------- d-----w- c:\program files\Microsoft Works
2009-11-09 23:17 . 2008-02-18 08:21 -------- d-----w- c:\program files\Lavasoft
2009-11-09 21:59 . 2007-07-14 15:10 -------- d-----w- c:\program files\Lexmark Toolbar
2009-11-06 07:26 . 2009-01-04 11:00 -------- d-----w- c:\program files\ZNsoft Corporation
2009-11-04 19:55 . 2007-07-14 15:14 -------- d-----w- c:\program files\lx_cats
2009-11-01 09:03 . 2005-12-09 05:49 85256 ----a-w- c:\windows\system32\perfc00C.dat
2009-11-01 09:03 . 2005-12-09 05:49 511392 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-17 08:33 . 2007-07-12 13:01 -------- d-----w- c:\documents and settings\audrey becourt\Application Data\U3
2009-10-15 18:18 . 2006-09-11 18:24 -------- d-----w- c:\documents and settings\audrey becourt\Application Data\Azureus
2009-10-15 12:55 . 2006-12-25 15:58 129224 -c--a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-10-12 12:15 . 2008-01-19 18:26 -------- d-----w- c:\program files\Steinberg
2009-10-12 10:39 . 2009-10-12 10:22 -------- d-----w- c:\program files\VirtualDJ
2009-10-05 14:11 . 2009-10-05 14:11 -------- d-----w- c:\program files\Audacity
2009-10-01 13:10 . 2009-10-01 13:10 -------- d-----w- c:\program files\US122_Install
2009-09-29 07:46 . 2009-09-29 07:46 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-09-29 07:44 . 2009-09-29 07:43 -------- d-----r- c:\program files\Skype
2009-09-29 07:43 . 2009-09-29 07:43 -------- d-----w- c:\program files\Fichiers communs\Skype
2009-09-29 07:43 . 2009-09-29 07:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-09-24 19:12 . 2009-09-24 19:12 -------- d-----w- c:\program files\Sibelius Software
2009-09-16 10:14 . 2009-09-16 10:14 20299296 ----a-w- c:\documents and settings\audrey becourt\Application Data\TomTom\HOME\Profiles\ptz0844z.default\Updates\v2_7_2_1825_win.exe
2009-09-11 14:18 . 2005-12-09 05:48 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-08-20 14:09 . 2009-08-20 14:09 1193832 ----a-w- c:\windows\system32\FM20.DLL
2007-03-23 11:44 . 2007-03-23 11:44 604 -c-ha-w- c:\program files\STLL Notifier
2002-09-18 01:28 . 2006-12-25 15:12 3205496 -c----w- c:\program files\F.msi
1996-12-02 15:44 . 1996-12-02 15:44 582144 ----a-w- c:\program files\Fichiers communs\dao350.dll
2009-08-08 23:11 . 2009-08-08 23:11 10437264 ----a-w- c:\program files\mozilla firefox\plugins\PDFNetC.dll
2009-08-08 23:30 . 2009-08-08 23:30 107760 ----a-w- c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-11-10_00.14.47 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-11 18:41 . 2009-07-11 18:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2009-11-11 15:27 . 2009-11-11 15:27 16384 c:\windows\Temp\Perflib_Perfdata_744.dat
+ 2005-12-09 05:48 . 2009-06-25 08:26 54272 c:\windows\system32\wdigest.dll
+ 2007-01-29 08:58 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe
+ 2007-02-08 13:52 . 2007-11-30 12:39 18296 c:\windows\system32\spmsg.dll
- 2007-02-08 13:52 . 2007-11-30 11:19 18296 c:\windows\system32\spmsg.dll
+ 2005-12-09 05:48 . 2009-06-25 08:26 56832 c:\windows\system32\secur32.dll
+ 2005-12-09 05:48 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys
+ 2009-06-25 08:26 . 2009-06-25 08:26 54272 c:\windows\system32\dllcache\wdigest.dll
+ 2009-06-25 08:26 . 2009-06-25 08:26 56832 c:\windows\system32\dllcache\secur32.dll
+ 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
+ 2008-11-03 08:16 . 2009-11-10 07:56 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2008-11-03 08:16 . 2008-11-03 08:17 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2005-12-12 10:08 . 2008-11-03 08:17 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2005-12-12 10:08 . 2009-11-10 07:56 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2009-11-10 07:44 . 2009-11-10 07:56 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2005-12-12 10:08 . 2008-11-03 08:17 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-06-24 18:56 . 2009-06-24 18:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
+ 2008-05-27 23:49 . 2008-05-27 23:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-13 19:58 . 2007-04-13 19:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-13 19:57 . 2007-04-13 19:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2007-04-13 19:57 . 2007-04-13 19:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2008-05-28 00:30 . 2008-05-28 00:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2007-04-13 20:30 . 2007-04-13 20:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2007-07-12 17:24 . 2009-11-11 14:24 90112 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
