Se connecter / S'enregistrer
Votre question

enlever antispywareexpert

Tags :
  • Hijackthis
  • Sécurité
Dernière réponse : dans Sécurité et virus
30 Octobre 2008 12:32:11

Merci de m'aider a desintaller antispywaerexpert

Autres pages sur : enlever antispywareexpert

30 Octobre 2008 13:18:13


voila j'espere que ca va aider-merci


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:16:59, on 30/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Lexmark 6300 Series\lxcdmon.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\Program Files\FinePixViewer\QuickDCF2.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\lxcdcoms.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Bat Wave Base Dale] C:\Documents and Settings\All Users\Application Data\Link Axis Bat Wave\SCR SLOW.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [LXCDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCDtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcdmon.exe] "C:\Program Files\Lexmark 6300 Series\lxcdmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 6300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [28a2f2bf] rundll32.exe "C:\WINDOWS\system32\sntettmv.dll",b
O4 - HKLM\..\Run: [AntiSpywareExpert] C:\Program Files\AntiSpywareExpert\ase.exe
O4 - HKLM\..\Run: [BM2b91c123] Rundll32.exe "C:\WINDOWS\system32\xxwnftyi.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BM2b91c123] Rundll32.exe "C:\WINDOWS\system32\xxwnftyi.dll",s
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: ExifLauncher2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Eric Chevalier\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUpload...
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcd_device - Unknown owner - C:\WINDOWS\system32\lxcdcoms.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 10344 bytes
Contenus similaires
30 Octobre 2008 13:39:38

Oups desole
Bonjour et merci, c'est la 1ere fois que suis sur 1 forum et n'y connait pas grand chose en PC...
que dois je faire maintenant ?
merci de m'aider
a b 8 Sécurité
30 Octobre 2008 15:20:35

Commence par être patient :) 

[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    30 Octobre 2008 20:31:43

    ouf ....
    voici le rapport
    Merci

    ComboFix 08-10-30.09 - Eric Chevalier 2008-10-30 19:59:55.1 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.145 [GMT 1:00]
    Running from: C:\Documents and Settings\Eric Chevalier\Desktop\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Eric Chevalier\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
    * Created a new restore point
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\All Users\Start Menu\Programs\AntiSpywareExpert
    C:\Documents and Settings\All Users\Start Menu\Programs\AntiSpywareExpert\AntiSpywareExpert.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\AntiSpywareExpert\Uninstall AntiSpywareExpert.lnk
    C:\Documents and Settings\Eric Chevalier\Desktop\AntiSpywareExpert.lnk
    C:\Program Files\AntiSpywareExpert
    C:\Program Files\AntiSpywareExpert\ase.exe
    C:\Program Files\AntiSpywareExpert\ASEFreeUpdate_fr.exe
    C:\Program Files\AntiSpywareExpert\BL.dat
    C:\Program Files\AntiSpywareExpert\WL.dat
    C:\WINDOWS\BM2b91c123.txt
    C:\WINDOWS\BM2b91c123.xml
    C:\WINDOWS\cookies.ini
    C:\WINDOWS\pskt.ini
    C:\WINDOWS\system32\abhfxdge.dll
    C:\WINDOWS\system32\aepeutqd.dll
    C:\WINDOWS\system32\afwcyqtd.dll
    C:\WINDOWS\system32\akmedpff.dll
    C:\WINDOWS\system32\alcmyz.dll
    C:\WINDOWS\system32\apdluudi.dll
    C:\WINDOWS\system32\apvhmd.dll
    C:\WINDOWS\system32\atnsewqo.ini
    C:\WINDOWS\system32\aylmosxp.ini
    C:\WINDOWS\system32\ayplpxmx.dll
    C:\WINDOWS\system32\aypqhgwr.ini
    C:\WINDOWS\system32\btftuhbu.dll
    C:\WINDOWS\system32\byewuame.dll
    C:\WINDOWS\system32\cvrintre.dll
    C:\WINDOWS\system32\cvyiydat.ini
    C:\WINDOWS\system32\daoclf.dll
    C:\WINDOWS\system32\dgxxsmgg.dll
    C:\WINDOWS\system32\dhqkqshm.ini
    C:\WINDOWS\system32\DJRuFfhk.ini
    C:\WINDOWS\system32\dshgrz.dll
    C:\WINDOWS\system32\durmsj.dll
    C:\WINDOWS\system32\eagmaefe.dll
    C:\WINDOWS\system32\ejvowd.dll
    C:\WINDOWS\system32\emauweyb.ini
    C:\WINDOWS\system32\engnwxia.ini
    C:\WINDOWS\system32\ersiyh.dll
    C:\WINDOWS\system32\euwhuuvf.dll
    C:\WINDOWS\system32\eyvpkecv.ini
    C:\WINDOWS\system32\fjnfix.dll
    C:\WINDOWS\system32\fvbonxrn.dll
