Bagle> Besoin d'aide pour l'analyse rapports

zed -
Nemesis31 Messages postés 467 Statut Membre - 18 oct. 2009 à 15:09

Bonsoir !

J’aurais besoin d’un peu d’aide svp j’ai identifié en tapant les symptômes dans Google que j’avais choppé Bagle, c'est déjà ça, maintenant j’arrive pas à me débrouiller tout seul avec toutes les solutions proposées sur internet : j’ai du mal à faire le tri parmi Findykill, Elibagla, Malwarebytes, ComboFix, FxBeagle, BagleGui et les autres…
(Je sais qu’il y a en ce moment même plusieurs sujets ouverts sur la question mais apparemment il faut recréer un sujet chacun pour que les rapports soient interprétés donc je suis les instructions :) )

Je me suis lancé avec ComboFix, voilà le rapport :

ComboFix 09-09-06.02 - Paul 06/09/2009 19:45.1.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.2046.1223 [GMT 2:00]
Running from: c:\users\Paul\Desktop\ComboFi.exe
AV: avast! antivirus 4.7.1098 [VPS 090831-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\$recycle.bin\S-1-5-21-2930117785-1065346422-191770319-1001
c:\$recycle.bin\S-1-5-21-2930117785-1065346422-191770319-500
c:\$recycle.bin\S-1-5-21-4166659471-477811567-471052203-500
c:\users\Paul\AppData\Roaming\drivers\111wfs1intwq.sys
c:\users\Paul\AppData\Roaming\Drivers\11s11ro1s1a2.sys
c:\users\Paul\AppData\Roaming\drivers\downld
c:\users\Paul\AppData\Roaming\drivers\downld\1025051.exe
c:\users\Paul\AppData\Roaming\drivers\downld\1123191.exe
c:\users\Paul\AppData\Roaming\drivers\downld\1123581.exe
c:\users\Paul\AppData\Roaming\drivers\downld\1123612.exe
c:\users\Paul\AppData\Roaming\drivers\downld\1209475.exe
c:\users\Paul\AppData\Roaming\drivers\downld\1213906.exe
c:\users\Paul\AppData\Roaming\drivers\downld\1214608.exe
c:\users\Paul\AppData\Roaming\drivers\downld\1214670.exe
c:\users\Paul\AppData\Roaming\drivers\downld\1214998.exe
c:\users\Paul\AppData\Roaming\drivers\downld\1215793.exe
c:\users\Paul\AppData\Roaming\drivers\downld\14987546.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15005205.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15009542.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15021383.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15022241.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15022787.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15040945.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15043925.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15070632.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15070694.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15070710.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15116075.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15116106.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15119866.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15121566.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15121988.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15131207.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15131223.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15137182.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15138056.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15138539.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15139304.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15157244.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15243965.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15243980.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15243996.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15328564.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15329968.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15334321.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15334835.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15334898.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15335194.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15335272.exe