- 2007-07-12 17:24 . 2009-04-10 15:32 90112 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2007-07-12 17:24 . 2009-11-11 14:24 45056 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
- 2007-07-12 17:24 . 2009-04-10 15:32 45056 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2007-07-12 17:24 . 2009-11-11 14:24 22528 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
- 2007-07-12 17:24 . 2009-04-10 15:32 22528 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2007-07-12 17:24 . 2009-11-11 14:24 30720 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\pptico.exe
- 2007-07-12 17:24 . 2009-04-10 15:32 30720 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\pptico.exe
+ 2007-07-12 17:24 . 2009-11-11 14:24 16384 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2007-07-12 17:24 . 2009-04-10 15:32 16384 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
+ 2007-07-12 17:24 . 2009-11-11 14:24 34304 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2007-07-12 17:24 . 2009-04-10 15:32 34304 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2007-07-12 17:24 . 2009-11-11 14:24 81920 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\fpicon.exe
- 2007-07-12 17:24 . 2009-04-10 15:32 81920 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2005-12-16 05:16 . 2009-11-11 14:27 17534 c:\windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\gtngstrtd.exe
- 2005-12-16 05:16 . 2008-12-12 12:37 17534 c:\windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\gtngstrtd.exe
- 2005-12-16 05:16 . 2008-12-12 12:37 65536 c:\windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\_E1162A70C607_43DE_9F42_B6251572BE19.exe
+ 2005-12-16 05:16 . 2009-11-11 14:27 65536 c:\windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\_E1162A70C607_43DE_9F42_B6251572BE19.exe
- 2005-12-16 05:16 . 2008-12-12 12:37 65536 c:\windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\_6DF36F952F03_4D8B_8F27_6EBBF01EA476.exe
+ 2005-12-16 05:16 . 2009-11-11 14:27 65536 c:\windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\_6DF36F952F03_4D8B_8F27_6EBBF01EA476.exe
+ 2005-12-16 05:16 . 2009-11-11 14:27 65536 c:\windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\_30113DE266A8_443A_A6B0_3DC98697B0DB.exe
- 2005-12-16 05:16 . 2008-12-12 12:37 65536 c:\windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\_30113DE266A8_443A_A6B0_3DC98697B0DB.exe
+ 2009-11-11 14:32 . 2009-11-11 14:32 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_e8bcfac7\System.Drawing.Design.dll
+ 2009-11-11 14:32 . 2009-11-11 14:32 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_7cec73a4\CustomMarshalers.dll
+ 2008-05-05 06:25 . 2008-05-05 06:25 3072 c:\windows\system32\xpsp4res.dll
- 2007-07-12 17:24 . 2009-04-10 15:32 3584 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
+ 2007-07-12 17:24 . 2009-11-11 14:24 3584 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
- 2007-07-12 17:24 . 2009-04-10 15:32 8192 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
+ 2007-07-12 17:24 . 2009-11-11 14:24 8192 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2007-07-12 17:24 . 2009-04-10 15:32 2560 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2007-07-12 17:24 . 2009-11-11 14:24 2560 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
- 2005-12-16 05:16 . 2008-12-12 12:37 4710 c:\windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\WSBico.exe
+ 2005-12-16 05:16 . 2009-11-11 14:27 4710 c:\windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\WSBico.exe
- 2005-12-16 05:16 . 2008-12-12 12:37 4710 c:\windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\Win2Kico.exe
+ 2005-12-16 05:16 . 2009-11-11 14:27 4710 c:\windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\Win2Kico.exe
- 2005-12-09 05:48 . 2008-04-14 02:33 354304 c:\windows\system32\winhttp.dll
+ 2005-12-09 05:48 . 2008-12-16 12:31 354304 c:\windows\system32\winhttp.dll
+ 2005-12-09 05:48 . 2009-06-25 08:26 147456 c:\windows\system32\schannel.dll
+ 2005-12-09 05:48 . 2009-04-15 14:53 585216 c:\windows\system32\rpcrt4.dll