    C:\WINDOWS\system32\fwbseogp.dll
    C:\WINDOWS\system32\fwumjo.dll
    C:\WINDOWS\system32\gdsmbi.dll
    C:\WINDOWS\system32\goglpp.dll
    C:\WINDOWS\system32\gohoflpo.ini
    C:\WINDOWS\system32\gtieos.dll
    C:\WINDOWS\system32\gwdkdoqv.ini
    C:\WINDOWS\system32\gydqpmpv.dll
    C:\WINDOWS\system32\hbhfcg.dll
    C:\WINDOWS\system32\hdfjna.dll
    C:\WINDOWS\system32\hgpqivou.ini
    C:\WINDOWS\system32\hvtpuouh.ini
    C:\WINDOWS\system32\hxrkeiey.ini
    C:\WINDOWS\system32\iupnhhrd.dll
    C:\WINDOWS\system32\jdmootkv.dll
    C:\WINDOWS\system32\jiwxlbah.dll
    C:\WINDOWS\system32\jkqeth.dll
    C:\WINDOWS\system32\jmocrkth.ini
    C:\WINDOWS\system32\joteklyw.dll
    C:\WINDOWS\system32\jovjijjv.ini
    C:\WINDOWS\system32\jttidxaj.dll
    C:\WINDOWS\system32\kbmnef.dll
    C:\WINDOWS\system32\kbppjswt.ini
    C:\WINDOWS\system32\kncfpa.dll
    C:\WINDOWS\system32\koeggwas.dll
    C:\WINDOWS\system32\krmriqeh.dll
    C:\WINDOWS\system32\kvlymz.dll
    C:\WINDOWS\system32\kxesijqd.dll
    C:\WINDOWS\system32\kxgwvgbc.dll
    C:\WINDOWS\system32\lkSAaccf.ini
    C:\WINDOWS\system32\ltgaxg.dll
    C:\WINDOWS\system32\mapycssd.dll
    C:\WINDOWS\system32\mbkranmn.ini
    C:\WINDOWS\system32\mcrh.tmp
    C:\WINDOWS\system32\mfnehrgq.ini
    C:\WINDOWS\system32\mhkunkmr.ini
    C:\WINDOWS\system32\mnryuofv.ini
    C:\WINDOWS\system32\mpcysawp.ini
    C:\WINDOWS\system32\mqgfqj.dll
    C:\WINDOWS\system32\MSINET.oca
    C:\WINDOWS\system32\njfnyqbs.dll
    C:\WINDOWS\system32\nmoxefao.ini
    C:\WINDOWS\system32\nqxkvp.dll
    C:\WINDOWS\system32\nslmxtea.ini
    C:\WINDOWS\system32\ntahmbbr.dll
    C:\WINDOWS\system32\obcsnwiv.ini
    C:\WINDOWS\system32\obqrohur.dll
    C:\WINDOWS\system32\okacjykq.dll
    C:\WINDOWS\system32\ophvbrxr.dll
    C:\WINDOWS\system32\oycigwpr.dll
    C:\WINDOWS\system32\pckxpj.dll
    C:\WINDOWS\system32\pdaaxagn.ini
    C:\WINDOWS\system32\pgoesbwf.ini
    C:\WINDOWS\system32\pltvhpfn.dll
    C:\WINDOWS\system32\psjaas.dll
    C:\WINDOWS\system32\qcjltvvq.ini
    C:\WINDOWS\system32\qkkvrr.dll
    C:\WINDOWS\system32\qleeipkn.ini
    C:\WINDOWS\system32\qnmmgh.dll
    C:\WINDOWS\system32\qqxxzc.dll
    C:\WINDOWS\system32\qtoxfncd.dll
    C:\WINDOWS\system32\rpwgicyo.ini
    C:\WINDOWS\system32\rqufuyjq.dll
    C:\WINDOWS\system32\RsCfOqru.ini
    C:\WINDOWS\system32\RsCfOqru.ini2
    C:\WINDOWS\system32\rtoklxbx.ini
    C:\WINDOWS\system32\rvmlmjbf.ini
    C:\WINDOWS\system32\sescxiev.exe
    C:\WINDOWS\system32\sfehlats.dll
    C:\WINDOWS\system32\skkkqjtr.dll
    C:\WINDOWS\system32\sntettmv.dll
    C:\WINDOWS\system32\spghdmqi.ini
    C:\WINDOWS\system32\sxbxfj.dll
    C:\WINDOWS\system32\sydfve.dll
    C:\WINDOWS\system32\taxssjsl.dll
    C:\WINDOWS\system32\tepscdlc.dll
    C:\WINDOWS\system32\tgsmqxbn.dll
    C:\WINDOWS\system32\tjgptpbq.ini
    C:\WINDOWS\system32\tlncyvxh.dll
    C:\WINDOWS\system32\tmewanpe.dll
    C:\WINDOWS\system32\tuvUMeBu.dll
    C:\WINDOWS\system32\twsjppbk.dll
    C:\WINDOWS\system32\txucyajc.ini
    C:\WINDOWS\system32\uBeMUvut.ini
    C:\WINDOWS\system32\uBeMUvut.ini2
    C:\WINDOWS\system32\ucxnfl.dll
    C:\WINDOWS\system32\ujckbwgw.dll
    C:\WINDOWS\system32\ulitnfao.dll
    C:\WINDOWS\system32\uoviqpgh.dll
    C:\WINDOWS\system32\UwHikUtv.ini
    C:\WINDOWS\system32\uwpddmya.ini
    C:\WINDOWS\system32\uxnugr.dll
    C:\WINDOWS\system32\uxogfgan.dll
    C:\WINDOWS\system32\vbaryosh.ini
    C:\WINDOWS\system32\vcekpvye.dll
    C:\WINDOWS\system32\vmttetns.ini
    C:\WINDOWS\system32\vpjvyijp.dll
    C:\WINDOWS\system32\vpmpqdyg.ini
    C:\WINDOWS\system32\WDdJRqss.ini
    C:\WINDOWS\system32\weheqhle.ini
    C:\WINDOWS\system32\wfnthxds.dll
    C:\WINDOWS\system32\wgurwj.dll
    C:\WINDOWS\system32\wgwbkcju.ini
    C:\WINDOWS\system32\wmafuyai.dll
    C:\WINDOWS\system32\wmlhgruc.ini
    C:\WINDOWS\system32\wvUoMeFX.dll
    C:\WINDOWS\system32\wynpkc.dll
    C:\WINDOWS\system32\xbwoxvgr.dll
    C:\WINDOWS\system32\xbxlkotr.dll
    C:\WINDOWS\system32\xcgnsp.dll
    C:\WINDOWS\system32\xeibjduu.ini
    C:\WINDOWS\system32\xjnjnqlm.ini
    C:\WINDOWS\system32\xmwxisau.dll
    C:\WINDOWS\system32\xwrwmpjx.dll
    C:\WINDOWS\system32\xxwnftyi.dll
    C:\WINDOWS\system32\yeiekrxh.dll
    C:\WINDOWS\system32\ykmvco.dll
    C:\WINDOWS\system32\yuhqhosx.ini
    C:\WINDOWS\system32\yxegsoil.dll
    C:\WINDOWS\system32\yxjsnive.dll
    C:\WINDOWS\system32\zedkcq.dll