c:\users\Paul\AppData\Roaming\drivers\downld\15335288.exe
c:\users\Paul\AppData\Roaming\drivers\downld\156422.exe
c:\users\Paul\AppData\Roaming\drivers\downld\170711.exe
c:\users\Paul\AppData\Roaming\drivers\downld\222363.exe
c:\users\Paul\AppData\Roaming\drivers\downld\226092.exe
c:\users\Paul\AppData\Roaming\drivers\downld\226809.exe
c:\users\Paul\AppData\Roaming\drivers\downld\246060.exe
c:\users\Paul\AppData\Roaming\drivers\downld\262487.exe
c:\users\Paul\AppData\Roaming\drivers\downld\291472.exe
c:\users\Paul\AppData\Roaming\drivers\downld\291721.exe
c:\users\Paul\AppData\Roaming\drivers\downld\291737.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29736395.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29760185.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29763945.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29778219.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29779233.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29779764.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29797922.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29803616.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29828841.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29828904.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29828919.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29873785.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29873801.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29878122.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29879698.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29880431.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29889198.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29889214.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29895594.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29896562.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29897092.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29901195.exe
c:\users\Paul\AppData\Roaming\drivers\downld\29916155.exe
c:\users\Paul\AppData\Roaming\drivers\downld\30010458.exe
c:\users\Paul\AppData\Roaming\drivers\downld\30010489.exe
c:\users\Paul\AppData\Roaming\drivers\downld\30010505.exe
c:\users\Paul\AppData\Roaming\drivers\downld\30095837.exe
c:\users\Paul\AppData\Roaming\drivers\downld\30096102.exe
c:\users\Paul\AppData\Roaming\drivers\downld\30096165.exe
c:\users\Paul\AppData\Roaming\drivers\downld\30096602.exe
c:\users\Paul\AppData\Roaming\drivers\downld\30096617.exe
c:\users\Paul\AppData\Roaming\drivers\downld\344044.exe
c:\users\Paul\AppData\Roaming\drivers\downld\344512.exe
c:\users\Paul\AppData\Roaming\drivers\downld\344528.exe
c:\users\Paul\AppData\Roaming\drivers\downld\349910.exe
c:\users\Paul\AppData\Roaming\drivers\downld\351329.exe
c:\users\Paul\AppData\Roaming\drivers\downld\352359.exe
c:\users\Paul\AppData\Roaming\drivers\downld\362421.exe
c:\users\Paul\AppData\Roaming\drivers\downld\363653.exe
c:\users\Paul\AppData\Roaming\drivers\downld\363669.exe
c:\users\Paul\AppData\Roaming\drivers\downld\373185.exe
c:\users\Paul\AppData\Roaming\drivers\downld\374839.exe
c:\users\Paul\AppData\Roaming\drivers\downld\375900.exe
c:\users\Paul\AppData\Roaming\drivers\downld\376602.exe
c:\users\Paul\AppData\Roaming\drivers\downld\393262.exe
c:\users\Paul\AppData\Roaming\drivers\downld\489952.exe
c:\users\Paul\AppData\Roaming\drivers\downld\490404.exe
c:\users\Paul\AppData\Roaming\drivers\downld\579060.exe
c:\users\Paul\AppData\Roaming\drivers\downld\582804.exe
c:\users\Paul\AppData\Roaming\drivers\downld\583662.exe
c:\users\Paul\AppData\Roaming\drivers\downld\583724.exe
c:\users\Paul\AppData\Roaming\drivers\downld\584067.exe
c:\users\Paul\AppData\Roaming\drivers\downld\585237.exe
c:\users\Paul\AppData\Roaming\drivers\downld\776214.exe
c:\users\Paul\AppData\Roaming\drivers\downld\801439.exe
c:\users\Paul\AppData\Roaming\drivers\downld\812562.exe
c:\users\Paul\AppData\Roaming\drivers\downld\815152.exe
c:\users\Paul\AppData\Roaming\drivers\downld\815729.exe
c:\users\Paul\AppData\Roaming\drivers\downld\834886.exe
c:\users\Paul\AppData\Roaming\drivers\downld\838411.exe
c:\users\Paul\AppData\Roaming\drivers\downld\871780.exe
c:\users\Paul\AppData\Roaming\drivers\downld\886148.exe
c:\users\Paul\AppData\Roaming\drivers\downld\886506.exe
c:\users\Paul\AppData\Roaming\drivers\downld\886522.exe
c:\users\Paul\AppData\Roaming\drivers\downld\959936.exe
c:\users\Paul\AppData\Roaming\drivers\downld\960388.exe
c:\users\Paul\AppData\Roaming\drivers\downld\964710.exe
c:\users\Paul\AppData\Roaming\drivers\downld\966472.exe
c:\users\Paul\AppData\Roaming\drivers\downld\968111.exe
c:\users\Paul\AppData\Roaming\drivers\downld\977751.exe
c:\users\Paul\AppData\Roaming\drivers\downld\978953.exe
c:\users\Paul\AppData\Roaming\drivers\downld\978968.exe
c:\users\Paul\AppData\Roaming\drivers\downld\985567.exe
c:\users\Paul\AppData\Roaming\drivers\downld\987392.exe
c:\users\Paul\AppData\Roaming\drivers\downld\987860.exe
c:\users\Paul\AppData\Roaming\drivers\downld\988593.exe
c:\users\Paul\AppData\Roaming\drivers\winupgro.exe
c:\users\Paul\AppData\Roaming\m
c:\users\Paul\AppData\Roaming\m\data.oct
c:\users\Paul\AppData\Roaming\m\flec006.exe
c:\users\Paul\AppData\Roaming\m\list.oct
c:\users\Paul\AppData\Roaming\m\shared\.Symantec.Norton.Antivirus.Pro.2005.zip
c:\users\Paul\AppData\Roaming\m\shared\[APP].-.Kaspersky.Antivirus.Personal.5.0.227.ITA.+chiave.scadenza.2008.zip
c:\users\Paul\AppData\Roaming\m\shared\3D_Garden_Waterfalls_1.0.zip
c:\users\Paul\AppData\Roaming\m\shared\3herosoft DVD to Pocket PC Ripper 3.2.1 Build 0526.zip
c:\users\Paul\AppData\Roaming\m\shared\AbhorDJ 1.51.zip
c:\users\Paul\AppData\Roaming\m\shared\ADSS_Plot_Control_Demo_1.0_(Crack).zip
c:\users\Paul\AppData\Roaming\m\shared\AdventNet_QEngine_WebTest_5.4.zip
c:\users\Paul\AppData\Roaming\m\shared\Alarm_Video_Clock_1.0_[Patch].zip
c:\users\Paul\AppData\Roaming\m\shared\All To AVI VCD SVCD DVD MPEG Converter 5.6 [Key+Serial].zip
c:\users\Paul\AppData\Roaming\m\shared\Alpha Dista Icons.zip
c:\users\Paul\AppData\Roaming\m\shared\Altdo DVD Ripper Diamond 8.2.zip
c:\users\Paul\AppData\Roaming\m\shared\AS Lottery Number Generator 1.0.zip
c:\users\Paul\AppData\Roaming\m\shared\Ashampoo Magical Snap 2.30.zip
c:\users\Paul\AppData\Roaming\m\shared\Aspose.Workflow_1.2.11.0_(Patch).zip
c:\users\Paul\AppData\Roaming\m\shared\Atory Password Generator 1.7.zip
c:\users\Paul\AppData\Roaming\m\shared\Avast! Home Edition 4.8.1335.zip
c:\users\Paul\AppData\Roaming\m\shared\Axoio_HexStudio_5.0_[Cracked].zip
c:\users\Paul\AppData\Roaming\m\shared\Backup dD 2.2 Build 90.zip
c:\users\Paul\AppData\Roaming\m\shared\BBC_World_Cup_Wallchart_1.0.zip
c:\users\Paul\AppData\Roaming\m\shared\Blacksmith3D - Suite 2.2.1.zip
c:\users\Paul\AppData\Roaming\m\shared\BMW K1200 Screensaver 1.zip
c:\users\Paul\AppData\Roaming\m\shared\Bookmark Jumper for MS Word 1.1.zip
c:\users\Paul\AppData\Roaming\m\shared\boxed_screensaver_01_[With_Crack].zip
c:\users\Paul\AppData\Roaming\m\shared\Bryht_Task_Calendar_1.1.zip
c:\users\Paul\AppData\Roaming\m\shared\Building A Web Site 2007.1.zip
c:\users\Paul\AppData\Roaming\m\shared\Celestia 1.5.1.zip
c:\users\Paul\AppData\Roaming\m\shared\Cleantouch_Trading_Control_System_2.0.zip
c:\users\Paul\AppData\Roaming\m\shared\CobIcon 2.0.zip
c:\users\Paul\AppData\Roaming\m\shared\CodeTranslator 1.1.zip
c:\users\Paul\AppData\Roaming\m\shared\ColdStop Popup Killer 3.0.zip
c:\users\Paul\AppData\Roaming\m\shared\Command_&_Conquer_Renegade_-_Beach_map.zip
c:\users\Paul\AppData\Roaming\m\shared\CPU_Portal_1.2.zip
c:\users\Paul\AppData\Roaming\m\shared\Cyber_List_Manager_7.0.2006_(Key).zip
c:\users\Paul\AppData\Roaming\m\shared\CZDC 0.666[N].zip
c:\users\Paul\AppData\Roaming\m\shared\Data_Access_Builder_for_MS_SQL_Server_2.0.2178.31920_(Serial).zip
c:\users\Paul\AppData\Roaming\m\shared\Desktop_Dali_1.5.zip
c:\users\Paul\AppData\Roaming\m\shared\Ease Jukebox 1.50.zip
c:\users\Paul\AppData\Roaming\m\shared\EF Multi File Renamer 2.30.zip
c:\users\Paul\AppData\Roaming\m\shared\Engines_Desktop_Basic_2.0.zip
c:\users\Paul\AppData\Roaming\m\shared\Excel Search and Replace 2.0.zip
c:\users\Paul\AppData\Roaming\m\shared\Excellence_Hot_Key_2.1_Key.zip
c:\users\Paul\AppData\Roaming\m\shared\Extreme Punch 2.3.zip
c:\users\Paul\AppData\Roaming\m\shared\Extreme_Exe_Morning_Coffee_1.0.zip
c:\users\Paul\AppData\Roaming\m\shared\EZ Backup Excel Pro 4.7.zip
c:\users\Paul\AppData\Roaming\m\shared\Faster_Than_Ever_2.0.3.16.zip
c:\users\Paul\AppData\Roaming\m\shared\FileWasher_Pro_1.32k_[Crack].zip
c:\users\Paul\AppData\Roaming\m\shared\FilmShrink_0.3.3.129_Beta.zip
c:\users\Paul\AppData\Roaming\m\shared\Flex_Mp3_Workshop_2.01.zip
c:\users\Paul\AppData\Roaming\m\shared\Font_Maker_1.0.zip
c:\users\Paul\AppData\Roaming\m\shared\Free_Bible_Study_-_Add_Any_Texts_1.5.zip
c:\users\Paul\AppData\Roaming\m\shared\Free_Picture_Finder_3.6.zip
c:\users\Paul\AppData\Roaming\m\shared\Half-Life_Counter-Strike_Massacre_pack_1.0.zip
c:\users\Paul\AppData\Roaming\m\shared\Halo 2 - Behind the Scenes movie.zip
c:\users\Paul\AppData\Roaming\m\shared\Haunted Forest Screensaver 1.0.zip
c:\users\Paul\AppData\Roaming\m\shared\HTML Snapshot 2.1.2009.401.zip
c:\users\Paul\AppData\Roaming\m\shared\i-Fun Viewer 8.0.zip
c:\users\Paul\AppData\Roaming\m\shared\Iasis 1.0.0.321.zip
c:\users\Paul\AppData\Roaming\m\shared\ICOpenCalculator 1.0.7.zip
c:\users\Paul\AppData\Roaming\m\shared\iMagic Survey Pro 1.26.zip
c:\users\Paul\AppData\Roaming\m\shared\Infocus_2.10.5.zip
c:\users\Paul\AppData\Roaming\m\shared\Itookia Smart Icon Set.zip
c:\users\Paul\AppData\Roaming\m\shared\Jabirnet's File Renamer 1.0.zip
c:\users\Paul\AppData\Roaming\m\shared\Language_Switch_-_Pan_European_2.1f.zip
c:\users\Paul\AppData\Roaming\m\shared\LinkWS_Newsletter_2.1_Turbo.zip
c:\users\Paul\AppData\Roaming\m\shared\Microsoft MCSE Internet Security and Acc 8.00.05 (Key).zip
c:\users\Paul\AppData\Roaming\m\shared\Mister Wong Toolbar 1.1.8a.zip
c:\users\Paul\AppData\Roaming\m\shared\MS Word Extract Images From Multiple Documents Software 7.0.zip
c:\users\Paul\AppData\Roaming\m\shared\My Vacation Tracker 2.78.zip
c:\users\Paul\AppData\Roaming\m\shared\NakenCow 2.0.6.zip
c:\users\Paul\AppData\Roaming\m\shared\nod32.2.51.26.keygen.zip
c:\users\Paul\AppData\Roaming\m\shared\NOD32.Antivirus.System.2.70.23.for.Windows.NT20002003XP.x64.zip
c:\users\Paul\AppData\Roaming\m\shared\ObjectPrint Logger 1.1.zip
c:\users\Paul\AppData\Roaming\m\shared\Oriel_Forecast_1.zip
c:\users\Paul\AppData\Roaming\m\shared\Panorama Scroller 1.0.01.zip
c:\users\Paul\AppData\Roaming\m\shared\PDF Download 0.7.6.zip
c:\users\Paul\AppData\Roaming\m\shared\Periodic Table 1.1.zip
c:\users\Paul\AppData\Roaming\m\shared\Personal File Server 1.0a.zip
c:\users\Paul\AppData\Roaming\m\shared\PhotoRestorer_2.1_[Cracked].zip
c:\users\Paul\AppData\Roaming\m\shared\PlayZone_1.1.zip
c:\users\Paul\AppData\Roaming\m\shared\PLT_Import_for_SolidWorks_1.0_(Cracked).zip
c:\users\Paul\AppData\Roaming\m\shared\Podwatch 1.0.3.zip
c:\users\Paul\AppData\Roaming\m\shared\PopupEliminator_1.3.zip
c:\users\Paul\AppData\Roaming\m\shared\Praise_1_1.0.zip
c:\users\Paul\AppData\Roaming\m\shared\QSetup 8.5.0.4.zip
c:\users\Paul\AppData\Roaming\m\shared\RapidShare Leecher 2007 2.0.zip
c:\users\Paul\AppData\Roaming\m\shared\Remove_Read_Only_Status_2004_1.0.0_(Serial).zip
c:\users\Paul\AppData\Roaming\m\shared\reProbe The Investment Real Estate Evaluator.zip
c:\users\Paul\AppData\Roaming\m\shared\RH TV Viewer 3.0.zip
c:\users\Paul\AppData\Roaming\m\shared\Router Status 0.1.7.5.zip
c:\users\Paul\AppData\Roaming\m\shared\SaveURI_0.3.1.2.zip
c:\users\Paul\AppData\Roaming\m\shared\Science Teacher's Helper 2.0.zip
c:\users\Paul\AppData\Roaming\m\shared\ScreenShot2Print_1.3.1.17.zip
c:\users\Paul\AppData\Roaming\m\shared\SFE 0.5.zip
c:\users\Paul\AppData\Roaming\m\shared\ShareAlarm 2.2.zip
c:\users\Paul\AppData\Roaming\m\shared\SiteHound_for_Internet_Explorer_1.5.zip
c:\users\Paul\AppData\Roaming\m\shared\Small_Worlds_1.0.6.2634.zip
c:\users\Paul\AppData\Roaming\m\shared\SNRemove 1.00.zip
c:\users\Paul\AppData\Roaming\m\shared\SoftOrbits Flash Card Recovery 1.2.zip
c:\users\Paul\AppData\Roaming\m\shared\Software Studio 0.4.zip
c:\users\Paul\AppData\Roaming\m\shared\Space_Jump_1.0.zip
c:\users\Paul\AppData\Roaming\m\shared\Sphinx_Desktop_Assistant_1.3.20.2.zip
c:\users\Paul\AppData\Roaming\m\shared\SpyProtector 2006 1.3.160 Beta.zip
c:\users\Paul\AppData\Roaming\m\shared\Super_Audio_Factory_5.4.zip
c:\users\Paul\AppData\Roaming\m\shared\SysMetrix 3.41.zip
c:\users\Paul\AppData\Roaming\m\shared\SysPrep_Driver_Scanner_1.3.1.zip
c:\users\Paul\AppData\Roaming\m\shared\System_Gauge_alpha.zip
c:\users\Paul\AppData\Roaming\m\shared\Tele-Support HelpDesk 3.2.zip
c:\users\Paul\AppData\Roaming\m\shared\The_Lady_Swan_1.0.zip
c:\users\Paul\AppData\Roaming\m\shared\Up time 1.0.zip
c:\users\Paul\AppData\Roaming\m\shared\VidBox 6.5.zip
c:\users\Paul\AppData\Roaming\m\shared\Vigorous_Enterprise_Messenger_5.0.zip
c:\users\Paul\AppData\Roaming\m\shared\VirusKeeper 2006 6.2.2.zip
c:\users\Paul\AppData\Roaming\m\shared\VizEdge_Plus_1.1.zip
c:\users\Paul\AppData\Roaming\m\shared\Wallpaper_Magic_2.5.zip
c:\users\Paul\AppData\Roaming\m\shared\WBIAS_0.81.zip
c:\users\Paul\AppData\Roaming\m\shared\Web Code Converter 3.01.zip
c:\users\Paul\AppData\Roaming\m\shared\Web Message Producer 2006.8.3 [Crack].zip
c:\users\Paul\AppData\Roaming\m\shared\Web Recycle Bin v.2.0 (Crack).zip
c:\users\Paul\AppData\Roaming\m\shared\White_Dune 0.29 Beta 637.zip
c:\users\Paul\AppData\Roaming\m\shared\Win32.Bagle.AJ@mm_Free_Removal_tool_1.0.zip
c:\users\Paul\AppData\Roaming\m\shared\Windows_Help_Designer_3.8.7_[Serial].zip
c:\users\Paul\AppData\Roaming\m\shared\Woman Calendar 6.02.zip
c:\users\Paul\AppData\Roaming\m\shared\Workshare_Professional_5.zip
c:\users\Paul\AppData\Roaming\m\shared\Xnews_2006.08.24_Test.zip
c:\users\Paul\AppData\Roaming\m\shared\ZALAttributes_1.9.zip
c:\users\Paul\AppData\Roaming\m\shared\Zoner_Photo_Studio_9.0.4_(Patch).zip
c:\users\Paul\AppData\Roaming\m\srvlist.oct
c:\windows\Installer\91f0fb.msi
c:\windows\system32\acovcnt.exe
c:\windows\system32\ban_list.txt
c:\windows\system32\drivers\down
c:\windows\system32\drivers\down\15136933.exe
c:\windows\system32\drivers\down\15141316.exe
c:\windows\system32\mdelk.exe
c:\windows\system32\wintems.exe
D:\autorun.inf
D:\cretae.dll.vbs
M:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_111111S1RO1S1A
-------\Legacy_111111S1RO1S1A
-------\Legacy_111111S1RO1S1A
-------\Service_sK9Ou0s

((((((((((((((((((((((((( Files Created from 2009-08-06 to 2009-09-06 )))))))))))))))))))))))))))))))
.

2009-09-06 18:10 . 2009-09-06 18:20 -------- d-----w- c:\users\Paul\AppData\Local\temp
2009-09-06 18:10 . 2009-09-06 18:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-09-04 22:30 . 2009-09-04 22:30 -------- d-----w- c:\program files\Panda Security
2009-09-04 22:12 . 2009-09-04 22:37 -------- d-----w- c:\users\Paul\AppData\Roaming\HouseCall 6.6
2009-09-04 21:09 . 2009-09-06 18:19 -------- d--h--w- c:\users\Paul\AppData\Roaming\drivers
2009-09-01 12:01 . 2009-06-15 15:21 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-09-01 12:01 . 2009-06-15 15:24 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-09-01 12:01 . 2009-06-15 15:24 270848 ----a-w- c:\windows\system32\schannel.dll
2009-09-01 12:01 . 2009-06-15 15:23 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2009-09-01 12:01 . 2009-06-15 15:22 213504 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-01 12:01 . 2009-06-15 18:20 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-09-01 12:01 . 2009-06-15 15:24 72704 ----a-w- c:\windows\system32\secur32.dll
2009-09-01 12:01 . 2009-06-15 12:57 9728 ----a-w- c:\windows\system32\lsass.exe
2009-08-31 21:51 . 2009-06-22 10:22 2048 ----a-w- c:\windows\system32\tzres.dll
2009-08-24 21:47 . 2009-07-17 14:35 71680 ----a-w- c:\windows\system32\atl.dll
2009-08-24 21:46 . 2009-06-10 12:12 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-08-24 21:46 . 2009-06-04 12:34 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-08-24 21:46 . 2009-06-10 12:07 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-08-24 21:45 . 2009-07-14 13:00 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-08-24 21:45 . 2009-07-14 12:58 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-08-24 21:45 . 2009-07-14 12:59 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-08-24 21:45 . 2009-07-14 10:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-06 18:18 . 2007-04-18 08:33 12 ----a-w- c:\windows\bthservsdp.dat
2009-09-04 22:15 . 2007-04-18 09:09 669566 ----a-w- c:\windows\system32\perfh00C.dat
2009-09-04 22:15 . 2007-04-18 09:09 123556 ----a-w- c:\windows\system32\perfc00C.dat
2009-07-31 18:13 . 2009-07-31 18:12 37632 ----a-w- c:\windows\DPUNIN20.EXE
2009-07-31 18:12 . 2009-07-31 18:12 64000 ----a-w- c:\windows\DPINST20.TMP
2009-07-31 12:49 . 2009-07-22 14:47 -------- d-----w- c:\users\Paul\AppData\Roaming\Skype
2009-07-31 12:45 . 2009-07-22 14:49 -------- d-----w- c:\users\Paul\AppData\Roaming\skypePM
2009-07-22 14:49 . 2009-07-22 14:49 56 ---ha-w- c:\programdata\ezsidmv.dat
2009-07-22 14:44 . 2009-07-22 14:44 -------- d-----r- c:\program files\Skype
2009-07-22 14:44 . 2009-07-22 14:44 -------- d-----w- c:\program files\Common Files\Skype
2009-07-22 14:44 . 2009-07-22 14:44 -------- d-----w- c:\programdata\Skype
2009-07-22 09:41 . 2007-10-04 12:43 12978 ----a-w- c:\users\Paul\AppData\Roaming\nvModes.dat
2009-07-18 16:06 . 2009-07-30 13:35 827904 ----a-w- c:\windows\system32\wininet.dll
2009-07-18 16:01 . 2009-07-30 13:35 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-07-18 09:46 . 2009-07-30 13:35 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-16 12:25 . 2007-08-18 00:12 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-09 11:57 . 2009-07-09 11:57 -------- d-----w- c:\program files\SystemRequirementsLab
2009-06-15 15:24 . 2009-07-14 20:40 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 15:20 . 2009-07-14 20:40 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 15:20 . 2009-07-14 20:40 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-06-15 12:52 . 2009-07-14 20:40 289792 ----a-w- c:\windows\system32\atmfd.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"DAEMON Tools"="c:\users\Paul\Desktop\Paul\Progz\Daemon Tools\Setup\DAEMON Tools\daemon.exe" [2005-08-18 860160]
"grwinHyper"="c:\users\Paul\Desktop\Paul\Progz\Dictionnaire - Le Grand Robert De La Langue Francaise v2 (2005)\Setup\grwinHyper.exe" [2008-02-20 1118208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-01 857648]
"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2007-08-18 33136]
"ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2007-08-18 37232]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-02-12 174872]
"WinampAgent"="c:\users\Paul\Desktop\Paul\Progz\Winamp v5.5 (version du 10 10 2007)\Setup Winamp\Winamp\winampa.exe" [2007-12-20 37376]
"avast!"="c:\progra~1\Avast4\ashDisp.exe" [2009-09-06 79224]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 116040]
"Zune Launcher"="c:\users\Paul\Desktop\Paul\Progz\Zune\Setup\ZuneLauncher.exe" [2008-04-29 158624]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-04-28 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-28 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-04-28 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-21 198160]
"QuickTime Task"="c:\users\Paul\Desktop\Paul\Progz\quicktime 4\QTTask.exe" [2009-05-26 413696]
"PowerForPhone"="c:\program files\PowerForPhone\PowerForPhone.exe" [2007-06-26 778240]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-26 161328]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-03-26 1057328]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-04-25 4444160]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-04-13 1822720]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2930117785-1065346422-191770319-1000]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{FD72C13A-3244-4B64-B568-AC90B0F2EE61}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{DB685F9E-272A-460B-8CF4-5413038AC157}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{89B61766-3367-4955-8D02-C535960C86A4}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 6.2
"{3534E84A-6A66-4C12-9378-325C1C2C6545}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 6.2
"{49C89EF8-81AF-4D05-87AB-FB1DF7F51D6E}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 6.2
"{EF49090C-6E1A-4CBD-B3D5-7BDB05362A58}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 6.2
"{E3A95185-410A-4147-822A-8752C22C42C8}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 6.2
"{4152AE69-C32C-4F82-8D34-F2B3F9350372}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 6.2
"TCP Query User{28E395E7-0D38-41A8-948C-DCC190165286}c:\\users\\paul\\desktop\\paul\\progz\\emule\\setup\\emule.exe"= UDP:c:\users\paul\desktop\paul\progz\emule\setup\emule.exe:emule.exe
"UDP Query User{227593D5-286E-4648-8C75-CD05E7C68004}c:\\users\\paul\\desktop\\paul\\progz\\emule\\setup\\emule.exe"= TCP:c:\users\paul\desktop\paul\progz\emule\setup\emule.exe:emule.exe
"{BB905EB3-D74B-4762-8951-081C41849869}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{8FE040C6-6E61-4E59-8FA8-5A97F9D9E83F}c:\\users\\paul\\desktop\\paul\\progz\\azureus v3.0.3.4 janv 2008\\setup\\azureus.exe"= UDP:c:\users\paul\desktop\paul\progz\azureus v3.0.3.4 janv 2008\setup\azureus.exe:azureus.exe
"UDP Query User{2F66AFAD-012B-4FF5-9179-1F3484699004}c:\\users\\paul\\desktop\\paul\\progz\\azureus v3.0.3.4 janv 2008\\setup\\azureus.exe"= TCP:c:\users\paul\desktop\paul\progz\azureus v3.0.3.4 janv 2008\setup\azureus.exe:azureus.exe
"TCP Query User{A6B03D83-7F06-4E5A-BC78-ABF4A9512696}c:\\users\\paul\\desktop\\paul\\progz\\emule\\setup\\emule.exe"= UDP:c:\users\paul\desktop\paul\progz\emule\setup\emule.exe:emule.exe
"UDP Query User{46BC9514-224A-4B68-922A-33AA4AAA6199}c:\\users\\paul\\desktop\\paul\\progz\\emule\\setup\\emule.exe"= TCP:c:\users\paul\desktop\paul\progz\emule\setup\emule.exe:emule.exe
"TCP Query User{DE450AB9-6206-46FC-A1F6-D396B8E0E880}c:\\users\\paul\\desktop\\paul\\progz\\opera\\setup\\opera.exe"= UDP:c:\users\paul\desktop\paul\progz\opera\setup\opera.exe:opera.exe
"UDP Query User{F1F08855-358E-4898-84F4-2D0222C4E954}c:\\users\\paul\\desktop\\paul\\progz\\opera\\setup\\opera.exe"= TCP:c:\users\paul\desktop\paul\progz\opera\setup\opera.exe:opera.exe
"{23C06E34-D5F9-4E53-8680-7A885CD45EFA}"= UDP:c:\users\Paul\Desktop\Paul\Progz\iTunes Oct 2007\Setup\iTunes.exe:iTunes
"{29DC0F98-2FB9-4A87-80E2-470D4921A5B6}"= TCP:c:\users\Paul\Desktop\Paul\Progz\iTunes Oct 2007\Setup\iTunes.exe:iTunes
"TCP Query User{A302E639-7BB4-47FC-AD23-878B6B668573}c:\\users\\paul\\desktop\\paul\\progz\\opera\\setup\\opera.exe"= UDP:c:\users\paul\desktop\paul\progz\opera\setup\opera.exe:opera.exe
"UDP Query User{0DD4C14B-944F-4489-8905-8CFCF850CC29}c:\\users\\paul\\desktop\\paul\\progz\\opera\\setup\\opera.exe"= TCP:c:\users\paul\desktop\paul\progz\opera\setup\opera.exe:opera.exe
"TCP Query User{5C090D65-B517-45CB-8172-660E5C97A363}c:\\users\\paul\\desktop\\paul\\progz\\realplayer11\\setup\\realplay.exe"= UDP:c:\users\paul\desktop\paul\progz\realplayer11\setup\realplay.exe:realplay.exe
"UDP Query User{2593C9A2-6630-4BC8-BE1E-9B2778D84B5F}c:\\users\\paul\\desktop\\paul\\progz\\realplayer11\\setup\\realplay.exe"= TCP:c:\users\paul\desktop\paul\progz\realplayer11\setup\realplay.exe:realplay.exe
"{FD743C75-E946-4053-8E82-02B0FCD7694F}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{DFAAA600-B1C2-4462-A30F-370DF9C917EF}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{DCBEAD33-00BE-460D-8E41-5EC4ED23F7A3}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{4B77F917-9E9B-4367-85C6-B065C55A96BC}c:\\users\\paul\\desktop\\paul\\progz\\azureus v3.0.3.4 janv 2008\\setup\\azureus.exe"= UDP:c:\users\paul\desktop\paul\progz\azureus v3.0.3.4 janv 2008\setup\azureus.exe:azureus.exe
"UDP Query User{D021A9CA-B355-4FDE-9FEB-51AD17AEBAB3}c:\\users\\paul\\desktop\\paul\\progz\\azureus v3.0.3.4 janv 2008\\setup\\azureus.exe"= TCP:c:\users\paul\desktop\paul\progz\azureus v3.0.3.4 janv 2008\setup\azureus.exe:azureus.exe
"TCP Query User{15E799B3-90E7-431D-BAC9-E0312487BADA}c:\\program files\\codemasters\\worms 4 mayhem demo\\worms 4 mayhem demo.exe"= UDP:c:\program files\codemasters\worms 4 mayhem demo\worms 4 mayhem demo.exe:Worms 4 Mayhem Demo
"UDP Query User{36F86CD3-36FE-40C2-996E-3CF3D93D32B4}c:\\program files\\codemasters\\worms 4 mayhem demo\\worms 4 mayhem demo.exe"= TCP:c:\program files\codemasters\worms 4 mayhem demo\worms 4 mayhem demo.exe:Worms 4 Mayhem Demo
"{D39E420A-B066-45A3-A972-A4AC602105F1}"= c:\program files\Skype\Phone\Skype.exe:Skype

R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [19/01/2008 18:53 45648]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\System32\drivers\atl01v32.sys [15/03/2007 08:41 48128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-USBMonitor - c:\users\Paul\Data Doctor USB Activity Monitor - Server_Demo\USBMonitor.exe
HKLM-Run-iTunesHelper - c:\users\Paul\Desktop\Paul\Progz\iTunes Oct 2007\Setup\iTunesHelper.exe

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.fr/
uInternet Settings,ProxyOverride = *.local
IE: &Winamp Toolbar Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: pandasoftware.com\www
Trusted Zone: zebulon.fr\www
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-06 20:20
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
USBMonitor = c:\users\Paul\Data Doctor USB Activity Monitor - Server_Demo\USBMonitor.exe?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

C:\ADSM_PData_0150

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2930117785-1065346422-191770319-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:45,c3,7f,08,dd,37,62,96,15,c2,10,7b,c5,65,b6,a4,d6,62,ba,8f,f5,53,83,
35,8e,85,e9,b3,69,d0,de,4a,bf,c2,77,a5,56,d5,57,cf,0c,30,dd,07,58,83,4b,4b,\
"??"=hex:8f,38,87,ab,37,16,a3,70,d8,a4,e5,27,7f,89,e7,4f

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(3032)
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\audiodg.exe
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\ATK Hotkey\HControl.exe
c:\program files\ATKOSD2\ATKOSD2.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\program files\P4G\BatteryLife.exe
c:\windows\System32\ACEngSvr.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
c:\program files\Nero\Nero 7\InCD\InCDsrv.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
.
**************************************************************************
.
Completion time: 2009-09-06 20:27 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-06 18:27

Pre-Run: 6 509 117 440 octets libres
Post-Run: 6 344 577 024 octets libres

509 --- E O F --- 2009-09-04 09:58

si je suis parti dans une mauvaise direction avec ComboFix hésitez pas à m'indiquer une méthode toute autre ! Je viens de télécharger HiJackThis, je m'en suis pas encore servi
Je n’ai pas encore viré Avast, jsais pas s'il faut le faire?

Merci d'avance pour votre aide !

Afficher la suite

A voir également:

Bagle> Besoin d'aide pour l'analyse rapports
Analyse composant pc - Guide
Analyse disque dur - Télécharger - Informations & Diagnostic
Analyse performance pc - Guide
Échec de l'analyse antivirus. ✓ - Forum Antivirus
Analyse et réparation disque dur externe - Guide