+ 2005-12-09 05:48 . 2009-08-05 09:00 205312 c:\windows\system32\mswebdvd.dll
+ 2005-12-09 05:48 . 2009-06-25 08:26 736768 c:\windows\system32\lsasrv.dll
+ 2005-12-09 05:48 . 2009-06-25 08:26 301568 c:\windows\system32\kerberos.dll
+ 2005-12-09 05:48 . 2009-08-13 15:20 512000 c:\windows\system32\jscript.dll
- 2005-12-09 05:48 . 2008-05-09 10:55 512000 c:\windows\system32\jscript.dll
+ 2005-12-09 06:54 . 2009-11-11 15:03 388000 c:\windows\system32\FNTCACHE.DAT
- 2005-12-09 06:54 . 2009-10-12 12:39 388000 c:\windows\system32\FNTCACHE.DAT
+ 2008-12-05 06:57 . 2009-06-25 08:26 147456 c:\windows\system32\dllcache\schannel.dll
+ 2009-04-15 14:53 . 2009-04-15 14:53 585216 c:\windows\system32\dllcache\rpcrt4.dll
+ 2009-08-05 09:00 . 2009-08-05 09:00 205312 c:\windows\system32\dllcache\mswebdvd.dll
+ 2009-06-25 08:26 . 2009-09-11 14:18 136192 c:\windows\system32\dllcache\msv1_0.dll
+ 2009-06-25 08:26 . 2009-06-25 08:26 736768 c:\windows\system32\dllcache\lsasrv.dll
+ 2009-06-25 08:26 . 2009-06-25 08:26 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2008-05-09 10:55 . 2009-08-13 15:20 512000 c:\windows\system32\dllcache\jscript.dll
- 2008-05-09 10:55 . 2008-05-09 10:55 512000 c:\windows\system32\dllcache\jscript.dll
- 2007-04-13 19:58 . 2007-04-13 19:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-13 19:56 . 2007-04-13 19:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-13 20:30 . 2007-04-13 20:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2008-05-28 00:30 . 2008-05-28 00:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2009-11-11 14:16 . 2009-11-11 14:16 248832 c:\windows\Installer\b9ad7.msi
- 2007-07-12 17:24 . 2009-04-10 15:32 114688 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2007-07-12 17:24 . 2009-11-11 14:24 114688 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\outicon.exe
- 2007-07-12 17:24 . 2009-04-10 15:32 167936 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\accicons.exe
+ 2007-07-12 17:24 . 2009-11-11 14:24 167936 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\accicons.exe
- 2005-12-16 05:16 . 2008-12-12 12:37 184320 c:\windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\_A5AC17ADC9FC_483E_BECB_C92E71F01A48.exe
+ 2005-12-16 05:16 . 2009-11-11 14:27 184320 c:\windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\_A5AC17ADC9FC_483E_BECB_C92E71F01A48.exe
+ 2009-11-11 14:33 . 2009-11-11 14:33 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_f8b0cc1c\System.Drawing.dll
+ 2009-11-11 14:33 . 2009-11-11 14:33 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_aeb05593\System.Drawing.Design.dll
+ 2009-11-11 14:33 . 2009-11-11 14:33 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_7302e245\CustomMarshalers.dll
+ 2005-12-09 05:48 . 2009-04-19 19:50 1847296 c:\windows\system32\win32k.sys
- 2005-12-09 05:48 . 2008-08-14 13:23 2191232 c:\windows\system32\ntoskrnl.exe
+ 2005-12-09 05:48 . 2009-08-04 21:58 2191232 c:\windows\system32\ntoskrnl.exe
- 2004-08-04 00:48 . 2008-08-14 13:23 2068096 c:\windows\system32\ntkrnlpa.exe
+ 2004-08-04 00:48 . 2009-08-04 17:28 2068096 c:\windows\system32\ntkrnlpa.exe
+ 2008-10-15 09:29 . 2009-04-19 19:50 1847296 c:\windows\system32\dllcache\win32k.sys
- 2008-10-15 09:29 . 2008-08-14 13:23 2191232 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-10-15 09:29 . 2009-08-04 21:58 2191232 c:\windows\system32\dllcache\ntoskrnl.exe
- 2008-10-15 09:29 . 2008-08-14 13:23 2025984 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-10-15 09:29 . 2009-08-04 17:27 2025984 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-10-15 09:29 . 2009-08-04 17:28 2068096 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2008-10-15 09:29 . 2008-08-14 13:23 2068096 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2008-10-15 09:29 . 2008-08-14 13:23 2147328 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-10-15 09:29 . 2009-08-04 17:27 2147328 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-05-28 00:35 . 2008-05-28 00:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-13 20:35 . 2007-04-13 20:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2008-05-28 00:35 . 2008-05-28 00:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-13 20:35 . 2007-04-13 20:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2007-04-13 19:57 . 2007-04-13 19:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-13 19:57 . 2007-04-13 19:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-13 19:50 . 2007-04-13 19:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2008-05-27 23:43 . 2008-05-27 23:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2009-09-17 13:06 . 2009-09-17 13:06 4873728 c:\windows\Installer\b9b30.msp
+ 2009-04-29 14:03 . 2009-04-29 14:03 8404992 c:\windows\Installer\b9b18.msp
+ 2009-08-20 14:27 . 2009-08-20 14:27 3622400 c:\windows\Installer\b9b04.msp
+ 2009-09-10 21:44 . 2009-09-10 21:44 6704640 c:\windows\Installer\b9af0.msp
+ 2008-10-15 09:29 . 2009-08-04 21:58 2191232 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2008-10-15 09:29 . 2008-08-14 13:23 2191232 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2008-10-15 09:29 . 2008-08-14 13:23 2025984 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-10-15 09:29 . 2009-08-04 17:27 2025984 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-10-15 09:29 . 2009-08-04 17:28 2068096 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2008-10-15 09:29 . 2008-08-14 13:23 2068096 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2008-10-15 09:29 . 2008-08-14 13:23 2147328 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-10-15 09:29 . 2009-08-04 17:27 2147328 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-11-11 14:31 . 2009-11-11 14:31 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_33b8778e\System.dll
+ 2009-11-11 14:33 . 2009-11-11 14:33 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_1e7221d8\System.dll
+ 2009-11-11 14:34 . 2009-11-11 14:34 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_e9694430\System.Xml.dll
+ 2009-11-11 14:32 . 2009-11-11 14:32 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_2d71ab86\System.Xml.dll
+ 2009-11-11 14:33 . 2009-11-11 14:33 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_7b781f26\System.Windows.Forms.dll
+ 2009-11-11 14:32 . 2009-11-11 14:32 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_3d389544\System.Windows.Forms.dll
+ 2009-11-11 14:34 . 2009-11-11 14:34 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_7756094f\System.Drawing.dll
+ 2009-11-11 14:33 . 2009-11-11 14:33 1466368 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_7cf6810b\System.Design.dll
+ 2009-11-11 14:34 . 2009-11-11 14:34 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_48b857c7\System.Design.dll
+ 2009-11-11 14:34 . 2009-11-11 14:34 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a3cd3113\mscorlib.dll
+ 2009-11-11 14:33 . 2009-11-11 14:33 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_96d187b8\mscorlib.dll
+ 2009-11-11 14:30 . 2009-11-11 14:30 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2007-08-21 13:21 . 2007-08-21 13:21 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2007-08-21 13:21 . 2007-08-21 13:21 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-11-11 14:30 . 2009-11-11 14:30 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-08-10 20:08 . 2009-08-10 20:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp
+ 2009-08-10 13:09 . 2009-08-10 13:09 17254912 c:\windows\Installer\b9b46.msp
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2009-02-19 1471728]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-09-02 25623336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-14 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-14 688218]
"MPSWiFiManager"="c:\program files\Club-Internet\Agent Wifi\AgentWifi.exe" [2005-04-11 135168]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"Tvs"="c:\program files\TOSHIBA\Tvs\TvsTray.exe" [2005-11-30 73728]
"NDSTray.exe"="NDSTray.exe" [BU]
"CFSServ.exe"="CFSServ.exe" [BU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\audrey felix\Menu D‚marrer\Programmes\D‚marrage\
Club Internet.lnk - c:\program files\Club-Internet\Lanceur\lanceur.exe [2006-10-5 5484544]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Nike+ Utility.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Nike+ Utility.lnk
backup=c:\windows\pss\Nike+ Utility.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3629:UDP"= 3629:UDP:Windows Media Format SDK (wmplayer.exe)
"3628:UDP"= 3628:UDP:Windows Media Format SDK (wmplayer.exe)
"3631:UDP"= 3631:UDP:Windows Media Format SDK (wmplayer.exe)

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [10/11/2009 00:19 64288]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [07/04/2008 10:37 114768]
R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [11/09/2007 00:45 124832]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [07/04/2008 10:37 20560]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24/09/2009 12:17 1179232]
R2 lxcy_device;lxcy_device;c:\windows\system32\lxcycoms.exe -service --> c:\windows\system32\lxcycoms.exe -service [?]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [08/04/2009 11:38 92008]
S3 US122;US122 Driver;c:\windows\system32\drivers\US122.sys [13/02/2003 12:40 215708]
S3 US122DL;US122 Firmware Downloader;c:\windows\system32\drivers\US122DL.sys [13/02/2003 12:45 17263]
S3 Us122WdmService;US122 Wdm Audio;c:\windows\system32\drivers\US122Wdm.sys [13/02/2003 12:40 84092]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - mbr
.
Contenu du dossier 'Tâches planifiées'

2009-11-11 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 07:48]

2009-08-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3117846246-626433616-840302518-1006Core.job
- c:\documents and settings\audrey becourt\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-01 06:48]

2009-11-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3117846246-626433616-840302518-1006UA.job
- c:\documents and settings\audrey becourt\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-01 06:48]

2006-05-12 c:\windows\Tasks\Rappel d'enregistrement 1.job
- c:\windows\system32\OOBE\oobebaln.exe [2005-12-09 02:34]

2006-05-12 c:\windows\Tasks\Rappel d'enregistrement 2.job
- c:\windows\system32\OOBE\oobebaln.exe [2005-12-09 02:34]

2006-05-12 c:\windows\Tasks\Rappel d'enregistrement 3.job
- c:\windows\system32\OOBE\oobebaln.exe [2005-12-09 02:34]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\audrey becourt\Application Data\Mozilla\Firefox\Profiles\wt54lii5.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - plugin: c:\documents and settings\audrey becourt\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre1.5.0_15\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_15\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_15\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_15\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_15\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_15\bin\NPJPI150_15.dll

---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox 3.6 Beta 1\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", true);
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox 3.6 Beta 1\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-11 16:28
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x85B5F3C8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\atapi -> 0x85b5f3c8
Warning: possible MBR rootkit infection !
user & kernel MBR OK
Use "Recovery Console" command "fixmbr" to clear infection !

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(712)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(1024)
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\system32\lxcycoms.exe
c:\program files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files\TOSHIBA\ConfigFree\CFSServ.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\notepad.exe
c:\program files\Mozilla Firefox 3.6 Beta 1\firefox.exe
.
**************************************************************************
.
Heure de fin: 2009-11-11 16:40 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-11-11 15:40
ComboFix2.txt 2009-11-10 00:24

Avant-CF: 10 540 990 464 octets libres
Après-CF: 10 505 830 400 octets libres

- - End Of File - - 88F605D55A6533117E461DD4FB4B6E9B