    .
    ((((((((((((((((((((((((( Files Created from 2008-09-28 to 2008-10-30 )))))))))))))))))))))))))))))))
    .

    2008-10-30 13:15 . 2008-10-30 13:15 <DIR> d-------- C:\Program Files\Trend Micro
    2008-10-30 09:55 . 2008-10-30 09:55 <DIR> d-------- C:\Program Files\Enigma Software Group
    2008-10-29 09:27 . 2008-10-29 09:27 <DIR> d-------- C:\Program Files\Symantec
    2008-10-29 09:27 . 2008-10-29 09:27 124,464 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
    2008-10-29 09:27 . 2008-10-29 09:27 60,808 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
    2008-10-29 09:27 . 2008-10-29 09:25 35,888 -ra------ C:\WINDOWS\system32\drivers\SymIM.sys
    2008-10-29 09:24 . 2008-10-29 09:24 <DIR> d-------- C:\WINDOWS\system32\drivers\NIS
    2008-10-29 09:24 . 2008-10-29 09:24 <DIR> d-------- C:\Program Files\Windows Sidebar
    2008-10-29 09:24 . 2008-10-29 09:24 <DIR> d-------- C:\Program Files\Norton Internet Security
    2008-10-29 08:59 . 2008-10-29 08:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PCSettings
    2008-10-29 08:59 . 2008-10-29 09:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Norton
    2008-10-29 08:58 . 2008-10-29 08:58 <DIR> d-------- C:\Program Files\NortonInstaller
    2008-10-29 08:58 . 2008-10-29 08:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NortonInstaller
    2008-10-29 08:52 . 2008-10-29 08:52 <DIR> d-------- C:\Documents and Settings\All Users\Symantec Temporary Files
    2008-10-21 18:19 . 2008-10-21 18:19 268 --ah----- C:\sqmdata12.sqm
    2008-10-21 18:19 . 2008-10-21 18:19 244 --ah----- C:\sqmnoopt11.sqm
    2008-10-21 16:30 . 2008-10-21 16:30 268 --ah----- C:\sqmdata11.sqm
    2008-10-21 16:30 . 2008-10-21 16:30 244 --ah----- C:\sqmnoopt10.sqm
    2008-10-21 06:02 . 2008-10-21 06:02 268 --ah----- C:\sqmdata10.sqm
    2008-10-21 06:02 . 2008-10-21 06:02 244 --ah----- C:\sqmnoopt09.sqm
    2008-10-04 10:35 . 2008-10-04 10:37 <DIR> d-------- C:\Need4Video files
    2008-10-04 10:22 . 2008-10-04 10:27 <DIR> d-------- C:\Documents and Settings\Eric Chevalier\Application Data\vlc
    2008-10-04 10:20 . 2008-10-04 10:20 <DIR> d-------- C:\Program Files\VideoLAN
    2008-09-20 06:06 . 2008-09-20 06:06 221,184 --a------ C:\WINDOWS\system32\lsfmbphk.dll
    2008-09-20 06:06 . 2008-09-20 06:06 108,544 --a------ C:\WINDOWS\system32\yayyAQhg.dll
    2008-09-20 06:04 . 2008-09-20 06:04 115,200 --a------ C:\WINDOWS\system32\qybjocww.dll
    2008-09-20 06:04 . 2008-09-20 06:04 115,200 --a------ C:\WINDOWS\system32\bgtsho.dll
    2008-09-20 06:04 . 2008-09-20 06:04 95,744 --a------ C:\WINDOWS\system32\jyrwifew.dll
    2008-09-19 06:09 . 2008-09-19 06:09 115,200 --a------ C:\WINDOWS\system32\ttkamd.dll
    2008-09-19 06:09 . 2008-09-19 06:09 115,200 --a------ C:\WINDOWS\system32\ksptlwtp.dll
    2008-09-19 06:06 . 2008-09-19 06:06 221,184 --a------ C:\WINDOWS\system32\pnsrbkts.dll
    2008-09-19 06:06 . 2008-09-19 06:06 108,544 --a------ C:\WINDOWS\system32\iifcYSJd.dll
    2008-09-19 06:03 . 2008-09-19 06:03 95,744 --a------ C:\WINDOWS\system32\moxpuwwr.dll
    2008-09-19 06:03 . 2008-09-19 06:03 95,744 --a------ C:\WINDOWS\system32\csvrfnph.dll
    2008-09-18 06:09 . 2008-09-18 06:09 221,184 --a------ C:\WINDOWS\system32\dipmoljs.dll
    2008-09-18 06:09 . 2008-09-18 06:09 108,544 --a------ C:\WINDOWS\system32\awttsPFv.dll
    2008-09-18 06:06 . 2008-09-18 06:06 115,200 --a------ C:\WINDOWS\system32\kglnwd.dll
    2008-09-18 06:06 . 2008-09-18 06:06 115,200 --a------ C:\WINDOWS\system32\dfwodcui.dll
    2008-09-18 06:03 . 2008-09-18 06:03 95,744 --a------ C:\WINDOWS\system32\swfgjgsn.dll
    2008-09-17 10:26 . 2008-09-17 10:26 115,200 --a------ C:\WINDOWS\system32\kyxnqk.dll
    2008-09-17 10:26 . 2008-09-17 10:26 115,200 --a------ C:\WINDOWS\system32\kmgcrogq.dll
    2008-09-16 06:01 . 2008-09-16 06:01 95,232 --a------ C:\WINDOWS\system32\qfhbmnol.dll
    2008-09-16 06:01 . 2008-09-16 06:01 85,504 --a------ C:\WINDOWS\system32\mhsqkqhd.dll
    2008-09-15 06:03 . 2008-09-15 06:03 115,200 --a------ C:\WINDOWS\system32\xjasmqdv.dll
    2008-09-15 06:03 . 2008-09-15 06:03 115,200 --a------ C:\WINDOWS\system32\rfqrul.dll
    2008-09-15 06:01 . 2008-09-15 06:01 95,744 --a------ C:\WINDOWS\system32\cirnncvu.dll
    2008-09-10 19:12 . 2008-09-10 19:12 115,712 --a------ C:\WINDOWS\system32\qjwdfgeb.dll
    2008-09-10 11:36 . 2008-09-10 11:36 115,712 --a------ C:\WINDOWS\system32\ufueicrp.dll
    2008-09-10 11:36 . 2008-09-10 11:36 67,984 --a------ C:\WINDOWS\system32\ewvxiige.dll
    2008-09-10 00:51 . 2008-09-10 00:51 69,436 --a------ C:\WINDOWS\system32\mhybxbvu.dll
    2008-09-09 21:43 . 2008-09-09 21:43 66,532 --a------ C:\WINDOWS\system32\qfhepmcf.dll
    2008-09-09 21:42 . 2008-09-09 21:42 284,672 --a------ C:\WINDOWS\system32\urqOfCsR.dll
    2008-09-09 19:45 . 2008-09-09 19:45 <DIR> d-------- C:\WINDOWS\system32\wTR02
    2008-09-09 19:45 . 2008-09-09 19:45 <DIR> d-------- C:\Temp\dax41
    2008-09-09 19:45 . 2008-09-09 19:45 34,816 --a------ C:\WINDOWS\system32\ssqNDsQj.dll
    2008-09-09 19:45 . 2008-09-09 19:45 34,816 --a------ C:\WINDOWS\system32\ljJDWPfd.dll
    2008-09-06 13:15 . 2008-09-06 13:15 <DIR> d-------- C:\Documents and Settings\Eric Chevalier\Application Data\ViquaSoft
    2008-09-06 12:29 . 2008-09-06 12:29 268 --ah----- C:\sqmdata09.sqm
    2008-09-06 12:29 . 2008-09-06 12:29 244 --ah----- C:\sqmnoopt08.sqm
    2008-09-06 12:17 . 2008-09-06 12:28 <DIR> d-------- C:\Documents and Settings\Eric Chevalier\Application Data\FUJIFILM
    2008-09-06 12:15 . 2008-10-26 20:30 <DIR> d-------- C:\Program Files\FinePixViewer
    2008-09-06 12:15 . 2003-09-03 15:45 274,432 --a------ C:\WINDOWS\system32\FFTIFF16.dll
    2008-09-06 12:15 . 2006-07-12 13:39 208,896 --a------ C:\WINDOWS\system32\FFRafShellEx.dll
    2008-09-06 12:15 . 2004-07-24 20:28 155,648 --a------ C:\WINDOWS\system32\FFRAFLIB.DLL
    2008-09-06 12:14 . 2008-09-06 12:14 <DIR> d-------- C:\Program Files\REGSHAVE
    2008-09-06 12:14 . 2001-11-25 12:11 81,924 --a------ C:\WINDOWS\system32\drivers\VC4CB104.SYS
    2008-09-06 12:14 . 2002-02-27 12:27 65,536 --a------ C:\WINDOWS\system32\FINFCHECK.dll
    2008-09-06 12:14 . 2002-06-25 09:06 45,056 --a------ C:\WINDOWS\system32\FINFCOPY.dll
    2008-09-06 12:13 . 2002-02-05 17:33 69,632 --a------ C:\WINDOWS\system32\FREGSHEX.DLL
    2008-09-06 12:13 . 2002-02-13 11:00 45,056 --a------ C:\WINDOWS\system32\FCLKBTN.DLL

