Se connecter / S'enregistrer
Votre question

AIDEZ MOI VIRUS plz

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
3 Juin 2008 14:12:27

bonjour a tous et a toute voila mon problème

j'ai choper un virus assez important qui ouvre iexplore et me fais télécharger sans que je puise le voir e des cheval de troie etc ...

je ne sais plus quoi faire je ne sais pas d'ou peux venir le probleme j'ai plusieurs svhost de actif mais je ne sais pas si c'est cela, j'ai déja fais des recherche mais rien ne concorde avec ma demande regarder mon scan hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:09:07, on 03/06/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://s2.cookingluck.com/?pid=6082&v=63
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: 818646 helper - {54192079-8E8A-43D8-BCBC-3874916159AF} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {BC53E890-2693-4906-B6BD-BC2E293079F0} - C:\WINDOWS\system32\awtrQhEW.dll
O2 - BHO: 905757 helper - {E28F671C-3D83-4149-BA2F-546A67702B49} - (no file)
O2 - BHO: (no name) - {FB1A8B5B-0A71-4E7E-9BFD-55BC6F9B343F} - C:\WINDOWS\system32\pmnMgfgg.dll (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: atfxqogp - {C2DE8F08-2F3B-493D-A953-C9B6B3947555} - C:\WINDOWS\atfxqogp.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: awtrQhEW - C:\WINDOWS\SYSTEM32\awtrQhEW.dll
O21 - SSODL: AvpComponent - {a711a336-a82c-4e2f-97b8-dfda5e3f4857} - C:\WINDOWS\Resources\AvpComponent.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe

--
End of file - 5506 bytes




merci de m'aider cela me fais peur j'ai trop de dossiers que je ne peut pas perdre !!!

Autres pages sur : aidez virus plz

3 Juin 2008 14:31:29

Bonjour,

Télécharge ComboFix (de sUBs) sur ton Bureau.

  • Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
  • Double clique sur ComboFix.exe.
  • Accepte la licence en cliquant sur Oui.
  • Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

    Le rapport se trouve ici : %systemdrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

    Aide : Comment utiliser ComboFix.
    3 Juin 2008 15:10:34

    voila mon rapport

    ComboFix 08-06-01.6 - Simon 2008-06-03 14:49:59.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.262 [GMT 2:00]
    Endroit: C:\Documents and Settings\Simon\Bureau\ComboFix.exe
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\iSecurity
    C:\WINDOWS\atfxqogp.dll
    C:\WINDOWS\resources\AvpComponent.dll
    C:\WINDOWS\system32\818646
    C:\WINDOWS\system32\818646\818646.dll
    C:\WINDOWS\system32\905757\905757.dll
    C:\WINDOWS\system32\awtrQhEW.dll
    C:\WINDOWS\system32\ddcCULBu.dll
    C:\WINDOWS\system32\ggfgMnmp.ini
    C:\WINDOWS\system32\ggfgMnmp.ini2
    C:\WINDOWS\system32\MSINET.oca
    C:\WINDOWS\system32\prgjjmwj.ini
    C:\WINDOWS\vregfwlx.dll
    C:\WINDOWS\xmpstean.exe

    .
    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-03 to 2008-06-03 ))))))))))))))))))))))))))))))))))))
    .

    2008-06-03 14:08 . 2008-06-03 14:08 <REP> d-------- C:\Program Files\Trend Micro
    2008-06-03 07:43 . 2008-06-03 14:54 <REP> d-------- C:\WINDOWS\system32\905757
    2008-06-01 23:18 . 2008-06-01 23:18 <REP> d----c--- C:\WatchNow
    2008-05-31 13:55 . 2008-05-31 14:33 <REP> d-------- C:\Documents and Settings\Simon\Application Data\Audacity
    2008-05-30 17:04 . 2006-06-28 14:24 509,920 --a------ C:\WINDOWS\system32\SEGOEUI.TTF
    2008-05-30 17:04 . 2006-06-28 14:24 490,852 --a------ C:\WINDOWS\system32\SEGOEUIB.TTF
    2008-05-30 17:04 . 2006-06-28 14:24 393,068 --a------ C:\WINDOWS\system32\SEGOEUIZ.TTF
    2008-05-30 17:04 . 2006-06-28 14:24 380,456 --a------ C:\WINDOWS\system32\SEGOEUII.TTF
    2008-05-30 17:03 . 2008-05-30 17:03 <REP> d-------- C:\Program Files\EasyBanner 4
    2008-05-30 16:39 . 2008-05-30 16:39 <REP> d-------- C:\Documents and Settings\Simon\Contacts
    2008-05-30 16:34 . 2003-08-28 12:20 <REP> d-------- C:\Documents and Settings\Simon\WINDOWS
    2008-05-30 16:34 . 2008-05-30 19:51 <REP> d--h----- C:\Documents and Settings\Simon\Voisinage r‚seau
    2008-05-30 16:34 . 2003-08-28 07:43 <REP> d--h----- C:\Documents and Settings\Simon\Voisinage d'impression
    2008-05-30 16:34 . 2003-08-28 06:48 <REP> d--h----- C:\Documents and Settings\Simon\ModŠles
    2008-05-30 16:34 . 2008-05-31 11:07 <REP> dr------- C:\Documents and Settings\Simon\Mes documents
    2008-05-30 16:34 . 2003-08-28 07:43 <REP> dr------- C:\Documents and Settings\Simon\Menu D‚marrer
    2008-05-30 16:34 . 2008-05-30 16:35 <REP> dr------- C:\Documents and Settings\Simon\Favoris
    2008-05-30 16:34 . 2008-06-03 14:31 <REP> d-------- C:\Documents and Settings\Simon\Bureau
    2008-05-30 16:34 . 2003-08-28 11:10 <REP> d-------- C:\Documents and Settings\Simon\Application Data\AdobeUM
    2008-05-30 16:34 . 2008-05-31 10:27 <REP> d-------- C:\Documents and Settings\Simon
    2008-05-30 14:22 . 2008-05-30 14:23 <REP> d-------- C:\Program Files\Paint.NET
    2008-05-30 10:27 . 2003-08-28 12:20 <REP> d-------- C:\Documents and Settings\Administrateur\WINDOWS
    2008-05-30 10:27 . 2003-09-01 08:16 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau
    2008-05-30 10:27 . 2003-08-28 07:43 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
    2008-05-30 10:27 . 2003-08-28 06:48 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
    2008-05-30 10:27 . 2003-08-28 06:58 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
    2008-05-30 10:27 . 2003-08-28 07:43 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
    2008-05-30 10:27 . 2003-08-28 06:58 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
    2008-05-30 10:27 . 2008-05-30 10:39 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
    2008-05-30 10:27 . 2003-08-28 11:10 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\AdobeUM
    2008-05-30 10:27 . 2008-05-30 10:27 <REP> d-------- C:\Documents and Settings\Administrateur
    2008-05-29 16:50 . 2008-05-29 12:42 94,208 --a------ C:\WINDOWS\enqf.exe
    2008-05-29 16:49 . 2008-05-29 16:49 <REP> d-------- C:\Program Files\Guitar Pro 5
    2008-05-28 21:03 . 2008-05-28 21:03 <REP> d-------- C:\Program Files\Windows Media Connect 2
    2008-05-28 20:57 . 2008-05-28 21:00 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
    2008-05-27 14:03 . 2008-05-27 14:09 <REP> d-------- C:\Program Files\IMG-TXT 5
    2008-05-27 13:18 . 2008-05-27 13:18 <REP> d-------- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\Application Data\DivX
    2008-05-26 23:26 . 2008-05-13 03:53 129,784 --------- C:\WINDOWS\system32\pxafs.dll
    2008-05-26 23:26 . 2008-05-13 03:53 120,056 --------- C:\WINDOWS\system32\pxcpyi64.exe
    2008-05-26 23:26 . 2008-05-13 03:53 118,520 --------- C:\WINDOWS\system32\pxinsi64.exe
    2008-05-26 23:26 . 2008-05-13 03:53 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
    2008-05-26 23:26 . 2008-05-13 03:53 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
    2008-05-26 14:29 . 2008-05-26 23:27 <REP> d-------- C:\Program Files\DivX
    2008-05-25 02:03 . 2008-05-25 02:03 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2008-05-24 22:52 . 2008-05-24 22:52 <REP> d-------- C:\Program Files\Veoh Networks
    2008-05-24 20:01 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
    2008-05-24 20:01 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
    2008-05-24 19:22 . 2008-05-24 19:33 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
    2008-05-24 15:06 . 2008-05-28 20:57 <REP> d-------- C:\WINDOWS\system32\LogFiles
    2008-05-24 15:03 . 2008-05-27 23:29 <REP> d-------- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\Application Data\Audacity
    2008-05-24 15:02 . 2008-05-24 15:03 <REP> d-------- C:\Program Files\Audacity 1.3 Beta
    2008-05-24 13:58 . 2008-05-24 19:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-05-24 13:29 . 2008-05-24 13:28 42,496 -r-hs---- C:\WINDOWS\livemsngs.exe
    2008-05-24 12:59 . 2008-05-24 12:59 <REP> d-------- C:\WINDOWS\system32\fr
    2008-05-24 12:59 . 2008-05-24 12:59 <REP> d-------- C:\WINDOWS\l2schemas
    2008-05-24 12:15 . 2008-04-14 04:33 712,704 --------- C:\WINDOWS\system32\windowscodecs.dll
    2008-05-24 12:15 . 2008-04-14 04:33 346,112 --------- C:\WINDOWS\system32\windowscodecsext.dll
    2008-05-24 12:15 . 2008-04-14 04:33 276,992 --------- C:\WINDOWS\system32\wmphoto.dll
    2008-05-24 12:15 . 2008-04-14 04:33 69,120 --------- C:\WINDOWS\system32\wlanapi.dll
    2008-05-24 12:14 . 2008-04-14 04:33 53,248 --------- C:\WINDOWS\system32\tsgqec.dll
    2008-05-24 12:14 . 2008-04-14 04:33 50,688 --------- C:\WINDOWS\system32\tspkg.dll
    2008-05-24 12:13 . 2008-04-14 04:33 412,160 --------- C:\WINDOWS\system32\photometadatahandler.dll
    2008-05-24 12:13 . 2008-04-14 04:33 293,376 --------- C:\WINDOWS\system32\qagentrt.dll
    2008-05-24 12:13 . 2008-04-14 04:33 290,304 --------- C:\WINDOWS\system32\rhttpaa.dll
    2008-05-24 12:13 . 2008-04-14 04:33 151,040 --------- C:\WINDOWS\system32\qagent.dll
    2008-05-24 12:13 . 2008-04-14 04:33 144,896 --------- C:\WINDOWS\system32\onex.dll
    2008-05-24 12:13 . 2008-04-14 04:33 76,800 --------- C:\WINDOWS\system32\qutil.dll
    2008-05-24 12:13 . 2008-04-14 04:33 62,464 --------- C:\WINDOWS\system32\qcliprov.dll
    2008-05-24 12:13 . 2008-04-14 04:33 61,952 --------- C:\WINDOWS\system32\rasqec.dll
    2008-05-24 12:13 . 2008-04-14 04:34 32,768 --------- C:\WINDOWS\system32\setupn.exe
    2008-05-24 12:13 . 2008-04-13 20:40 10,240 --------- C:\WINDOWS\system32\drivers\sffp_mmc.sys
    2008-05-24 12:12 . 2008-04-14 04:33 1,306,624 --------- C:\WINDOWS\system32\msxml6.dll
    2008-05-24 12:12 . 2008-04-14 04:33 1,306,624 -----c--- C:\WINDOWS\system32\dllcache\msxml6.dll
    2008-05-24 12:12 . 2008-04-14 04:33 200,704 --------- C:\WINDOWS\system32\napmontr.dll
    2008-05-24 12:12 . 2008-04-14 04:34 177,664 --------- C:\WINDOWS\system32\napstat.exe
    2008-05-24 12:12 . 2008-04-14 04:33 155,136 --------- C:\WINDOWS\system32\mssha.dll
    2008-05-24 12:12 . 2008-04-14 04:04 93,184 --------- C:\WINDOWS\system32\msxml6r.dll
    2008-05-24 12:12 . 2008-04-14 04:04 93,184 -----c--- C:\WINDOWS\system32\dllcache\msxml6r.dll
    2008-05-24 12:12 . 2008-04-14 04:03 81,920 --------- C:\WINDOWS\system32\msshavmsg.dll
    2008-05-24 12:12 . 2008-04-14 04:33 30,208 --------- C:\WINDOWS\system32\napipsec.dll
    2008-05-24 12:10 . 2008-04-14 04:33 651,264 --------- C:\WINDOWS\system32\dot3ui.dll
    2008-05-24 12:09 . 2008-04-14 04:33 233,472 --------- C:\WINDOWS\system32\azroles.dll
    2008-05-24 12:09 . 2008-04-14 04:33 136,192 --------- C:\WINDOWS\system32\aaclient.dll
    2008-05-24 12:09 . 2008-04-14 04:33 7,168 --------- C:\WINDOWS\system32\bitsprx4.dll
    2008-05-22 21:20 . 2008-05-22 21:20 <REP> d-------- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\Application Data\vlc
    2008-05-21 11:35 . 2006-12-08 15:20 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe
    2008-05-21 11:35 . 2006-08-01 15:02 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe
    2008-05-21 11:33 . 2008-05-21 11:34 <REP> d-------- C:\Program Files\Realtek AC97
    2008-05-21 11:33 . 2006-10-18 02:53 147,456 --a------ C:\WINDOWS\system32\RtlCPAPI.dll
    2008-05-21 11:29 . 2004-04-13 15:25 110,592 --a------ C:\WINDOWS\system32\nvudisp.exe
    2008-05-21 11:29 . 2004-04-13 15:25 12,196 --a------ C:\WINDOWS\system32\nvdisp.nvu
    2008-05-21 11:18 . 2008-05-28 15:13 <REP> d-------- C:\Program Files\ma-config.com
    2008-05-21 11:18 . 2008-05-28 15:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ma-config.com
    2008-05-21 11:16 . 2008-05-21 11:24 <REP> d----c--- C:\NVIDIA
    2008-05-21 10:57 . 2008-05-21 10:57 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
    2008-05-20 22:08 . 2008-05-21 11:11 <REP> d-------- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\Application Data\SystemRequirementsLab
    2008-05-20 21:24 . 2008-05-20 21:47 <REP> d-------- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\Application Data\LimeWire
    2008-05-20 21:15 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
    2008-05-20 21:08 . 2008-05-20 21:09 <REP> d-------- C:\Program Files\LimeWire
    2008-05-20 10:37 . 2008-03-01 14:58 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
    2008-05-20 10:37 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
    2008-05-20 10:37 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
    2008-05-20 10:37 . 2008-03-01 14:58 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
    2008-05-20 10:37 . 2008-03-01 14:58 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
    2008-05-20 10:37 . 2008-03-01 14:58 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
    2008-05-20 10:37 . 2008-03-01 14:58 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
    2008-05-20 10:37 . 2008-03-01 14:58 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    2008-05-20 10:37 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
    2008-05-20 10:36 . 2008-05-24 12:59 <REP> d-------- C:\WINDOWS\system32\fr-fr
    2008-05-20 10:28 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
    2008-05-20 10:00 . 2008-05-25 01:58 <REP> d-------- C:\Program Files\MSXML 4.0
    2008-05-20 07:34 . 2008-05-20 07:34 <REP> d-------- C:\Documents and Settings\LocalService\Menu D‚marrer
    2008-05-19 19:48 . 2008-05-19 19:48 <REP> d-------- C:\WINDOWS\provisioning
    2008-05-19 19:48 . 2008-05-24 12:59 <REP> d-------- C:\WINDOWS\peernet
    2008-05-19 19:37 . 2008-05-24 13:00 <REP> d-------- C:\WINDOWS\ServicePackFiles
    2008-05-19 19:12 . 2008-05-24 12:39 <REP> d-------- C:\WINDOWS\EHome
    2008-05-19 18:52 . 2002-04-15 21:11 67,866 --------- C:\WINDOWS\system32\drivers\netwlan5.img
    2008-05-19 18:52 . 2008-04-13 19:34 11,264 --------- C:\WINDOWS\system32\spnpinst.exe
    2008-05-19 18:52 . 2004-08-02 14:20 7,208 --------- C:\WINDOWS\system32\secupd.sig
    2008-05-19 18:52 . 2004-08-02 14:20 4,569 --------- C:\WINDOWS\system32\secupd.dat
    2008-05-19 18:41 . 2008-05-19 18:41 <REP> d-------- C:\Program Files\Alwil Software
    2008-05-19 18:20 . 2008-05-19 18:20 <REP> d--hs---- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\UserData
    2008-05-19 14:31 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
    2008-05-19 09:47 . 2008-05-19 09:47 <REP> d-------- C:\Program Files\Eidos
    2008-05-18 22:33 . 2008-05-18 22:33 130,208 -r------- C:\WINDOWS\bwUnin-8.1.1.87-8876480SL.exe

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-05-31 13:25 --------- d-----w C:\Program Files\Windows Live
    2008-05-31 10:13 --------- d-----w C:\Program Files\ScreenMates
    2008-05-30 15:18 --------- d-----w C:\Program Files\Microsoft Picture It! PhotoPub
    2008-05-25 20:37 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-05-24 20:53 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-05-24 17:14 --------- d-----w C:\Program Files\Creative
    2008-05-20 19:15 --------- d-----w C:\Program Files\Java
    2008-05-19 17:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\FIND BALM SEEK BAGS
    2008-05-18 20:26 --------- d-----w C:\Program Files\Fichiers communs\Logitech
    2008-05-18 20:24 --------- d-----w C:\Program Files\Logitech
    2008-05-18 15:00 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2008-05-17 10:35 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
    2008-05-17 10:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
    2008-05-17 10:16 --------- d-----w C:\Program Files\GOTO
    2008-05-17 10:16 --------- d-----w C:\Program Files\Club-Internet
    2008-05-17 10:15 --------- d-----w C:\Program Files\InterActual
    2008-05-17 10:12 --------- d-----w C:\Program Files\Motive
    2008-05-17 09:56 --------- d-----w C:\Program Files\Wanadoo
    2008-05-13 01:53 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
    2008-04-14 02:34 70,656 ----a-w C:\WINDOWS\notepad.exe
    2008-04-14 02:34 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys
    2008-04-14 02:34 32,866 ------w C:\WINDOWS\slrundll.exe
    2008-04-14 02:34 288,256 ----a-w C:\WINDOWS\winhlp32.exe
    2008-04-14 02:34 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys
    2008-04-14 02:34 153,088 ----a-w C:\WINDOWS\regedit.exe
    2008-04-14 02:34 139,656 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
    2008-04-14 02:34 12,040 ----a-w C:\WINDOWS\system32\drivers\tdpipe.sys
    2008-04-14 02:34 10,752 ----a-w C:\WINDOWS\hh.exe
    2008-04-14 02:34 1,037,824 ----a-w C:\WINDOWS\explorer.exe
    2008-04-14 02:10 73,600 ----a-w C:\WINDOWS\system32\drivers\sr.sys
    2008-04-14 02:09 80,384 ----a-w C:\WINDOWS\system32\drivers\parport.sys
    2008-04-14 02:09 68,608 ----a-w C:\WINDOWS\system32\drivers\pci.sys
    2008-04-14 02:09 46,848 ----a-w C:\WINDOWS\system32\drivers\p3.sys
    2008-04-14 02:09 120,576 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
    2008-04-14 02:05 800,256 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
    2008-04-14 02:05 25,216 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
    2008-04-14 02:05 154,496 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
    2008-04-14 02:05 14,720 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys
    2008-04-14 02:04 37,632 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
    2008-04-14 02:03 40,576 ------w C:\WINDOWS\system32\drivers\intelppm.sys
    2008-04-14 02:02 40,960 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
    2008-04-14 02:00 66,048 ----a-w C:\WINDOWS\system32\drivers\serial.sys
    2008-04-14 02:00 54,144 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
    2008-04-14 01:59 25,856 ------w C:\WINDOWS\system32\drivers\hidbth.sys
    2008-04-14 01:58 273,664 ------w C:\WINDOWS\system32\drivers\bthport.sys
    2008-04-14 01:57 58,752 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
    2008-04-14 01:57 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys
    2008-04-14 01:56 53,376 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
    2008-04-14 01:55 40,064 ----a-w C:\WINDOWS\system32\drivers\processr.sys
    2008-04-14 01:54 41,856 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
    2008-04-14 01:54 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
    2008-04-14 01:53 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys
    2008-04-14 01:53 23,680 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
    2008-04-14 01:52 188,672 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
    2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
    2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
    2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
    2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
    2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
    2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
    2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
    2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
    2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
    2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
    2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
    2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
    2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
    2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
    2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
    2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
    2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
    2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
    2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
    2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
    2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
    2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
    2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
    2008-04-13 18:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
    2008-04-13 18:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
    2008-04-13 18:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
    2008-04-13 18:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
    2008-04-13 18:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
    2008-04-13 18:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
    2008-04-13 18:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
    2008-04-13 18:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
    2008-04-13 18:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
    2008-04-13 18:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
    2008-04-13 18:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
    2008-04-13 18:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys
    2008-04-13 18:56 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
    2008-04-13 18:56 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys
    2008-04-13 18:56 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
    2008-04-13 18:55 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
    2008-04-13 18:55 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
    2008-04-13 18:54 88,192 ----a-w C:\WINDOWS\system32\drivers\irda.sys
    2008-04-13 18:54 22,016 ----a-w C:\WINDOWS\system32\drivers\msircomm.sys
    2008-04-13 18:54 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys
    2008-04-13 18:53 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys
    2008-04-13 18:53 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys
    2008-04-13 18:53 36,608 ------w C:\WINDOWS\system32\drivers\ip6fw.sys
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FB1A8B5B-0A71-4E7E-9BFD-55BC6F9B343F}]
    C:\WINDOWS\system32\pmnMgfgg.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{C2DE8F08-2F3B-493D-A953-C9B6B3947555}"= "C:\WINDOWS\atfxqogp.dll" [ ]

    [HKEY_CLASSES_ROOT\clsid\{c2de8f08-2f3b-493d-a953-c9b6b3947555}]
    [HKEY_CLASSES_ROOT\atfxqogp.1]
    [HKEY_CLASSES_ROOT\TypeLib\{12DB6F8E-4A73-47E4-8228-D81B8F0A1CD1}]
    [HKEY_CLASSES_ROOT\atfxqogp]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VirtualExpanderFile.1]
    @={E4000AC4-5E5F-4956-807A-C5854405D64F}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 04:33 15360]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-04-13 15:25 3309568]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 04:33 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "vidc.iv41"= ir41_32.dll

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
    backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
    backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^RAMASST.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\RAMASST.lnk
    backup=C:\WINDOWS\pss\RAMASST.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Wireless Configuration Utility HW.32.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Wireless Configuration Utility HW.32.lnk
    backup=C:\WINDOWS\pss\Wireless Configuration Utility HW.32.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^Marie^Menu Démarrer^Programmes^Démarrage^BandeauTask.lnk]
    path=C:\Documents and Settings\Marie\Menu Démarrer\Programmes\Démarrage\BandeauTask.lnk
    backup=C:\WINDOWS\pss\BandeauTask.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^Marie^Menu Démarrer^Programmes^Démarrage^Club Internet.lnk]
    path=C:\Documents and Settings\Marie\Menu Démarrer\Programmes\Démarrage\Club Internet.lnk
    backup=C:\WINDOWS\pss\Club Internet.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^Marie^Menu Démarrer^Programmes^Démarrage^VirtualExpander.lnk]
    path=C:\Documents and Settings\Marie\Menu Démarrer\Programmes\Démarrage\VirtualExpander.lnk
    backup=C:\WINDOWS\pss\VirtualExpander.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\antiviirus]
    C:\Program Files\antiviirus.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
    --a------ 2003-06-18 15:44 151552 C:\Program Files\Apoint2K\Apoint.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccRegVfy]
    C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CeEKEY]
    --a------ 2003-07-23 15:04 638976 C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CeEPOWER]
    --a------ 2003-08-09 18:11 135168 C:\Program Files\TOSHIBA\Power Management\CePMTray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CplBTQ00]
    --a------ 2003-06-27 19:33 708608 C:\Program Files\EzButton\CplBTQ00.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
    --a------ 2008-04-14 04:33 15360 C:\WINDOWS\system32\ctfmon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Drag'n Drop CD+DVD]
    --------- 2003-07-08 21:21 1171456 C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C44 Series]
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C44 Series (Copie 1)]
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Error Safe]
    C:\Program Files\Error Safe Free\ers.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
    --a------ 2008-05-18 22:34 91440 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
    --a------ 2005-06-08 14:44 196608 C:\Program Files\Logitech\Video\ManifestEngine.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
    --a------ 2005-06-08 15:24 458752 C:\Program Files\Logitech\Video\ISStart.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
    --a------ 2005-06-08 15:14 217088 C:\Program Files\Logitech\Video\LogiTray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
    --a------ 2005-07-19 17:32 221184 C:\WINDOWS\System32\LVCOMSX.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPSWiFiManager]
    C:\Program Files\Club-Internet\Agent Wifi\AgentWifi.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    --a------ 2008-04-14 04:34 1695232 C:\Program Files\Messenger\msmsgs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    --a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar]
    C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
    C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    --a------ 2004-04-13 15:25 3309568 C:\WINDOWS\system32\NvCpl.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
    --a------ 2004-04-13 15:25 782336 C:\WINDOWS\system32\nwiz.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\POINTER]


    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt]
    C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    --a------ 2008-03-25 04:28 144784 C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
    --a------ 2005-02-08 21:41 95960 C:\PROGRA~1\SYMNET~1\SNDMon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPNF]
    --a------ 2003-07-18 15:24 49152 C:\Program Files\TOSHIBA\TouchPad\TPTray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
    --a------ 2008-05-15 16:11 3644464 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmtalk]
    C:\Program Files\Fichiers communs\Talkway\vmtalk.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows MSN Live Messanger]
    -r-hs---- 2008-05-24 13:28 42496 C:\WINDOWS\livemsngs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "WMPNetworkSvc"=3 (0x3)
    "WLSetupSvc"=3 (0x3)
    "UStorage Server Service"=2 (0x2)
    "usnjsvc"=3 (0x3)
    "SNDSrvc"=3 (0x3)
    "ose"=3 (0x3)
    "maconfservice"=3 (0x3)
    "CeEPwrSvc"=2 (0x2)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=

    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
    S3 krdpdre;krdpdre;C:\DOCUME~1\simon\LOCALS~1\Temp\krdpdre.sys []
    S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2004-12-29 09:34]
    S4 maconfservice;Ma-Config Service;"C:\Program Files\ma-config.com\maconfservice.exe" [2008-05-23 18:37]

    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-03 15:00:03
    Windows 5.1.2600 Service Pack 3 NTFS

    Balayage processus cach‚s ...

    Balayage cach‚ autostart entries ...

    Balayage des fichiers cach‚s ...

    Scan termin‚ avec succŠs
    Les fichiers cach‚s: 0

    **************************************************************************
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    .
    **************************************************************************
    .
    Temps d'accomplissement: 2008-06-03 15:06:43 - machine was rebooted
    ComboFix-quarantined-files.txt 2008-06-03 13:06:39

    Pre-Run: 12,142,993,408 octets libres
    Post-Run: 12,750,790,656 octets libres

    413 --- E O F --- 2008-06-03 05:49:43
    Contenus similaires
    3 Juin 2008 15:28:32

    Re,

    Sélectionne l'intégralité du cadre ci-dessous :

    Collect::
    C:\WINDOWS\livemsngs.exe
    C:\WINDOWS\system32\pmnMgfgg.dll

    Driver::
    krdpdre

    Folder::
    C:\PROGRA~1\MYWEBS~1
    C:\Program Files\Error Safe Free
    C:\Program Files\antiviirus.exe
    C:\Documents and Settings\All Users\Application Data\FIND BALM SEEK BAGS
    C:\WINDOWS\system32\905757

    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FB1A8B5B-0A71-4E7E-9BFD-55BC6F9B343F}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{C2DE8F08-2F3B-493D-A953-C9B6B3947555}"=-
    [-HKEY_CLASSES_ROOT\clsid\{c2de8f08-2f3b-493d-a953-c9b6b3947555}]
    [-HKEY_CLASSES_ROOT\atfxqogp.1]
    [-HKEY_CLASSES_ROOT\TypeLib\{12DB6F8E-4A73-47E4-8228-D81B8F0A1CD1}]
    [-HKEY_CLASSES_ROOT\atfxqogp]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows MSN Live Messanger]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Error Safe]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\antiviirus]


    Cela va relancer Combofix. Après redémarrage, poste le contenu du rapport ComboFix.txt.
    S'il n'y a pas de rédémarrage, poste quand même le rapport.

  • Copie/colle le dans le Bloc Notes (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
  • Enregistre le sous sur ton bureau sous le nom de CFScript.txt
  • Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme ci-dessous :

  • Cela va relancer Combofix. Poste le contenu du rapport ComboFix.txt après redémarrage s'il y en a un.
    3 Juin 2008 18:20:50

    j'ai pas copris ^^ je vien de faire copier ce que ta mis dans le cadre et apres je sais pas dans quoi le coller
    ^^
    tu peu réexpliquer stp ^^
    3 Juin 2008 20:59:23

    Tu copies tout ça dans le Bloc Notes qui se trouve dans démarrer\tous les prog\accessoires.

    Tu enregistres sous le nom de CFScript.txt sur le bureau.
    3 Juin 2008 22:50:20

    salut il ma rendus un nouveau compte rendu



    ComboFix 08-06-01.6 - Simon 2008-06-03 22:33:19.2 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.249 [GMT 2:00]
    Endroit: C:\Documents and Settings\Simon\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Simon\Bureau\CFScript.txt
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\All Users\Application Data\FIND BALM SEEK BAGS
    C:\Documents and Settings\All Users\Application Data\FIND BALM SEEK BAGS\First Type Book
    C:\Documents and Settings\All Users\Application Data\FIND BALM SEEK BAGS\HEARTROADELSE
    C:\Documents and Settings\All Users\Application Data\FIND BALM SEEK BAGS\PlanAxis2
    C:\Documents and Settings\All Users\Application Data\FIND BALM SEEK BAGS\storenameflag
    C:\WINDOWS\livemsngs.exe
    C:\WINDOWS\system32\905757

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_KRDPDRE
    -------\Service_krdpdre


    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-03 to 2008-06-03 ))))))))))))))))))))))))))))))))))))
    .

    2008-06-03 14:08 . 2008-06-03 14:08 <REP> d-------- C:\Program Files\Trend Micro
    2008-06-01 23:18 . 2008-06-01 23:18 <REP> d----c--- C:\WatchNow
    2008-05-31 13:55 . 2008-05-31 14:33 <REP> d-------- C:\Documents and Settings\Simon\Application Data\Audacity
    2008-05-30 17:04 . 2006-06-28 14:24 509,920 --a------ C:\WINDOWS\system32\SEGOEUI.TTF
    2008-05-30 17:04 . 2006-06-28 14:24 490,852 --a------ C:\WINDOWS\system32\SEGOEUIB.TTF
    2008-05-30 17:04 . 2006-06-28 14:24 393,068 --a------ C:\WINDOWS\system32\SEGOEUIZ.TTF
    2008-05-30 17:04 . 2006-06-28 14:24 380,456 --a------ C:\WINDOWS\system32\SEGOEUII.TTF
    2008-05-30 17:03 . 2008-05-30 17:03 <REP> d-------- C:\Program Files\EasyBanner 4
    2008-05-30 16:39 . 2008-05-30 16:39 <REP> d-------- C:\Documents and Settings\Simon\Contacts
    2008-05-30 16:34 . 2003-08-28 12:20 <REP> d-------- C:\Documents and Settings\Simon\WINDOWS
    2008-05-30 16:34 . 2008-05-30 19:51 <REP> d--h----- C:\Documents and Settings\Simon\Voisinage r‚seau
    2008-05-30 16:34 . 2003-08-28 07:43 <REP> d--h----- C:\Documents and Settings\Simon\Voisinage d'impression
    2008-05-30 16:34 . 2003-08-28 06:48 <REP> d--h----- C:\Documents and Settings\Simon\ModŠles
    2008-05-30 16:34 . 2008-06-03 22:24 <REP> dr------- C:\Documents and Settings\Simon\Mes documents
    2008-05-30 16:34 . 2003-08-28 07:43 <REP> dr------- C:\Documents and Settings\Simon\Menu D‚marrer
    2008-05-30 16:34 . 2008-05-30 16:35 <REP> dr------- C:\Documents and Settings\Simon\Favoris
    2008-05-30 16:34 . 2008-06-03 22:33 <REP> d-------- C:\Documents and Settings\Simon\Bureau
    2008-05-30 16:34 . 2003-08-28 11:10 <REP> d-------- C:\Documents and Settings\Simon\Application Data\AdobeUM
    2008-05-30 16:34 . 2008-05-31 10:27 <REP> d-------- C:\Documents and Settings\Simon
    2008-05-30 14:22 . 2008-05-30 14:23 <REP> d-------- C:\Program Files\Paint.NET
    2008-05-30 10:27 . 2003-08-28 12:20 <REP> d-------- C:\Documents and Settings\Administrateur\WINDOWS
    2008-05-30 10:27 . 2003-09-01 08:16 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau
    2008-05-30 10:27 . 2003-08-28 07:43 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
    2008-05-30 10:27 . 2003-08-28 06:48 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
    2008-05-30 10:27 . 2003-08-28 06:58 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
    2008-05-30 10:27 . 2003-08-28 07:43 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
    2008-05-30 10:27 . 2003-08-28 06:58 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
    2008-05-30 10:27 . 2008-05-30 10:39 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
    2008-05-30 10:27 . 2003-08-28 11:10 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\AdobeUM
    2008-05-30 10:27 . 2008-05-30 10:27 <REP> d-------- C:\Documents and Settings\Administrateur
    2008-05-29 16:50 . 2008-05-29 12:42 94,208 --a------ C:\WINDOWS\enqf.exe
    2008-05-29 16:49 . 2008-05-29 16:49 <REP> d-------- C:\Program Files\Guitar Pro 5
    2008-05-28 21:03 . 2008-05-28 21:03 <REP> d-------- C:\Program Files\Windows Media Connect 2
    2008-05-28 20:57 . 2008-05-28 21:00 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
    2008-05-27 14:03 . 2008-05-27 14:09 <REP> d-------- C:\Program Files\IMG-TXT 5
    2008-05-27 13:18 . 2008-05-27 13:18 <REP> d-------- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\Application Data\DivX
    2008-05-26 23:26 . 2008-05-13 03:53 129,784 --------- C:\WINDOWS\system32\pxafs.dll
    2008-05-26 23:26 . 2008-05-13 03:53 120,056 --------- C:\WINDOWS\system32\pxcpyi64.exe
    2008-05-26 23:26 . 2008-05-13 03:53 118,520 --------- C:\WINDOWS\system32\pxinsi64.exe
    2008-05-26 23:26 . 2008-05-13 03:53 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
    2008-05-26 23:26 . 2008-05-13 03:53 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
    2008-05-26 14:29 . 2008-05-26 23:27 <REP> d-------- C:\Program Files\DivX
    2008-05-25 02:03 . 2008-05-25 02:03 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2008-05-24 22:52 . 2008-05-24 22:52 <REP> d-------- C:\Program Files\Veoh Networks
    2008-05-24 20:01 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
    2008-05-24 20:01 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
    2008-05-24 19:22 . 2008-05-24 19:33 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
    2008-05-24 15:06 . 2008-05-28 20:57 <REP> d-------- C:\WINDOWS\system32\LogFiles
    2008-05-24 15:03 . 2008-05-27 23:29 <REP> d-------- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\Application Data\Audacity
    2008-05-24 15:02 . 2008-05-24 15:03 <REP> d-------- C:\Program Files\Audacity 1.3 Beta
    2008-05-24 13:58 . 2008-05-24 19:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-05-24 12:59 . 2008-05-24 12:59 <REP> d-------- C:\WINDOWS\system32\fr
    2008-05-24 12:59 . 2008-05-24 12:59 <REP> d-------- C:\WINDOWS\l2schemas
    2008-05-24 12:15 . 2008-04-14 04:33 712,704 --------- C:\WINDOWS\system32\windowscodecs.dll
    2008-05-24 12:15 . 2008-04-14 04:33 346,112 --------- C:\WINDOWS\system32\windowscodecsext.dll
    2008-05-24 12:15 . 2008-04-14 04:33 276,992 --------- C:\WINDOWS\system32\wmphoto.dll
    2008-05-24 12:15 . 2008-04-14 04:33 69,120 --------- C:\WINDOWS\system32\wlanapi.dll
    2008-05-24 12:14 . 2008-04-14 04:33 53,248 --------- C:\WINDOWS\system32\tsgqec.dll
    2008-05-24 12:14 . 2008-04-14 04:33 50,688 --------- C:\WINDOWS\system32\tspkg.dll
    2008-05-24 12:13 . 2008-04-14 04:33 412,160 --------- C:\WINDOWS\system32\photometadatahandler.dll
    2008-05-24 12:13 . 2008-04-14 04:33 293,376 --------- C:\WINDOWS\system32\qagentrt.dll
    2008-05-24 12:13 . 2008-04-14 04:33 290,304 --------- C:\WINDOWS\system32\rhttpaa.dll
    2008-05-24 12:13 . 2008-04-14 04:33 151,040 --------- C:\WINDOWS\system32\qagent.dll
    2008-05-24 12:13 . 2008-04-14 04:33 144,896 --------- C:\WINDOWS\system32\onex.dll
    2008-05-24 12:13 . 2008-04-14 04:33 76,800 --------- C:\WINDOWS\system32\qutil.dll
    2008-05-24 12:13 . 2008-04-14 04:33 62,464 --------- C:\WINDOWS\system32\qcliprov.dll
    2008-05-24 12:13 . 2008-04-14 04:33 61,952 --------- C:\WINDOWS\system32\rasqec.dll
    2008-05-24 12:13 . 2008-04-14 04:34 32,768 --------- C:\WINDOWS\system32\setupn.exe
    2008-05-24 12:13 . 2008-04-13 20:40 10,240 --------- C:\WINDOWS\system32\drivers\sffp_mmc.sys
    2008-05-24 12:12 . 2008-04-14 04:33 1,306,624 --------- C:\WINDOWS\system32\msxml6.dll
    2008-05-24 12:12 . 2008-04-14 04:33 1,306,624 -----c--- C:\WINDOWS\system32\dllcache\msxml6.dll
    2008-05-24 12:12 . 2008-04-14 04:33 200,704 --------- C:\WINDOWS\system32\napmontr.dll
    2008-05-24 12:12 . 2008-04-14 04:34 177,664 --------- C:\WINDOWS\system32\napstat.exe
    2008-05-24 12:12 . 2008-04-14 04:33 155,136 --------- C:\WINDOWS\system32\mssha.dll
    2008-05-24 12:12 . 2008-04-14 04:04 93,184 --------- C:\WINDOWS\system32\msxml6r.dll
    2008-05-24 12:12 . 2008-04-14 04:04 93,184 -----c--- C:\WINDOWS\system32\dllcache\msxml6r.dll
    2008-05-24 12:12 . 2008-04-14 04:03 81,920 --------- C:\WINDOWS\system32\msshavmsg.dll
    2008-05-24 12:12 . 2008-04-14 04:33 30,208 --------- C:\WINDOWS\system32\napipsec.dll
    2008-05-24 12:10 . 2008-04-14 04:33 651,264 --------- C:\WINDOWS\system32\dot3ui.dll
    2008-05-24 12:09 . 2008-04-14 04:33 233,472 --------- C:\WINDOWS\system32\azroles.dll
    2008-05-24 12:09 . 2008-04-14 04:33 136,192 --------- C:\WINDOWS\system32\aaclient.dll
    2008-05-24 12:09 . 2008-04-14 04:33 7,168 --------- C:\WINDOWS\system32\bitsprx4.dll
    2008-05-22 21:20 . 2008-05-22 21:20 <REP> d-------- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\Application Data\vlc
    2008-05-21 11:35 . 2006-12-08 15:20 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe
    2008-05-21 11:35 . 2006-08-01 15:02 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe
    2008-05-21 11:33 . 2008-05-21 11:34 <REP> d-------- C:\Program Files\Realtek AC97
    2008-05-21 11:33 . 2006-10-18 02:53 147,456 --a------ C:\WINDOWS\system32\RtlCPAPI.dll
    2008-05-21 11:29 . 2004-04-13 15:25 110,592 --a------ C:\WINDOWS\system32\nvudisp.exe
    2008-05-21 11:29 . 2004-04-13 15:25 12,196 --a------ C:\WINDOWS\system32\nvdisp.nvu
    2008-05-21 11:18 . 2008-05-28 15:13 <REP> d-------- C:\Program Files\ma-config.com
    2008-05-21 11:18 . 2008-05-28 15:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ma-config.com
    2008-05-21 11:16 . 2008-05-21 11:24 <REP> d----c--- C:\NVIDIA
    2008-05-21 10:57 . 2008-05-21 10:57 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
    2008-05-20 22:08 . 2008-05-21 11:11 <REP> d-------- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\Application Data\SystemRequirementsLab
    2008-05-20 21:24 . 2008-05-20 21:47 <REP> d-------- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\Application Data\LimeWire
    2008-05-20 21:15 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
    2008-05-20 21:08 . 2008-05-20 21:09 <REP> d-------- C:\Program Files\LimeWire
    2008-05-20 10:37 . 2008-03-01 14:58 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
    2008-05-20 10:37 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
    2008-05-20 10:37 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
    2008-05-20 10:37 . 2008-03-01 14:58 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
    2008-05-20 10:37 . 2008-03-01 14:58 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
    2008-05-20 10:37 . 2008-03-01 14:58 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
    2008-05-20 10:37 . 2008-03-01 14:58 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
    2008-05-20 10:37 . 2008-03-01 14:58 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    2008-05-20 10:37 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
    2008-05-20 10:36 . 2008-05-24 12:59 <REP> d-------- C:\WINDOWS\system32\fr-fr
    2008-05-20 10:28 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
    2008-05-20 10:00 . 2008-05-25 01:58 <REP> d-------- C:\Program Files\MSXML 4.0
    2008-05-20 07:34 . 2008-05-20 07:34 <REP> d-------- C:\Documents and Settings\LocalService\Menu D‚marrer
    2008-05-19 19:48 . 2008-05-19 19:48 <REP> d-------- C:\WINDOWS\provisioning
    2008-05-19 19:48 . 2008-05-24 12:59 <REP> d-------- C:\WINDOWS\peernet
    2008-05-19 19:37 . 2008-05-24 13:00 <REP> d-------- C:\WINDOWS\ServicePackFiles
    2008-05-19 19:12 . 2008-05-24 12:39 <REP> d-------- C:\WINDOWS\EHome
    2008-05-19 18:52 . 2002-04-15 21:11 67,866 --------- C:\WINDOWS\system32\drivers\netwlan5.img
    2008-05-19 18:52 . 2008-04-13 19:34 11,264 --------- C:\WINDOWS\system32\spnpinst.exe
    2008-05-19 18:52 . 2004-08-02 14:20 7,208 --------- C:\WINDOWS\system32\secupd.sig
    2008-05-19 18:52 . 2004-08-02 14:20 4,569 --------- C:\WINDOWS\system32\secupd.dat
    2008-05-19 18:41 . 2008-05-19 18:41 <REP> d-------- C:\Program Files\Alwil Software
    2008-05-19 18:20 . 2008-05-19 18:20 <REP> d--hs---- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\UserData
    2008-05-19 14:31 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
    2008-05-19 09:47 . 2008-05-19 09:47 <REP> d-------- C:\Program Files\Eidos
    2008-05-18 22:33 . 2008-05-18 22:33 130,208 -r------- C:\WINDOWS\bwUnin-8.1.1.87-8876480SL.exe
    2008-05-18 22:27 . 2005-05-27 09:23 2,180,096 --a------ C:\WINDOWS\system32\drivers\lvsvf2.sys
    2008-05-18 22:27 . 2005-05-27 09:32 1,317,152 --a------ C:\WINDOWS\system32\drivers\lvcm.sys

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-05-31 13:25 --------- d-----w C:\Program Files\Windows Live
    2008-05-31 10:13 --------- d-----w C:\Program Files\ScreenMates
    2008-05-30 15:18 --------- d-----w C:\Program Files\Microsoft Picture It! PhotoPub
    2008-05-25 20:37 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-05-24 20:53 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-05-24 17:14 --------- d-----w C:\Program Files\Creative
    2008-05-20 19:15 --------- d-----w C:\Program Files\Java
    2008-05-18 20:26 --------- d-----w C:\Program Files\Fichiers communs\Logitech
    2008-05-18 20:24 --------- d-----w C:\Program Files\Logitech
    2008-05-18 15:00 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2008-05-17 10:35 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
    2008-05-17 10:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
    2008-05-17 10:16 --------- d-----w C:\Program Files\GOTO
    2008-05-17 10:16 --------- d-----w C:\Program Files\Club-Internet
    2008-05-17 10:15 --------- d-----w C:\Program Files\InterActual
    2008-05-17 10:12 --------- d-----w C:\Program Files\Motive
    2008-05-17 09:56 --------- d-----w C:\Program Files\Wanadoo
    2008-05-13 01:53 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
    2008-04-14 02:34 70,656 ----a-w C:\WINDOWS\notepad.exe
    2008-04-14 02:34 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys
    2008-04-14 02:34 32,866 ------w C:\WINDOWS\slrundll.exe
    2008-04-14 02:34 288,256 ----a-w C:\WINDOWS\winhlp32.exe
    2008-04-14 02:34 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys
    2008-04-14 02:34 153,088 ----a-w C:\WINDOWS\regedit.exe
    2008-04-14 02:34 139,656 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
    2008-04-14 02:34 12,040 ----a-w C:\WINDOWS\system32\drivers\tdpipe.sys
    2008-04-14 02:34 10,752 ----a-w C:\WINDOWS\hh.exe
    2008-04-14 02:34 1,037,824 ----a-w C:\WINDOWS\explorer.exe
    2008-04-14 02:10 73,600 ----a-w C:\WINDOWS\system32\drivers\sr.sys
    2008-04-14 02:09 80,384 ----a-w C:\WINDOWS\system32\drivers\parport.sys
    2008-04-14 02:09 68,608 ----a-w C:\WINDOWS\system32\drivers\pci.sys
    2008-04-14 02:09 46,848 ----a-w C:\WINDOWS\system32\drivers\p3.sys
    2008-04-14 02:09 120,576 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
    2008-04-14 02:05 800,256 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
    2008-04-14 02:05 25,216 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
    2008-04-14 02:05 154,496 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
    2008-04-14 02:05 14,720 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys
    2008-04-14 02:04 37,632 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
    2008-04-14 02:03 40,576 ------w C:\WINDOWS\system32\drivers\intelppm.sys
    2008-04-14 02:02 40,960 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
    2008-04-14 02:00 66,048 ----a-w C:\WINDOWS\system32\drivers\serial.sys
    2008-04-14 02:00 54,144 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
    2008-04-14 01:59 25,856 ------w C:\WINDOWS\system32\drivers\hidbth.sys
    2008-04-14 01:58 273,664 ------w C:\WINDOWS\system32\drivers\bthport.sys
    2008-04-14 01:57 58,752 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
    2008-04-14 01:57 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys
    2008-04-14 01:56 53,376 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
    2008-04-14 01:55 40,064 ----a-w C:\WINDOWS\system32\drivers\processr.sys
    2008-04-14 01:54 41,856 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
    2008-04-14 01:54 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
    2008-04-14 01:53 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys
    2008-04-14 01:53 23,680 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
    2008-04-14 01:52 188,672 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
    2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
    2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
    2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
    2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
    2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
    2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
    2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
    2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
    2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
    2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
    2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
    2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
    2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
    2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
    2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
    2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
    2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
    2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
    2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
    2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
    2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
    2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
    2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
    2008-04-13 18:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
    2008-04-13 18:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
    2008-04-13 18:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
    2008-04-13 18:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
    2008-04-13 18:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
    2008-04-13 18:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
    2008-04-13 18:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
    2008-04-13 18:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
    2008-04-13 18:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
    2008-04-13 18:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
    2008-04-13 18:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
    2008-04-13 18:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys
    2008-04-13 18:56 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
    2008-04-13 18:56 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys
    2008-04-13 18:56 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
    2008-04-13 18:55 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
    2008-04-13 18:55 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
    2008-04-13 18:54 88,192 ----a-w C:\WINDOWS\system32\drivers\irda.sys
    2008-04-13 18:54 22,016 ----a-w C:\WINDOWS\system32\drivers\msircomm.sys
    2008-04-13 18:54 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys
    2008-04-13 18:53 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys
    2008-04-13 18:53 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys
    2008-04-13 18:53 36,608 ------w C:\WINDOWS\system32\drivers\ip6fw.sys
    2008-04-13 18:53 264,832 ------w C:\WINDOWS\system32\drivers\http.sys
    .

    ((((((((((((((((((((((((((((( snapshot@2008-06-03_15.06.20.79 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-06-03 12:57:22 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2008-06-03 20:38:50 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2008-06-03 20:38:58 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_4c8.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VirtualExpanderFile.1]
    @={E4000AC4-5E5F-4956-807A-C5854405D64F}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 04:33 15360]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-04-13 15:25 3309568]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 04:33 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "vidc.iv41"= ir41_32.dll

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
    backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
    backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^RAMASST.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\RAMASST.lnk
    backup=C:\WINDOWS\pss\RAMASST.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Wireless Configuration Utility HW.32.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Wireless Configuration Utility HW.32.lnk
    backup=C:\WINDOWS\pss\Wireless Configuration Utility HW.32.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^Marie^Menu Démarrer^Programmes^Démarrage^BandeauTask.lnk]
    path=C:\Documents and Settings\Marie\Menu Démarrer\Programmes\Démarrage\BandeauTask.lnk
    backup=C:\WINDOWS\pss\BandeauTask.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^Marie^Menu Démarrer^Programmes^Démarrage^Club Internet.lnk]
    path=C:\Documents and Settings\Marie\Menu Démarrer\Programmes\Démarrage\Club Internet.lnk
    backup=C:\WINDOWS\pss\Club Internet.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^Marie^Menu Démarrer^Programmes^Démarrage^VirtualExpander.lnk]
    path=C:\Documents and Settings\Marie\Menu Démarrer\Programmes\Démarrage\VirtualExpander.lnk
    backup=C:\WINDOWS\pss\VirtualExpander.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
    --a------ 2003-06-18 15:44 151552 C:\Program Files\Apoint2K\Apoint.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccRegVfy]
    C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CeEKEY]
    --a------ 2003-07-23 15:04 638976 C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CeEPOWER]
    --a------ 2003-08-09 18:11 135168 C:\Program Files\TOSHIBA\Power Management\CePMTray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CplBTQ00]
    --a------ 2003-06-27 19:33 708608 C:\Program Files\EzButton\CplBTQ00.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
    --a------ 2008-04-14 04:33 15360 C:\WINDOWS\system32\ctfmon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Drag'n Drop CD+DVD]
    --------- 2003-07-08 21:21 1171456 C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C44 Series]
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C44 Series (Copie 1)]
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
    --a------ 2008-05-18 22:34 91440 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
    --a------ 2005-06-08 14:44 196608 C:\Program Files\Logitech\Video\ManifestEngine.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
    --a------ 2005-06-08 15:24 458752 C:\Program Files\Logitech\Video\ISStart.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
    --a------ 2005-06-08 15:14 217088 C:\Program Files\Logitech\Video\LogiTray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
    --a------ 2005-07-19 17:32 221184 C:\WINDOWS\System32\LVCOMSX.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPSWiFiManager]
    C:\Program Files\Club-Internet\Agent Wifi\AgentWifi.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    --a------ 2008-04-14 04:34 1695232 C:\Program Files\Messenger\msmsgs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    --a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    --a------ 2004-04-13 15:25 3309568 C:\WINDOWS\system32\NvCpl.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
    --a------ 2004-04-13 15:25 782336 C:\WINDOWS\system32\nwiz.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\POINTER]


    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt]
    C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    --a------ 2008-03-25 04:28 144784 C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
    --a------ 2005-02-08 21:41 95960 C:\PROGRA~1\SYMNET~1\SNDMon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPNF]
    --a------ 2003-07-18 15:24 49152 C:\Program Files\TOSHIBA\TouchPad\TPTray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
    --a------ 2008-05-15 16:11 3644464 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmtalk]
    C:\Program Files\Fichiers communs\Talkway\vmtalk.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "WMPNetworkSvc"=3 (0x3)
    "WLSetupSvc"=3 (0x3)
    "UStorage Server Service"=2 (0x2)
    "usnjsvc"=3 (0x3)
    "SNDSrvc"=3 (0x3)
    "ose"=3 (0x3)
    "maconfservice"=3 (0x3)
    "CeEPwrSvc"=2 (0x2)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=

    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
    S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2004-12-29 09:34]
    S4 maconfservice;Ma-Config Service;"C:\Program Files\ma-config.com\maconfservice.exe" [2008-05-23 18:37]

    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-03 22:41:29
    Windows 5.1.2600 Service Pack 3 NTFS

    Balayage processus cach‚s ...

    Balayage cach‚ autostart entries ...

    Balayage des fichiers cach‚s ...

    Scan termin‚ avec succŠs
    Les fichiers cach‚s: 0

    **************************************************************************
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    .
    **************************************************************************
    .
    Temps d'accomplissement: 2008-06-03 22:48:24 - machine was rebooted [Simon]
    ComboFix-quarantined-files.txt 2008-06-03 20:48:18
    ComboFix2.txt 2008-06-03 13:06:44

    Pre-Run: 12,694,896,640 octets libres
    Post-Run: 12,713,406,464 octets libres

    400 --- E O F --- 2008-06-03 05:49:43




    c'est grave ??
    3 Juin 2008 22:51:56

    Bien,

    Supprime C:\WINDOWS\enqf.exe

    Où en sont tes problèmes ?
    3 Juin 2008 23:11:33

    c'est vrai sa va mieux niquel merci encore une derniere chose

    je ne peux lire aucun cd audio, video, craver, dvd, jeux rien je ne sais pas si un virus peux bloquer le lecteur cd de mon ordi portable ou si c'est juste un bug du matos mais mes drivers sont ajour

    vous n'auriez pas une idée ?
    4 Juin 2008 07:05:04

    Essaie de réparer Windows avec le cd correspondant.
    Peut-être des pilotes altérés.

    Puis poste un nouveau rapport HijackThis.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS