je crois que j'ai télécharger et installer un virus
j'ai réagis rapidemet mais maintenant j'ai assez souvent des trojan qui viennent dans l'ordinateur (il y a des adware.downloader ...).
j'ai norton antivirus 2006.
comment je pourrais trouver ce téléchargeur de virus SVP ?

bonsoir

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

c'est ca:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:36:36, on 04/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Apps\Softex\OmniPass\Omniserv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Packard Bell\SrvCDEject.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Apps\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
c:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\regsvr32.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
c:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\camif\LOCALS~1\Temp\Rar$EX00.828\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://format.packardbell.com/cgi- [...] ey=IESTART
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspee.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspee.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [DriveIcons] "C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe"
O4 - HKLM\..\Run: [NECHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [OmniPass] C:\Apps\Softex\OmniPass\scureapp.exe
O4 - HKLM\..\Run: [EULA] C:\APPS\PB_TB\EULALauncher.exe
O4 - HKLM\..\Run: [WiPen] C:\Program Files\WiPen\wpmanage.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [cnsrefch] rundll32.exe "C:\Program Files\cnsrefch\qhkpwjsr.dll",Init
O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: WiFi Station.lnk = ?
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 5317592281
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SrvCDEject - Unknown owner - C:\Program Files\Packard Bell\SrvCDEject.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 12592 bytes

re

C'est une infection Vundo

fais ceci dans l'ordre stp

1

~Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=4
Double-clique VundoFix.exe afin de le lancer
Clique sur le bouton Scan for Vundo.
~Lorsque le scan est complété, clique sur le bouton Remove Vundo
Une invite te demandera si tu veux supprimer les fichiers, clique YES
Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK.
~Copie/colle le contenu du rapport situé dans C:\vundofix.txt
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo


2

Télécharge Combofix de sUBs :
combofix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

Désactive impérativement Norton avant de lancer l'analyse.

Double-clic sur combofix, Il va te poser une question, réponds en appuyant sur la touche1 puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé. Poste le rapport.


3
ajoute un nouveau rapport HijackThis dans ta prochaine réponse

ok je le fais

voici le rapport de vundo:
VundoFix V6.7.0

Checking Java version...

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Scan started at 22:40:37 04/12/2007

Listing files found while scanning....

C:\windows\system32\jkklm.dll
C:\windows\system32\mlkkj.bak1
C:\windows\system32\mlkkj.bak2
C:\windows\system32\mlkkj.ini
C:\windows\system32\mlkkj.ini2
C:\windows\system32\mlkkj.tmp

Beginning removal...

Attempting to delete C:\windows\system32\jkklm.dll
C:\windows\system32\jkklm.dll Has been deleted!

Attempting to delete C:\windows\system32\mlkkj.bak1
C:\windows\system32\mlkkj.bak1 Has been deleted!

Attempting to delete C:\windows\system32\mlkkj.bak2
C:\windows\system32\mlkkj.bak2 Has been deleted!

Attempting to delete C:\windows\system32\mlkkj.ini
C:\windows\system32\mlkkj.ini Has been deleted!

Attempting to delete C:\windows\system32\mlkkj.ini2
C:\windows\system32\mlkkj.ini2 Has been deleted!

Attempting to delete C:\windows\system32\mlkkj.tmp
C:\windows\system32\mlkkj.tmp Has been deleted!

Performing Repairs to the registry.
Done!

voici le rapport de combofix: ComboFix 07-12-02.7 - camif 2007-12-04 23:05:38.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.450 [GMT 1:00]
Running from: C:\Documents and Settings\camif\Bureau\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\SecCenter
C:\WINDOWS\system32\abttwyoq.dll
C:\WINDOWS\system32\axergtoj.dll
C:\WINDOWS\system32\deanxhwy.dll
C:\WINDOWS\system32\equclgcl.dll
C:\WINDOWS\system32\ilbexqjx.dll
C:\WINDOWS\system32\jeryjshj.dll
C:\WINDOWS\system32\julmsfsc.dll
C:\WINDOWS\system32\mupbsrqg.dll

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-04 to 2007-12-04 ))))))))))))))))))))))))))))))))))))
.

2007-12-04 22:40 . 2007-12-04 22:56 <REP> d-------- C:\VundoFix Backups
2007-12-03 19:36 . 2007-12-03 19:36 143 --a------ C:\WINDOWS\system32\mcrh.tmp
2007-12-02 21:06 . 2007-12-04 22:57 <REP> d-------- C:\Program Files\Xixqcbfl
2007-12-02 20:27 . 2007-12-03 17:03 <REP> d-------- C:\Program Files\PacSteamT
2007-12-02 20:27 . 2007-12-02 20:27 <REP> d-------- C:\Program Files\Fichiers communs\Thraex Software
2007-12-02 13:25 . 2007-12-02 13:25 <REP> d-------- C:\Program Files\cnsrefch
2007-12-02 13:25 . 2007-12-02 13:25 35,840 --a------ C:\WINDOWS\system32\tuvvust.dll
2007-12-01 22:40 . 2007-12-01 22:40 <REP> d--hs---- C:\USMT.TMP
2007-12-01 20:01 . 2007-12-01 20:01 <REP> d-------- C:\Program Files\nookprog
2007-12-01 12:31 . 2007-12-01 12:31 <REP> d-------- C:\Program Files\VirtualDJ
2007-12-01 12:29 . 2007-12-01 12:29 <REP> d-------- C:\Downloads
2007-12-01 12:29 . 2007-12-01 12:29 <REP> d-------- C:\Documents and Settings\camif\Application Data\GetRightToGo
2007-11-30 22:07 . 2007-11-30 22:07 <REP> d-------- C:\Program Files\CDBurnerXP
2007-11-30 21:19 . 2007-11-30 21:19 <REP> d-------- C:\Program Files\ONES Trial (F)
2007-11-30 21:19 . 2007-03-09 16:18 221,184 --a------ C:\WINDOWS\InZU31.exe
2007-11-30 21:19 . 2005-06-29 01:38 15,172 --a------ C:\WINDOWS\system32\drivers\PzWDM.sys
2007-11-28 20:45 . 2007-11-28 20:45 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
2007-11-28 16:44 . 2007-11-28 16:44 <REP> d-------- C:\Program Files\Activision
2007-11-28 16:32 . 2007-11-28 16:32 <REP> d-------- C:\Program Files\Windows Media Connect 2
2007-11-28 16:32 . 2006-10-04 15:06 1,197,294 --------- C:\WINDOWS\system32\dllcache\sysmain.sdb
2007-11-28 16:32 . 2006-10-04 15:06 764,868 --------- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2007-11-28 16:32 . 2006-10-04 15:06 217,118 --------- C:\WINDOWS\system32\dllcache\apphelp.sdb
2007-11-28 16:29 . 2007-11-28 16:29 <REP> d-------- C:\WINDOWS\system32\LogFiles
2007-11-28 16:29 . 2007-12-01 12:17 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-11-26 19:26 . 2007-11-26 19:26 45 --a------ C:\WINDOWS\system32\initdebug.nfo
2007-11-24 12:30 . 2007-11-24 12:30 <REP> d-------- C:\Program Files\Shareaza
2007-11-24 12:21 . 2007-12-04 23:11 <REP> d-------- C:\Program Files\eMule
2007-11-24 11:34 . 2007-11-24 11:34 <REP> d-------- C:\WINDOWS\Sun
2007-11-23 22:59 . 2007-11-24 22:57 <REP> d-------- C:\Program Files\Full Tilt Poker
2007-11-21 19:59 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-11-21 19:58 . 2007-11-21 19:58 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-11-19 21:55 . 2007-11-19 21:55 <REP> d-------- C:\Documents and Settings\All Users\SonicStage
2007-11-19 21:49 . 2007-11-19 21:49 <REP> d-------- C:\Program Files\Sony Corporation
2007-11-19 21:49 . 2001-08-31 15:07 27,255 --------- C:\WINDOWS\system32\drivers\NWWMUSB.sys
2007-11-19 21:49 . 2002-09-11 10:20 11,510 --------- C:\WINDOWS\system32\drivers\VMCUSB.sys
2007-11-19 21:48 . 2005-09-08 10:22 765,952 --a------ C:\WINDOWS\system32\CDDBUISony.dll
2007-11-19 21:48 . 2005-10-11 21:46 598,016 --a------ C:\WINDOWS\system32\CDDBControlSony.dll
2007-11-19 21:48 . 2005-09-08 10:09 565,248 --a------ C:\WINDOWS\system32\CddbMusicIDSony.dll
2007-11-19 21:48 . 2005-09-08 10:22 98,304 --a------ C:\WINDOWS\system32\CddbLangFRSony.dll
2007-11-19 21:48 . 2001-09-13 02:15 90,112 --------- C:\WINDOWS\snymsico.dll
2007-11-19 21:48 . 2005-09-08 10:21 73,728 --a------ C:\WINDOWS\system32\CddbLinkSony.dll
2007-11-19 21:48 . 2002-08-08 15:51 38,951 --------- C:\WINDOWS\system32\drivers\NETMDUSB.sys
2007-11-19 21:48 . 2005-10-31 10:46 36,679 --------- C:\WINDOWS\system32\drivers\NETMD052.sys
2007-11-19 21:48 . 2003-11-10 12:31 36,232 --------- C:\WINDOWS\system32\drivers\NETMD033.sys
2007-11-19 21:48 . 2003-04-01 18:55 35,319 --------- C:\WINDOWS\system32\drivers\NETMD031.sys
2007-11-19 21:47 . 2007-11-19 21:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sony Corporation
2007-11-19 21:46 . 2007-11-19 21:49 <REP> d-------- C:\Program Files\Sony
2007-11-19 21:46 . 2007-11-19 21:49 <REP> d-------- C:\Program Files\Fichiers communs\Sony Shared
2007-11-19 21:46 . 2007-11-19 21:56 <REP> d-------- C:\Documents and Settings\camif\Application Data\Sony Corporation
2007-11-17 23:42 . 2007-11-17 23:42 <REP> d-------- C:\Documents and Settings\camif\Application Data\vlc
2007-11-17 23:41 . 2007-11-17 23:41 <REP> d-------- C:\Program Files\VideoLAN
2007-11-17 23:13 . 2007-11-17 23:13 <REP> d-------- C:\Documents and Settings\camif\Incomplete
2007-11-17 23:13 . 2007-12-04 13:09 <REP> d-------- C:\Documents and Settings\camif\Application Data\LimeWire
2007-11-17 23:12 . 2007-11-17 23:12 <REP> d-------- C:\Program Files\LimeWire
2007-11-17 21:16 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-11-17 21:16 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2007-11-17 21:16 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2007-11-17 19:13 . 2007-11-17 19:13 <REP> d-------- C:\Program Files\Pivot Stickfigure Animator
2007-11-17 18:46 . 2006-10-05 03:42 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-11-17 18:46 . 2006-10-05 03:42 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-11-17 18:39 . 2007-11-23 22:57 <REP> d-------- C:\Poker
2007-11-17 18:31 . 2007-12-01 20:08 <REP> d-------- C:\Documents and Settings\camif\Application Data\AdobeUM
2007-11-17 18:12 . 2007-11-17 18:12 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-11-17 18:08 . 2007-07-09 14:19 582,656 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-11-17 18:04 . 2007-11-17 18:04 <REP> d-------- C:\Program Files\speed-bit
2007-11-17 18:02 . 2007-11-17 18:04 <REP> d-------- C:\Program Files\DAP
2007-11-17 18:02 . 2007-12-04 19:10 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-17 18:02 . 2007-11-17 18:02 479,298 --a------ C:\WINDOWS\system32\wbocx.ocx
2007-11-17 18:02 . 2007-11-17 18:02 172,032 --a------ C:\WINDOWS\system32\AniGIF.ocx
2007-11-17 18:02 . 2007-11-17 18:02 50,688 --a------ C:\WINDOWS\system32\wbhelp2.dll
2007-11-17 17:57 . 2007-11-17 17:57 <REP> d-------- C:\Program Files\MSXML 4.0
2007-11-17 17:49 . 2007-11-17 22:50 <REP> d-------- C:\WINDOWS\system32\fr-fr
2007-11-17 17:49 . 2007-11-26 19:45 <REP> d-------- C:\Documents and Settings\camif\Contacts
2007-11-17 17:48 . 2007-11-21 19:56 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2007-11-17 17:44 . 2007-11-21 19:59 <REP> d-------- C:\Program Files\Windows Live
2007-11-17 17:44 . 2007-11-21 19:51 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-11-17 17:44 . 2007-11-21 19:50 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-17 17:42 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2007-11-17 17:42 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2007-11-17 17:42 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2007-11-17 17:42 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2007-11-17 17:42 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2007-11-17 17:41 . 2007-12-04 17:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2007-11-17 17:39 . 2007-11-17 17:39 <REP> d--hs---- C:\Documents and Settings\camif\UserData
2007-11-17 16:37 . 2007-11-17 16:38 10,740 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2007-11-17 16:37 . 2007-11-17 16:38 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
2007-11-17 16:31 . 2006-03-09 11:33 366,080 --a------ C:\WINDOWS\system32\drivers\rt61.sys
2007-11-17 16:31 . 2006-03-09 11:33 365,440 --a------ C:\WINDOWS\system32\drivers\RT619x.sys
2007-11-17 16:31 . 2006-01-12 19:47 255,616 --a------ C:\WINDOWS\system32\drivers\rt73u98.sys
2007-11-17 16:31 . 2006-01-12 19:46 252,928 --a------ C:\WINDOWS\system32\drivers\rt73.sys
2007-11-17 16:31 . 2005-10-17 19:50 247,808 --a------ C:\WINDOWS\system32\drivers\rt25u98.sys
2007-11-17 16:31 . 2005-10-17 19:50 245,376 --a------ C:\WINDOWS\system32\drivers\rt2500usb.sys
2007-11-17 16:31 . 2005-10-20 15:00 244,608 --a------ C:\WINDOWS\system32\drivers\rt25009x.sys
2007-11-17 16:31 . 2005-10-20 15:00 243,328 --a------ C:\WINDOWS\system32\drivers\rt2500.sys
2007-11-17 16:30 . 2007-11-17 16:30 <REP> d-------- C:\Documents and Settings\camif\Application Data\InstallShield
2007-11-17 16:03 . 2007-11-17 16:03 20,747 --a------ C:\WINDOWS\system32\drivers\AegisP.sys
2007-11-17 16:01 . 2007-11-17 16:01 <REP> d-------- C:\Program Files\Hercules
2007-11-17 16:00 . 2007-12-04 23:10 <REP> d-------- C:\Program Files\WiPen

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-04 22:09 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2007-11-28 19:45 --------- d-----w C:\Program Files\Fichiers communs\Real
2007-11-28 15:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-19 18:28 --------- d-----w C:\Program Files\Google
2007-11-17 17:46 --------- d-----w C:\Program Files\Picasa2
2007-11-17 15:42 --------- d-----w C:\Program Files\Symantec
2007-11-17 15:42 --------- d-----w C:\Program Files\Norton Internet Security
2007-11-17 15:38 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
2007-11-17 15:38 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-11-17 15:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-23 16:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-10-01 13:49 542,088 ----a-w C:\WINDOWS\system32\SymNeti.dll
2007-10-01 13:49 161,160 ----a-w C:\WINDOWS\system32\SymRedir.dll
2004-02-11 03:00 80,014 ----a-w C:\WINDOWS\Fonts\unins000.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]
2007-07-31 16:33 1391640 --a------ C:\Program Files\speed-bit\tbspee.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{79B3844B-6DAC-4B78-B0B8-C99D8BBDCD50}]
2007-12-02 13:25 35840 --a------ C:\WINDOWS\system32\tuvvust.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B603FF7E-75E2-43AC-8E82-D01A2659110A}]
C:\WINDOWS\system32\jkklm.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2BA521AC-B9B9-4433-BA45-DBA2F02CBA5A}"= C:\Program Files\speed-bit\tbspee.dll [2007-07-31 16:33 1391640]

[HKEY_CLASSES_ROOT\clsid\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2BA521AC-B9B9-4433-BA45-DBA2F02CBA5A}"= C:\Program Files\speed-bit\tbspee.dll [2007-07-31 16:33 1391640]

[HKEY_CLASSES_ROOT\clsid\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="C:\APPS\SMP\SmpSys.exe" [2005-11-17 09:51]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 14:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-17 17:41]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2007-05-13 15:57]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-10 14:00]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 14:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 14:00]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-09-29 14:01]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-18 13:27 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 17:04 C:\WINDOWS\SkyTel.exe]
"DriveIcons"="C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe" [2005-12-09 19:44]
"NECHotkey"="mHotkey.exe" [2006-01-11 10:29 C:\WINDOWS\mHotkey.exe]
"ATICCC"="c:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 11:12]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe" [2005-06-03 03:52]
"ATSwpNav"="C:\Program Files\Fingerprint Sensor\ATSwpNav -run" []
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" []
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" []
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-02-22 12:08]
"URLLSTCK.exe"="C:\Program Files\Norton Internet Security\UrlLstCk.exe" [2007-02-01 17:21]
"OmniPass"="C:\Apps\Softex\OmniPass\scureapp.exe" [2005-08-12 18:05]
"EULA"="C:\APPS\PB_TB\EULALauncher.exe" [2006-09-29 13:14]
"WiPen"="C:\Program Files\WiPen\wpmanage.exe" [2005-12-07 14:47]
"Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 10:22]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-03-13 14:54]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 02:36]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-11-28 20:44]
"OoPDFSettingsv6.exe"="C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe" [2007-03-13 15:36]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 14:00]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{79B3844B-6DAC-4B78-B0B8-C99D8BBDCD50}"= C:\WINDOWS\system32\tuvvust.dll [2007-12-02 13:25 35840]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OPXPGina]
C:\Apps\Softex\OmniPass\opxpgina.dll 2005-08-12 17:01 49152 C:\APPS\Softex\OmniPass\OPXPGina.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tuvvust]
tuvvust.dll 2007-12-02 13:25 35840 C:\WINDOWS\system32\tuvvust.dll

R0 PzWDM;PzWDM;C:\WINDOWS\system32\Drivers\PzWDM.sys
R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe
R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
R2 SrvCDEject;SrvCDEject;C:\Program Files\Packard Bell\SrvCDEject.exe
R3 3xHybrid;ASUSTek SAA713x PCI Card;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
R3 RTSTOR;USB Mass Stroage Device;C:\WINDOWS\system32\drivers\RTSTOR.SYS
R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys
S0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

*Newly Created Service* - COMHOST
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-12-04 18:30:00 C:\WINDOWS\Tasks\Extension de garantie.job"
- C:\APPS\SMP\PBCARNOT.EXE
"2007-11-24 22:20:43 C:\WINDOWS\Tasks\HDReg.job"
- c:\Apps\HDReg\HDRegRem.exe
"2007-11-30 19:22:31 C:\WINDOWS\Tasks\Norton AntiVirus - Effectuer une analyse complète du système - camif.job"
"2007-03-13 14:03:36 C:\WINDOWS\Tasks\Rappel d'enregistrement 1.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2007-03-13 14:03:36 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2007-03-13 14:03:37 C:\WINDOWS\Tasks\Rappel d'enregistrement 3.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
.
**************************************************************************

catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-04 23:11:23
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-04 23:13:03 - machine was rebooted
.
--- E O F ---

voici le rapport de hijjackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:18:18, on 04/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Apps\Softex\OmniPass\Omniserv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Program Files\Packard Bell\SrvCDEject.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\Apps\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
c:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\WiPen\wpmanage.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
c:\Program Files\ATI Technologies\ATI.ACE\cli.exe
c:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\camif\LOCALS~1\Temp\Rar$EX00.813\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://format.packardbell.com/cgi- [...] ey=IESTART
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspee.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspee.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [DriveIcons] "C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe"
O4 - HKLM\..\Run: [NECHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [OmniPass] C:\Apps\