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-30 19:16 --------- d-----w C:\Documents and Settings\Eric Chevalier\Application Data\skypePM
    2008-10-30 19:16 --------- d-----w C:\Documents and Settings\Eric Chevalier\Application Data\Skype
    2008-10-30 19:15 --------- d-----w C:\Documents and Settings\Eric Chevalier\Application Data\LimeWire
    2008-10-30 19:14 --------- d-----w C:\Program Files\Lx_cats
    2008-10-29 08:33 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2008-10-29 08:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
    2008-10-29 08:27 806 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
    2008-10-29 08:27 10,635 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
    2008-10-29 07:38 --------- d-----w C:\Program Files\MSN Games
    2008-10-28 06:22 --------- d-----w C:\Program Files\Zylom Games
    2008-10-27 18:51 --------- d-----w C:\Program Files\LimeWire
    2008-10-18 19:01 --------- d-----w C:\Documents and Settings\Eric Chevalier\Application Data\AdobeUM
    2008-09-07 18:36 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-09-06 11:18 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-09-03 11:39 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
    2008-09-03 11:39 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLds.DAT
    2008-08-31 21:48 --------- d-----w C:\Documents and Settings\Eric Chevalier\Application Data\Gamelab
    2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
    2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
    2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
    2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
    2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
    2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
    2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
    2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
    2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
    2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
    2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
    2008-07-07 20:32 253,952 ----a-w C:\WINDOWS\system32\es.dll
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{47836122-9D2E-476C-9763-B1D366F704E1}]
    2008-09-09 19:45 34816 --a------ C:\WINDOWS\system32\ljJDWPfd.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7BA6D27A-E1CB-41F6-8BD0-15E38064704B}]
    2008-09-09 21:42 284672 --a------ C:\WINDOWS\system32\urqOfCsR.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ABDB597C-0677-4C39-B9AF-CA3382030190}]
    2008-10-30 20:19 281600 --a------ C:\WINDOWS\system32\cbXOFxvT.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-14 68856]
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-03 401491]
    "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-05-30 21718312]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Bat Wave Base Dale"="C:\Documents and Settings\All Users\Application Data\Link Axis Bat Wave\SCR SLOW.exe" [2008-07-18 4784640]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "LXCDCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCDtime.dll" [2005-07-11 69632]
    "lxcdmon.exe"="C:\Program Files\Lexmark 6300 Series\lxcdmon.exe" [2005-06-24 200704]
    "EzPrint"="C:\Program Files\Lexmark 6300 Series\ezprint.exe" [2005-07-05 94208]
    "FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2005-07-12 299008]
    "NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
    "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-05-28 528384]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 413696]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
    "REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]
    "28a2f2bf"="C:\WINDOWS\system32\qpdrxbes.dll" [2008-10-30 71680]
    "SiSPower"="SiSPower.dll" [2005-02-16 C:\WINDOWS\system32\SiSPower.dll]
    "SoundMan"="SOUNDMAN.EXE" [2005-01-20 C:\WINDOWS\SOUNDMAN.EXE]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15360]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    Bluetooth.lnk - C:\Program Files\Belkin\Bluetooth Software\BTTray.exe [2006-06-07 553021]
    ExifLauncher2.lnk - C:\Program Files\FinePixViewer\QuickDCF2.exe [2008-09-06 303104]
    NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe [2008-04-13 118784]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{47836122-9D2E-476C-9763-B1D366F704E1}"= "C:\WINDOWS\system32\ljJDWPfd.dll" [2008-09-09 34816]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ljJDWPfd]
    2008-09-09 19:45 34816 C:\WINDOWS\system32\ljJDWPfd.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=kvlymz.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "MSACM.CEGSM"= mobilev.acm

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\cbXOFxvT

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"=

    R0 SymEFA;Symantec Extended File Attributes;C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMEFA.SYS [2008-10-29 309296]
    R1 BHDrvx86;Symantec Heuristics Driver;C:\WINDOWS\system32\drivers\NIS\1000000.07D\BHDrvx86.sys [2008-10-29 254512]
    R1 ccHP;Symantec Hash Provider;C:\WINDOWS\system32\drivers\NIS\1000000.07D\ccHPx86.sys [2008-10-29 362544]
    R1 IDSxpx86;IDSxpx86;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20081029.001\IDSxpx86.sys [2008-10-29 274808]
    R2 Norton Internet Security;Norton Internet Security;C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\diMaster.dll [ ]
    .
    Contents of the 'Scheduled Tasks' folder

    2008-10-28 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57]

    2008-10-24 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Eric Chevalier.job
    - C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe []

    2008-10-30 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
    - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
    .
    - - - - ORPHANS REMOVED - - - -

    BHO-{142f5552-4cf4-4113-9298-0e87ca7fd52d} - C:\WINDOWS\system32\ejvowd.dll
    BHO-{8717A3F7-549A-4BED-A201-E8D01D3EF4EB} - C:\WINDOWS\system32\tuvUMeBu.dll
    HKCU-Run-BM2b91c123 - C:\WINDOWS\system32\xxwnftyi.dll
    HKLM-Run-AntiSpywareExpert - C:\Program Files\AntiSpywareExpert\ase.exe
    HKLM-Run-BM2b91c123 - C:\WINDOWS\system32\xxwnftyi.dll


    .
    ------- Supplementary Scan -------
    .
    R0 -: HKCU-Main,Start Page =
    R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    R1 -: HKCU-Internet Connection Wizard,ShellNext = iexplore
    R1 -: HKCU-Internet Settings,ProxyOverride = *.local
    O8 -: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 -: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 -: Send to &Bluetooth Device... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
    O9 -: {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Eric Chevalier\Start Menu\Programs\IMVU\Run IMVU.lnk
    O9 -: {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Eric Chevalier\Start Menu\Programs\IMVU\Run IMVU.lnk -
    O18 -: WinCE Filter: image/bmp - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - C:\Program Files\Microsoft ActiveSync\CENETFLT.DLL
    O18 -: WinCE Filter: image/gif - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - C:\Program Files\Microsoft ActiveSync\CENETFLT.DLL
    O18 -: WinCE Filter: image/jpeg - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - C:\Program Files\Microsoft ActiveSync\CENETFLT.DLL
    O18 -: WinCE Filter: image/xbm - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - C:\Program Files\Microsoft ActiveSync\CENETFLT.DLL
    O18 -: WinCE Filter: text/asp - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - C:\Program Files\Microsoft ActiveSync\CENETFLT.DLL
    O18 -: WinCE Filter: text/html - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - C:\Program Files\Microsoft ActiveSync\CENETFLT.DLL
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-30 20:14:04
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\System\ControlSet004\Services\Norton Internet Security]
    "ImagePath"="\"C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    PROCESS: C:\WINDOWS\explorer.exe
    -> C:\WINDOWS\system32\qpdrxbes.dll
    -> C:\WINDOWS\system32\cbXOFxvT.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
    C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\lxcdcoms.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\LimeWire\LimeWire.exe
    C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\Common Files\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\SoftwareDistribution\Download\fd0264849c01086f3c6b505dc02dbd44\update\update.exe
    C:\WINDOWS\system32\rundll32.exe
    .
    **************************************************************************
    .
    Completion time: 2008-10-30 20:24:19 - machine was rebooted
    ComboFix-quarantined-files.txt 2008-10-30 19:23:55

    Pre-Run: 35 105 710 080 bytes free
    Post-Run: 35,649,474,560 bytes free

    WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

    435 --- E O F --- 2008-08-27 09:08:49
    a b 8 Sécurité
    30 Octobre 2008 20:46:24

    Re,

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    31 Octobre 2008 09:53:58

    Bonjour,
    me revoila
    Voici le rapport
    Merci pour votre aide....

    Malwarebytes' Anti-Malware 1.30
    Version de la base de données: 1306
    Windows 5.1.2600 Service Pack 2

    31/10/2008 09:41:10
    mbam-log-2008-10-31 (09-41-10).txt

    Type de recherche: Examen complet (C:\|E:\|)
    Eléments examinés: 240292
    Temps écoulé: 7 hour(s), 44 minute(s), 19 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 2
    Clé(s) du Registre infectée(s): 12
    Valeur(s) du Registre infectée(s): 5
    Elément(s) de données du Registre infecté(s): 2
    Dossier(s) infecté(s): 2
    Fichier(s) infecté(s): 148

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\WINDOWS\system32\cbXOFxvT.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\ljJDWPfd.dll (Trojan.Vundo) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47836122-9d2e-476c-9763-b1d366f704e1} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ljjdwpfd (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{47836122-9d2e-476c-9763-b1d366f704e1} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9b5fe86c-d207-4ca9-8dbc-85ca51a144a0} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{9b5fe86c-d207-4ca9-8dbc-85ca51a144a0} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{7ba6d27a-e1cb-41f6-8bd0-15e38064704b} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7ba6d27a-e1cb-41f6-8bd0-15e38064704b} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\28a2f2bf (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{47836122-9d2e-476c-9763-b1d366f704e1} (Trojan.Vundo) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bat wave base dale (Trojan.Downloader) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\cbxofxvt -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\cbxofxvt -> Delete on reboot.

    Dossier(s) infecté(s):
    C:\Documents and Settings\All Users\Application Data\Link Axis Bat Wave (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\wTR02 (Trojan.Agent) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\ljJDWPfd.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\cbXOFxvT.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\TvxFOXbc.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\TvxFOXbc.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\qpdrxbes.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\sebxrdpq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\aepeutqd.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\apdluudi.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\ayplpxmx.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\byewuame.dll.vir (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\cvrintre.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\daoclf.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\ersiyh.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\euwhuuvf.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\fjnfix.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\gdsmbi.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\goglpp.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\gtieos.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\hbhfcg.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\iupnhhrd.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\jdmootkv.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\kncfpa.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\kxgwvgbc.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\mapycssd.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\obqrohur.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\pckxpj.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\qkkvrr.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\qnmmgh.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\qqxxzc.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\qtoxfncd.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\sescxiev.exe.vir (Trojan.LowZones) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\sfehlats.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\skkkqjtr.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\sydfve.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\tgsmqxbn.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\tlncyvxh.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\ujckbwgw.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\ulitnfao.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\wgurwj.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\wynpkc.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\xcgnsp.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\xmwxisau.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP194\A0072296.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP197\A0075307.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP197\A0075308.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP201\A0078365.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP202\A0080365.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP202\A0081374.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP203\A0081380.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP207\A0086401.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP208\A0087401.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP208\A0088410.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP208\A0088411.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP208\A0088413.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP208\A0088414.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP208\A0088418.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP209\A0088441.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP210\A0088464.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP210\A0088465.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP210\A0088466.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP210\A0088467.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP210\A0089414.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP210\A0089415.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP212\A0093413.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP213\A0097413.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP214\A0097474.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP214\A0098468.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP215\A0099468.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP215\A0099469.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP215\A0099470.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP218\A0102484.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP218\A0102485.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP218\A0102486.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP218\A0102487.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP218\A0102488.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP218\A0102489.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP218\A0102490.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP223\A0110468.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP225\A0113468.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP228\A0118483.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP228\A0118484.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP229\A0123512.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP230\A0123530.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP230\A0124493.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP230\A0124504.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP231\A0126492.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP232\A0127492.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP232\A0128499.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP232\A0128502.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP232\A0128503.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP232\A0128505.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP232\A0128506.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP232\A0128507.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP235\A0134541.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP235\A0134542.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166202.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166206.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166210.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166213.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166215.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166224.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166225.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166227.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166231.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166232.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166234.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166237.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166242.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166243.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166252.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166257.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166260.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166273.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166277.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166283.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166285.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166286.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166287.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166293.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166294.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166295.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166299.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166302.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166304.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166310.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166311.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166325.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166330.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166333.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3C82BE43-5BEA-4363-BEDB-E75C02DEAD79}\RP244\A0166336.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\bgtsho.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\dfwodcui.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\kglnwd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\kmgcrogq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ksptlwtp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\kyxnqk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\mhsqkqhd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\qfhbmnol.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\qjwdfgeb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\qybjocww.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\rfqrul.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ssqNDsQj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ttkamd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ufueicrp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\urqOfCsR.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\xjasmqdv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\Link Axis Bat Wave\SCR SLOW.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Eric Chevalier\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiSpywareExpert.lnk (Rogue.Antispyware) -> Quarantined and deleted successfully.
    a b 8 Sécurité
    31 Octobre 2008 13:42:52

    Refais un scan Combofix :) 
    31 Octobre 2008 14:18:56

    Hello
    Voici le raport
    Merci

    ComboFix 08-10-30.12 - Eric Chevalier 2008-10-31 14:00:50.2 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.53 [GMT 1:00]
    Running from: C:\Documents and Settings\Eric Chevalier\Desktop\ComboFix.exe
    * Created a new restore point
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\system32\gyubbmng.dll
    C:\WINDOWS\system32\nfmdff.dll

    .
    ((((((((((((((((((((((((( Files Created from 2008-09-28 to 2008-10-31 )))))))))))))))))))))))))))))))
    .

    2008-10-31 10:19 . 2008-10-31 10:19 <DIR> d-------- C:\WINDOWS\LastGood
    2008-10-30 21:03 . 2008-10-30 21:03 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-30 21:03 . 2008-10-30 21:03 <DIR> d-------- C:\Documents and Settings\Eric Chevalier\Application Data\Malwarebytes
    2008-10-30 21:03 . 2008-10-30 21:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-30 21:03 . 2008-10-22 16:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-10-30 21:03 . 2008-10-22 16:10 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-10-30 13:15 . 2008-10-30 13:15 <DIR> d-------- C:\Program Files\Trend Micro
    2008-10-30 09:55 . 2008-10-30 09:55 <DIR> d-------- C:\Program Files\Enigma Software Group
    2008-10-29 09:27 . 2008-10-29 09:27 <DIR> d-------- C:\Program Files\Symantec
    2008-10-29 09:27 . 2008-10-29 09:27 124,464 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
    2008-10-29 09:27 . 2008-10-29 09:27 60,808 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
    2008-10-29 09:27 . 2008-10-29 09:25 35,888 -ra------ C:\WINDOWS\system32\drivers\SymIM.sys
    2008-10-29 09:24 . 2008-10-29 09:24 <DIR> d-------- C:\WINDOWS\system32\drivers\NIS
    2008-10-29 09:24 . 2008-10-29 09:24 <DIR> d-------- C:\Program Files\Windows Sidebar
    2008-10-29 09:24 . 2008-10-29 09:24 <DIR> d-------- C:\Program Files\Norton Internet Security
    2008-10-29 08:59 . 2008-10-29 08:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PCSettings
    2008-10-29 08:59 . 2008-10-29 09:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Norton
    2008-10-29 08:58 . 2008-10-29 08:58 <DIR> d-------- C:\Program Files\NortonInstaller
    2008-10-29 08:58 . 2008-10-29 08:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NortonInstaller
    2008-10-29 08:52 . 2008-10-29 08:52 <DIR> d-------- C:\Documents and Settings\All Users\Symantec Temporary Files
    2008-10-21 18:19 . 2008-10-21 18:19 268 --ah----- C:\sqmdata12.sqm
    2008-10-21 18:19 . 2008-10-21 18:19 244 --ah----- C:\sqmnoopt11.sqm
    2008-10-21 16:30 . 2008-10-21 16:30 268 --ah----- C:\sqmdata11.sqm
    2008-10-21 16:30 . 2008-10-21 16:30 244 --ah----- C:\sqmnoopt10.sqm
    2008-10-21 06:02 . 2008-10-21 06:02 268 --ah----- C:\sqmdata10.sqm
    2008-10-21 06:02 . 2008-10-21 06:02 244 --ah----- C:\sqmnoopt09.sqm
    2008-10-04 10:35 . 2008-10-04 10:37 <DIR> d-------- C:\Need4Video files
    2008-10-04 10:22 . 2008-10-04 10:27 <DIR> d-------- C:\Documents and Settings\Eric Chevalier\Application Data\vlc
    2008-10-04 10:20 . 2008-10-04 10:20 <DIR> d-------- C:\Program Files\VideoLAN
    2008-09-20 06:06 . 2008-09-20 06:06 221,184 --a------ C:\WINDOWS\system32\lsfmbphk.dll
    2008-09-20 06:06 . 2008-09-20 06:06 108,544 --a------ C:\WINDOWS\system32\yayyAQhg.dll
    2008-09-20 06:04 . 2008-09-20 06:04 95,744 --a------ C:\WINDOWS\system32\jyrwifew.dll
    2008-09-19 06:06 . 2008-09-19 06:06 221,184 --a------ C:\WINDOWS\system32\pnsrbkts.dll
    2008-09-19 06:06 . 2008-09-19 06:06 108,544 --a------ C:\WINDOWS\system32\iifcYSJd.dll
    2008-09-19 06:03 . 2008-09-19 06:03 95,744 --a------ C:\WINDOWS\system32\moxpuwwr.dll
    2008-09-19 06:03 . 2008-09-19 06:03 95,744 --a------ C:\WINDOWS\system32\csvrfnph.dll
    2008-09-18 06:09 . 2008-09-18 06:09 221,184 --a------ C:\WINDOWS\system32\dipmoljs.dll
    2008-09-18 06:09 . 2008-09-18 06:09 108,544 --a------ C:\WINDOWS\system32\awttsPFv.dll
    2008-09-18 06:03 . 2008-09-18 06:03 95,744 --a------ C:\WINDOWS\system32\swfgjgsn.dll
    2008-09-15 06:01 . 2008-09-15 06:01 95,744 --a------ C:\WINDOWS\system32\cirnncvu.dll
    2008-09-10 11:36 . 2008-09-10 11:36 67,984 --a------ C:\WINDOWS\system32\ewvxiige.dll
    2008-09-10 00:51 . 2008-09-10 00:51 69,436 --a------ C:\WINDOWS\system32\mhybxbvu.dll
    2008-09-09 21:43 . 2008-09-09 21:43 66,532 --a------ C:\WINDOWS\system32\qfhepmcf.dll
    2008-09-09 19:45 . 2008-09-09 19:45 <DIR> d-------- C:\Temp\dax41
    2008-09-06 13:15 . 2008-09-06 13:15 <DIR> d-------- C:\Documents and Settings\Eric Chevalier\Application Data\ViquaSoft
    2008-09-06 12:29 . 2008-09-06 12:29 268 --ah----- C:\sqmdata09.sqm
    2008-09-06 12:29 . 2008-09-06 12:29 244 --ah----- C:\sqmnoopt08.sqm
    2008-09-06 12:17 . 2008-09-06 12:28 <DIR> d-------- C:\Documents and Settings\Eric Chevalier\Application Data\FUJIFILM
    2008-09-06 12:15 . 2008-10-26 20:30 <DIR> d-------- C:\Program Files\FinePixViewer
    2008-09-06 12:15 . 2003-09-03 15:45 274,432 --a------ C:\WINDOWS\system32\FFTIFF16.dll
    2008-09-06 12:15 . 2006-07-12 13:39 208,896 --a------ C:\WINDOWS\system32\FFRafShellEx.dll
    2008-09-06 12:15 . 2004-07-24 20:28 155,648 --a------ C:\WINDOWS\system32\FFRAFLIB.DLL
    2008-09-06 12:14 . 2008-09-06 12:14 <DIR> d-------- C:\Program Files\REGSHAVE
    2008-09-06 12:14 . 2001-11-25 12:11 81,924 --a------ C:\WINDOWS\system32\drivers\VC4CB104.SYS
    2008-09-06 12:14 . 2002-02-27 12:27 65,536 --a------ C:\WINDOWS\system32\FINFCHECK.dll
    2008-09-06 12:14 . 2002-06-25 09:06 45,056 --a------ C:\WINDOWS\system32\FINFCOPY.dll
    2008-09-06 12:13 . 2002-02-05 17:33 69,632 --a------ C:\WINDOWS\system32\FREGSHEX.DLL
    2008-09-06 12:13 . 2002-02-13 11:00 45,056 --a------ C:\WINDOWS\system32\FCLKBTN.DLL

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-31 13:04 --------- d-----w C:\Documents and Settings\Eric Chevalier\Application Data\Skype
    2008-10-31 08:47 --------- d-----w C:\Documents and Settings\Eric Chevalier\Application Data\LimeWire
    2008-10-31 08:45 --------- d-----w C:\Program Files\Lx_cats
    2008-10-31 08:45 --------- d-----w C:\Documents and Settings\Eric Chevalier\Application Data\skypePM
    2008-10-29 08:33 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2008-10-29 08:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
    2008-10-29 08:27 806 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
    2008-10-29 08:27 10,635 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
    2008-10-29 07:38 --------- d-----w C:\Program Files\MSN Games
    2008-10-28 06:22 --------- d-----w C:\Program Files\Zylom Games
    2008-10-27 18:51 --------- d-----w C:\Program Files\LimeWire
    2008-10-18 19:01 --------- d-----w C:\Documents and Settings\Eric Chevalier\Application Data\AdobeUM
    2008-09-07 18:36 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-09-06 11:18 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-09-03 11:39 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
    2008-09-03 11:39 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLds.DAT
    2008-08-31 21:48 --------- d-----w C:\Documents and Settings\Eric Chevalier\Application Data\Gamelab
    2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
    2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
    2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
    2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
    2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
    2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
    2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
    2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
    2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
    2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
    2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
    2008-07-07 20:32 253,952 ----a-w C:\WINDOWS\system32\es.dll
    .

    ((((((((((((((((((((((((((((( snapshot@2008-10-30_20.22.36.48 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2008-10-31 08:46:08 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_428.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-14 68856]
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-03 401491]
    "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-05-30 21718312]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "LXCDCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCDtime.dll" [2005-07-11 69632]
    "lxcdmon.exe"="C:\Program Files\Lexmark 6300 Series\lxcdmon.exe" [2005-06-24 200704]
    "EzPrint"="C:\Program Files\Lexmark 6300 Series\ezprint.exe" [2005-07-05 94208]
    "FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2005-07-12 299008]
    "NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
    "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-05-28 528384]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 413696]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
    "REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]
    "SiSPower"="SiSPower.dll" [2005-02-16 C:\WINDOWS\system32\SiSPower.dll]
    "SoundMan"="SOUNDMAN.EXE" [2005-01-20 C:\WINDOWS\SOUNDMAN.EXE]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15360]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    Bluetooth.lnk - C:\Program Files\Belkin\Bluetooth Software\BTTray.exe [2006-06-07 553021]
    ExifLauncher2.lnk - C:\Program Files\FinePixViewer\QuickDCF2.exe [2008-09-06 303104]
    NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe [2008-04-13 118784]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=kvlymz.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "MSACM.CEGSM"= mobilev.acm

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"=

    R0 SymEFA;Symantec Extended File Attributes;C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMEFA.SYS [2008-10-29 309296]
    R1 BHDrvx86;Symantec Heuristics Driver;C:\WINDOWS\system32\drivers\NIS\1000000.07D\BHDrvx86.sys [2008-10-29 254512]
    R1 ccHP;Symantec Hash Provider;C:\WINDOWS\system32\drivers\NIS\1000000.07D\ccHPx86.sys [2008-10-29 362544]
    R1 IDSxpx86;IDSxpx86;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20081029.001\IDSxpx86.sys [2008-10-29 274808]
    R2 Norton Internet Security;Norton Internet Security;C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\diMaster.dll [ ]
    .
    Contents of the 'Scheduled Tasks' folder

    2008-10-28 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57]

    2008-10-24 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Eric Chevalier.job
    - C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe []

    2008-10-31 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
    - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
    .
    - - - - ORPHANS REMOVED - - - -

    BHO-{10a76f59-30e4-4a4c-a434-a7c3161d730a} - C:\WINDOWS\system32\nfmdff.dll


    .
    ------- Supplementary Scan -------
    .
    R0 -: HKCU-Main,Start Page =
    R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    R1 -: HKCU-Internet Connection Wizard,ShellNext = iexplore
    R1 -: HKCU-Internet Settings,ProxyOverride = *.local
    O8 -: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 -: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 -: Send to &Bluetooth Device... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
    O9 -: {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Eric Chevalier\Start Menu\Programs\IMVU\Run IMVU.lnk
    O9 -: {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Eric Chevalier\Start Menu\Programs\IMVU\Run IMVU.lnk -
    O18 -: WinCE Filter: image/bmp - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - C:\Program Files\Microsoft ActiveSync\CENETFLT.DLL
    O18 -: WinCE Filter: image/gif - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - C:\Program Files\Microsoft ActiveSync\CENETFLT.DLL
    O18 -: WinCE Filter: image/jpeg - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - C:\Program Files\Microsoft ActiveSync\CENETFLT.DLL
    O18 -: WinCE Filter: image/xbm - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - C:\Program Files\Microsoft ActiveSync\CENETFLT.DLL
    O18 -: WinCE Filter: text/asp - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - C:\Program Files\Microsoft ActiveSync\CENETFLT.DLL
    O18 -: WinCE Filter: text/html - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - C:\Program Files\Microsoft ActiveSync\CENETFLT.DLL
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-31 14:04:00
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\system\ControlSet004\Services\Norton Internet Security]
    "ImagePath"="\"C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
    .
    Completion time: 2008-10-31 14:06:44
    ComboFix-quarantined-files.txt 2008-10-31 13:06:40
    ComboFix2.txt 2008-10-30 19:24:26

    Pre-Run: 35 984 961 536 bytes free
    Post-Run: 36,028,293,120 bytes free

    213 --- E O F --- 2008-08-27 09:08:49
    a b 8 Sécurité
    31 Octobre 2008 15:13:17

    Re,

    [#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    File::
    C:\WINDOWS\system32\lsfmbphk.dll
    C:\WINDOWS\system32\yayyAQhg.dll
    C:\WINDOWS\system32\jyrwifew.dll
    C:\WINDOWS\system32\pnsrbkts.dll
    C:\WINDOWS\system32\iifcYSJd.dll
    C:\WINDOWS\system32\moxpuwwr.dll
    C:\WINDOWS\system32\csvrfnph.dll
    C:\WINDOWS\system32\dipmoljs.dll
    C:\WINDOWS\system32\awttsPFv.dll
    C:\WINDOWS\system32\swfgjgsn.dll
    C:\WINDOWS\system32\cirnncvu.dll
    C:\WINDOWS\system32\ewvxiige.dll
    C:\WINDOWS\system32\mhybxbvu.dll
    C:\WINDOWS\system32\qfhepmcf.dll

    Registry::
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=""


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précédemment copié.
    Sauvegarde ce fichier sous le nom de "CFScript.txt" [#ff0000](les guillemets sont importantes)[/#f].

    Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme dans l'image ci-dessous :


    Cela va relancer ComboFix. Après redémarrage, poste le contenu du rapport (C:\combofix.txt*) accompagné d'un rapport HijackThis.
    [#ff0000]NOTE : S'il n'y a pas de redémarrage, poste quand même les rapports demandés.[/#f]
    * le nom de la partition peut changer
    31 Octobre 2008 17:25:04

    Hello
    voici les 2 rapports
    CONBOFIX:

    ComboFix 08-10-30.13 - Eric Chevalier 2008-10-31 17:13:24.3 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.117 [GMT 1:00]
    Running from: C:\Documents and Settings\Eric Chevalier\Desktop\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Eric Chevalier\Desktop\CFScript.txt
    * Created a new restore point

    FILE ::
    C:\WINDOWS\system32\awttsPFv.dll
    C:\WINDOWS\system32\cirnncvu.dll
    C:\WINDOWS\system32\csvrfnph.dll
    C:\WINDOWS\system32\dipmoljs.dll
    C:\WINDOWS\system32\ewvxiige.dll
    C:\WINDOWS\system32\iifcYSJd.dll
    C:\WINDOWS\system32\jyrwifew.dll
    C:\WINDOWS\system32\lsfmbphk.dll
    C:\WINDOWS\system32\mhybxbvu.dll
    C:\WINDOWS\system32\moxpuwwr.dll
    C:\WINDOWS\system32\pnsrbkts.dll
    C:\WINDOWS\system32\qfhepmcf.dll
    C:\WINDOWS\system32\swfgjgsn.dll
    C:\WINDOWS\system32\yayyAQhg.dll
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\system32\awttsPFv.dll
    C:\WINDOWS\system32\cirnncvu.dll
    C:\WINDOWS\system32\csvrfnph.dll
    C:\WINDOWS\system32\dipmoljs.dll
    C:\WINDOWS\system32\ewvxiige.dll
    C:\WINDOWS\system32\iifcYSJd.dll
    C:\WINDOWS\system32\jyrwifew.dll
    C:\WINDOWS\system32\lsfmbphk.dll
    C:\WINDOWS\system32\mhybxbvu.dll
    C:\WINDOWS\system32\moxpuwwr.dll
    C:\WINDOWS\system32\pnsrbkts.dll
    C:\WINDOWS\system32\qfhepmcf.dll
    C:\WINDOWS\system32\swfgjgsn.dll
    C:\WINDOWS\system32\yayyAQhg.dll

    .
    ((((((((((((((((((((((((( Files Created from 2008-09-28 to 2008-10-31 )))))))))))))))))))))))))))))))
    .

    2008-10-30 21:03 . 2008-10-30 21:03 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-30 21:03 . 2008-10-30 21:03 <DIR> d-------- C:\Documents and Settings\Eric Chevalier\Application Data\Malwarebytes
    2008-10-30 21:03 . 2008-10-30 21:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-30 21:03 . 2008-10-22 16:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-10-30 21:03 . 2008-10-22 16:10 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-10-30 13:15 . 2008-10-30 13:15 <DIR> d-------- C:\Program Files\Trend Micro
    2008-10-30 09:55 . 2008-10-30 09:55 <DIR> d-------- C:\Program Files\Enigma Software Group
    2008-10-29 09:27 . 2008-10-29 09:27 <DIR> d-------- C:\Program Files\Symantec
    2008-10-29 09:27 . 2008-10-29 09:27 124,464 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
    2008-10-29 09:27 . 2008-10-29 09:27 60,808 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
    2008-10-29 09:27 . 2008-10-29 09:25 35,888 -ra------ C:\WINDOWS\system32\drivers\SymIM.sys
    2008-10-29 09:24 . 2008-10-29 09:24 <DIR> d-------- C:\WINDOWS\system32\drivers\NIS
    2008-10-29 09:24 . 2008-10-29 09:24 <DIR> d-------- C:\Program Files\Windows Sidebar
    2008-10-29 09:24 . 2008-10-29 09:24 <DIR> d-------- C:\Program Files\Norton Internet Security
    2008-10-29 08:59 . 2008-10-29 08:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PCSettings
    2008-10-29 08:59 . 2008-10-29 09:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Norton
    2008-10-29 08:58 . 2008-10-29 08:58 <DIR> d-------- C:\Program Files\NortonInstaller
    2008-10-29 08:58 . 2008-10-29 08:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NortonInstaller
    2008-10-29 08:52 . 2008-10-29 08:52 <DIR> d-------- C:\Documents and Settings\All Users\Symantec Temporary Files
    2008-10-21 18:19 . 2008-10-21 18:19 268 --ah----- C:\sqmdata12.sqm
    2008-10-21 18:19 . 2008-10-21 18:19 244 --ah----- C:\sqmnoopt11.sqm
    2008-10-21 16:30 . 2008-10-21 16:30 268 --ah----- C:\sqmdata11.sqm
    2008-10-21 16:30 . 2008-10-21 16:30 244 --ah----- C:\sqmnoopt10.sqm
    2008-10-21 06:02 . 2008-10-21 06:02 268 --ah----- C:\sqmdata10.sqm
    2008-10-21 06:02 . 2008-10-21 06:02 244 --ah----- C:\sqmnoopt09.sqm
    2008-10-04 10:35 . 2008-10-04 10:37 <DIR> d-------- C:\Need4Video files
    2008-10-04 10:22 . 2008-10-04 10:27 <DIR> d-------- C:\Documents and Settings\Eric Chevalier\Application Data\vlc
    2008-10-04 10:20 . 2008-10-04 10:20 <DIR> d-------- C:\Program Files\VideoLAN
    2008-09-09 19:45 . 2008-09-09 19:45 <DIR> d-------- C:\Temp\dax41
    2008-09-06 13:15 . 2008-09-06 13:15 <DIR> d-------- C:\Documents and Settings\Eric Chevalier\Application Data\ViquaSoft
    2008-09-06 12:29 . 2008-09-06 12:29 268 --ah----- C:\sqmdata09.sqm
    2008-09-06 12:29 . 2008-09-06 12:29 244 --ah----- C:\sqmnoopt08.sqm
    2008-09-06 12:17 . 2008-09-06 12:28 <DIR> d-------- C:\Documents and Settings\Eric Chevalier\Application Data\FUJIFILM
    2008-09-06 12:15 . 2008-10-26 20:30 <DIR> d-------- C:\Program Files\FinePixViewer
    2008-09-06 12:15 . 2003-09-03 15:45 274,432 --a------ C:\WINDOWS\system32\FFTIFF16.dll
    2008-09-06 12:15 . 2006-07-12 13:39 208,896 --a------ C:\WINDOWS\system32\FFRafShellEx.dll
    2008-09-06 12:15 . 2004-07-24 20:28 155,648 --a------ C:\WINDOWS\system32\FFRAFLIB.DLL
    2008-09-06 12:14 . 2008-09-06 12:14 <DIR> d-------- C:\Program Files\REGSHAVE
    2008-09-06 12:14 . 2001-11-25 12:11 81,924 --a------ C:\WINDOWS\system32\drivers\VC4CB104.SYS
    2008-09-06 12:14 . 2002-02-27 12:27 65,536 --a------ C:\WINDOWS\system32\FINFCHECK.dll
    2008-09-06 12:14 . 2002-06-25 09:06 45,056 --a------ C:\WINDOWS\system32\FINFCOPY.dll
    2008-09-06 12:13 . 2002-02-05 17:33 69,632 --a------ C:\WINDOWS\system32\FREGSHEX.DLL
    2008-09-06 12:13 . 2002-02-13 11:00 45,056 --a------ C:\WINDOWS\system32\FCLKBTN.DLL

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-31 16:12 --------- d-----w C:\Documents and Settings\Eric Chevalier\Application Data\Skype
    2008-10-31 15:03 --------- d-----w C:\Documents and Settings\Eric Chevalier\Application Data\skypePM
    2008-10-31 13:13 --------- d-----w C:\Documents and Settings\Eric Chevalier\Application Data\LimeWire
    2008-10-31 13:11 --------- d-----w C:\Program Files\Lx_cats
    2008-10-29 08:33 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2008-10-29 08:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
    2008-10-29 08:27 806 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
    2008-10-29 08:27 10,635 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
    2008-10-29 07:38 --------- d-----w C:\Program Files\MSN Games
    2008-10-28 06:22 --------- d-----w C:\Program Files\Zylom Games
    2008-10-27 18:51 --------- d-----w C:\Program Files\LimeWire
    2008-10-18 19:01 --------- d-----w C:\Documents and Settings\Eric Chevalier\Application Data\AdobeUM
    2008-09-07 18:36 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-09-06 11:18 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-09-03 11:39 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
    2008-09-03 11:39 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLds.DAT
    2008-08-31 21:48 --------- d-----w C:\Documents and Settings\Eric Chevalier\Application Data\Gamelab
    2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
    2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
    2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
    2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
    2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
    2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
    2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
    2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
    2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
    2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
    2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
    2008-07-07 20:32 253,952 ----a-w C:\WINDOWS\system32\es.dll
    .

    ((((((((((((((((((((((((((((( snapshot@2008-10-30_20.22.36.48 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2008-10-31 13:12:05 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_340.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-14 68856]
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-03 401491]
    "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-05-30 21718312]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "LXCDCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCDtime.dll" [2005-07-11 69632]
    "lxcdmon.exe"="C:\Program Files\Lexmark 6300 Series\lxcdmon.exe" [2005-06-24 200704]
    "EzPrint"="C:\Program Files\Lexmark 6300 Series\ezprint.exe" [2005-07-05 94208]
    "FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2005-07-12 299008]
    "NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
    "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-05-28 528384]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 413696]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
    "REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]
    "SiSPower"="SiSPower.dll" [2005-02-16 C:\WINDOWS\system32\SiSPower.dll]
    "SoundMan"="SOUNDMAN.EXE" [2005-01-20 C:\WINDOWS\SOUNDMAN.EXE]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15360]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    Bluetooth.lnk - C:\Program Files\Belkin\Bluetooth Software\BTTray.exe [2006-06-07 553021]
    ExifLauncher2.lnk - C:\Program Files\FinePixViewer\QuickDCF2.exe [2008-09-06 303104]
    NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe [2008-04-13 118784]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "MSACM.CEGSM"= mobilev.acm

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"=

    R0 SymEFA;Symantec Extended File Attributes;C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMEFA.SYS [2008-10-29 309296]
    R1 BHDrvx86;Symantec Heuristics Driver;C:\WINDOWS\system32\drivers\NIS\1000000.07D\BHDrvx86.sys [2008-10-29 254512]
    R1 ccHP;Symantec Hash Provider;C:\WINDOWS\system32\drivers\NIS\1000000.07D\ccHPx86.sys [2008-10-29 362544]
    R1 IDSxpx86;IDSxpx86;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20081029.001\IDSxpx86.sys [2008-10-29 274808]
    R2 Norton Internet Security;Norton Internet Security;C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\diMaster.dll [ ]
    .
    Contents of the 'Scheduled Tasks' folder

    2008-10-28 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57]

    2008-10-24 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Eric Chevalier.job
    - C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe []

    2008-10-31 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
    - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-31 17:15:34
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\system\ControlSet004\Services\Norton Internet Security]
    "ImagePath"="\"C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
    .
    Completion time: 2008-10-31 17:18:06
    ComboFix-quarantined-files.txt 2008-10-31 16:18:03
    ComboFix2.txt 2008-10-31 13:06:46
    ComboFix3.txt 2008-10-30 19:24:26

    Pre-Run: 35 964 059 648 bytes free
    Post-Run: 35,988,561,920 bytes free

    203 --- E O F --- 2008-08-27 09:08:49



    et le HIJACKTHIS ( Merci)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:21:05, on 31/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Lexmark 6300 Series\lxcdmon.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
    C:\Program Files\FinePixViewer\QuickDCF2.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
    C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
    C:\Program Files\LimeWire\LimeWire.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\lxcdcoms.exe
    C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\Common Files\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\IPSBHO.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
    O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [LXCDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCDtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [lxcdmon.exe] "C:\Program Files\Lexmark 6300 Series\lxcdmon.exe"
    O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 6300 Series\ezprint.exe"
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
    O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: ExifLauncher2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe
    O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Eric Chevalier\Start Menu\Programs\IMVU\Run IMVU.lnk
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUpload...
    O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.1.4.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: lxcd_device - Unknown owner - C:\WINDOWS\system32\lxcdcoms.exe
    O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

    --
    End of file - 10743 bytes



    a b 8 Sécurité
    31 Octobre 2008 18:14:40

    Encore des soucis ?
    31 Octobre 2008 18:17:54

    Non ca a l'air de bien aller, plus d'icone de 3 antispywareexpert et le PC a l'ai + rapide
    Est ce ok de votre coté ?
    En tout cas mille merci pour votre bon boulot
    Dois-je supprimer les differents software installés ?
    merci
    a b 8 Sécurité
    31 Octobre 2008 19:25:21

    Apparemment ok :) 
    31 Octobre 2008 19:27:32

    Mille merci et tres bon boulot
    Bonne continuation
    Bravo
    Bonsoir
    a b 8 Sécurité
    31 Octobre 2008 20:08:14

    Bon surf.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS