Vundo Ge impossible à enlever.. aidez moi svp

Bonjour,
j'ai un gros probléme avec le trojan vundo ge que antivir repère dans le fichier systeme32\wvwwv.dll mais qu'il est impossible de mettre en quarantaine ou d'effacer.
Curieusement vundofix le trouve dans mljgdaw.dll...
Je suis dans l'obligation de désactiver mon antivirus antivir pour ne pas avoir des messages intempestifs m'indiquant que je suis infecté.
Suivant les conseils donnés dans votre forum, j'ai effectué vundofix, virtumundo et combofix.
Je vous joins les rapports. en espérant que vous pourrez me dépanner pour éradiquer ce logiciel génant terriblement mon activité professionelle.
Merci à vous par avance.

Vundofix
VundoFix V6.7.7

Checking Java version...

Scan started at 02:56:36 27/12/2007

Listing files found while scanning....

C:\WINDOWS\system32\mljgdaw.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\mljgdaw.dll
C:\WINDOWS\system32\mljgdaw.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Virtumundo

[12/27/2007, 3:41:09] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Joly\Local Settings\Temporary Internet Files\Content.IE5\WVSXCD4J\VirtumundoBeGone[1].exe" )
[12/27/2007, 3:41:18] - Detected System Information:
[12/27/2007, 3:41:18] - Windows Version: 5.1.2600, Service Pack 2
[12/27/2007, 3:41:18] - Current Username: Joly (Admin)
[12/27/2007, 3:41:18] - Windows is in NORMAL mode.
[12/27/2007, 3:41:18] - Searching for Browser Helper Objects:
[12/27/2007, 3:41:18] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[12/27/2007, 3:41:18] - BHO 2: {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} (Download Manager Browser Helper Object)
[12/27/2007, 3:41:18] - BHO 3: {5C51A58C-15C3-4151-9C2D-98DB5C4A2B6D} ()
[12/27/2007, 3:41:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/27/2007, 3:41:18] - Checking for HKLM\...\Winlogon\Notify\wvwwv
[12/27/2007, 3:41:18] - Key not found: HKLM\...\Winlogon\Notify\wvwwv, continuing.
[12/27/2007, 3:41:18] - BHO 4: {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} ()
[12/27/2007, 3:41:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/27/2007, 3:41:18] - Checking for HKLM\...\Winlogon\Notify\mljgdaw
[12/27/2007, 3:41:18] - Found: HKLM\...\Winlogon\Notify\mljgdaw - This is probably Virtumundo.
[12/27/2007, 3:41:18] - Assigning {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} MSEvents Object
[12/27/2007, 3:41:18] - BHO list has been changed! Starting over...
[12/27/2007, 3:41:18] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[12/27/2007, 3:41:18] - BHO 2: {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} (Download Manager Browser Helper Object)
[12/27/2007, 3:41:18] - BHO 3: {5C51A58C-15C3-4151-9C2D-98DB5C4A2B6D} ()
[12/27/2007, 3:41:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/27/2007, 3:41:18] - Checking for HKLM\...\Winlogon\Notify\wvwwv
[12/27/2007, 3:41:18] - Key not found: HKLM\...\Winlogon\Notify\wvwwv, continuing.
[12/27/2007, 3:41:18] - BHO 4: {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} (MSEvents Object)
[12/27/2007, 3:41:18] - ALERT: Found MSEvents Object!
[12/27/2007, 3:41:18] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[12/27/2007, 3:41:18] - BHO 6: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[12/27/2007, 3:41:18] - BHO 7: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[12/27/2007, 3:41:18] - Finished Searching Browser Helper Objects
[12/27/2007, 3:41:18] - *** Detected MSEvents Object
[12/27/2007, 3:41:18] - Trying to remove MSEvents Object...
[12/27/2007, 3:41:19] - Terminating Process: IEXPLORE.EXE
[12/27/2007, 3:41:19] - Terminating Process: RUNDLL32.EXE
[12/27/2007, 3:41:20] - Disabling Automatic Shell Restart
[12/27/2007, 3:41:20] - Terminating Process: EXPLORER.EXE
[12/27/2007, 3:41:20] - Suspending the NT Session Manager System Service
[12/27/2007, 3:41:20] - Terminating Windows NT Logon/Logoff Manager
[12/27/2007, 3:41:21] - Re-enabling Automatic Shell Restart
[12/27/2007, 3:41:21] - File to disable: C:\WINDOWS\system32\mljgdaw.dll
[12/27/2007, 3:41:21] - Renaming C:\WINDOWS\system32\mljgdaw.dll -> C:\WINDOWS\system32\mljgdaw.dll.vir
[12/27/2007, 3:41:21] - File successfully renamed!
[12/27/2007, 3:41:21] - Removing HKLM\...\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
[12/27/2007, 3:41:21] - Removing HKCR\CLSID\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
[12/27/2007, 3:41:21] - Adding Kill Bit for ActiveX for GUID: {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
[12/27/2007, 3:41:21] - Deleting ATLEvents/MSEvents Registry entries
[12/27/2007, 3:41:21] - Removing HKLM\...\Winlogon\Notify\mljgdaw
[12/27/2007, 3:41:22] - Searching for Browser Helper Objects:
[12/27/2007, 3:41:22] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[12/27/2007, 3:41:22] - BHO 2: {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} (Download Manager Browser Helper Object)
[12/27/2007, 3:41:22] - BHO 3: {5C51A58C-15C3-4151-9C2D-98DB5C4A2B6D} ()
[12/27/2007, 3:41:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/27/2007, 3:41:22] - Checking for HKLM\...\Winlogon\Notify\wvwwv
[12/27/2007, 3:41:22] - Key not found: HKLM\...\Winlogon\Notify\wvwwv, continuing.
[12/27/2007, 3:41:22] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[12/27/2007, 3:41:22] - BHO 5: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[12/27/2007, 3:41:22] - BHO 6: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[12/27/2007, 3:41:22] - Finished Searching Browser Helper Objects
[12/27/2007, 3:41:22] - Finishing up...
[12/27/2007, 3:41:22] - A restart is needed.
[12/27/2007, 3:41:29] - Attempting to Restart via STOP error (Blue Screen!)

et combofix
ComboFix 07-12-21.4 - Joly 2007-12-27 4:13:11.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.474 [GMT 1:00]
Running from: C:\Documents and Settings\Joly\Local Settings\Temporary Internet Files\Content.IE5\WVSXCD4J\ComboFix[1].exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Bureau\webmediaplayer.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes.\WebMediaPlayer
C:\Documents and Settings\All Users\Menu Démarrer\Programmes.\WebMediaPlayer\Conditions générales.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes.\WebMediaPlayer\Confidentialité.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes.\WebMediaPlayer\WebMediaPlayer.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes.\WebMediaPlayer\Website.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Conditions générales.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Confidentialité.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\WebMediaPlayer.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Website.lnk
c:\Documents and Settings\Joly\Local Settings\Application Data\nfmbvwew.dat
C:\Documents and Settings\Joly\Local Settings\Application Data\nfmbvwew.exe
c:\Documents and Settings\Joly\Local Settings\Application Data\nfmbvwew_nav.dat
c:\Documents and Settings\Joly\Local Settings\Application Data\nfmbvwew_navps.dat
C:\Program Files\webmediaplayer
C:\Program Files\webmediaplayer\Conditions générales.url
C:\Program Files\webmediaplayer\Confidentialité.url
C:\Program Files\webmediaplayer\resources\languages_v2.xml
C:\Program Files\webmediaplayer\resources\webmedias
C:\Program Files\webmediaplayer\skins\classic.skn
C:\Program Files\webmediaplayer\sqlite3.dll
C:\Program Files\webmediaplayer\uninst.exe
C:\Program Files\webmediaplayer\WebMediaPlayer.exe
C:\Program Files\webmediaplayer\Website.url
C:\WINDOWS\system32\nvs2.inf

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-27 to 2007-12-27 ))))))))))))))))))))))))))))))))))))
.

2007-12-27 02:56 . 2007-12-27 02:56 <REP> d-------- C:\VundoFix Backups
2007-12-27 02:37 . 2007-12-27 02:37 <REP> d-------- C:\Program Files\Spyware-Secure
2007-12-26 15:57 . 2007-12-26 15:57 <REP> d-------- C:\Documents and Settings\Joly\Application Data\Apple Computer
2007-12-25 00:53 . 2007-12-25 00:53 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-24 23:58 . 2007-12-24 23:58 <REP> d-------- C:\WINDOWS\report
2007-12-24 23:57 . 2007-12-24 23:44 40,242,225 --a------ C:\WINDOWS\LPT$VPN.905
2007-12-24 23:44 . 2007-12-24 23:44 <REP> d-------- C:\WINDOWS\AU_Backup
2007-12-24 23:44 . 2007-12-24 23:44 40,242,225 --a------ C:\WINDOWS\VPTNFILE.905
2007-12-24 23:44 . 2007-12-24 23:44 1,906,226 --a------ C:\WINDOWS\tsc.ptn
2007-12-24 23:44 . 2007-12-24 23:44 1,163,344 --a------ C:\WINDOWS\vsapi32.dll
2007-12-24 23:44 . 2007-12-24 23:44 267,845 --a------ C:\WINDOWS\tsc.exe
2007-12-24 23:44 . 2007-12-24 23:44 86,094 --a------ C:\WINDOWS\BPMNT.dll
2007-12-24 23:44 . 2007-12-24 23:44 71,749 --a------ C:\WINDOWS\hcextoutput.dll
2007-12-24 23:44 . 2007-12-24 23:59 823 --a------ C:\WINDOWS\tsc.ini
2007-12-24 23:40 . 2007-12-24 23:44 <REP> d-------- C:\WINDOWS\AU_Temp
2007-12-24 23:40 . 2007-12-24 23:40 <REP> d-------- C:\WINDOWS\AU_Log
2007-12-24 23:40 . 2007-12-24 23:40 170 --a------ C:\WINDOWS\GetServer.ini
2007-12-24 23:39 . 2007-12-24 23:39 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
2007-12-24 23:39 . 2007-12-24 23:39 286,720 --a------ C:\WINDOWS\PATCH.EXE
2007-12-24 23:39 . 2007-12-24 23:39 69,689 --a------ C:\WINDOWS\UNZIP.DLL
2007-12-24 08:42 . 2007-12-24 08:42 15 --a------ C:\WINDOWS\system32\90c6198b
2007-12-23 11:39 . 2007-12-26 13:00 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-23 11:39 . 2007-12-23 11:39 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-20 20:39 . 2007-12-27 04:21 9,486 --ahs---- C:\WINDOWS\system32\vwwvw.ini
2007-12-20 20:39 . 2007-12-27 04:19 9,384 --ahs---- C:\WINDOWS\system32\vwwvw.ini2
2007-12-20 20:04 . 2007-12-23 01:26 314,624 --------- C:\WINDOWS\system32\wvwwv.dll
2007-12-20 19:58 . 2007-12-20 19:58 24,304 --a------ C:\WINDOWS\system32\mljgdaw.dll.vir
2007-12-20 19:56 . 2007-12-20 19:56 <REP> d-------- C:\WINDOWS\Sun

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-27 01:22 --------- d-----w C:\Program Files\Mindscape
2007-12-27 01:21 --------- d-----w C:\Program Files\eMule
2007-12-27 01:21 --------- d-----w C:\Program Files\Azureus
2007-12-26 19:05 --------- d-----w C:\Documents and Settings\Joly\Application Data\Azureus
2007-12-25 02:10 --------- d-----w C:\Program Files\Everest Poker
2007-12-24 22:37 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-19 07:22 --------- d-----w C:\Program Files\Google
2007-12-17 19:30 --------- d-----w C:\Program Files\Java
2007-11-25 23:38 --------- d-----w C:\Documents and Settings\Joly\Application Data\Nokia Multimedia Player
2007-11-25 20:55 --------- d-----w C:\Documents and Settings\Joly\Application Data\PC Suite
2007-11-25 20:52 --------- d-----w C:\Documents and Settings\Joly\Application Data\Nokia
2007-11-25 20:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
2007-11-25 20:41 --------- d-----w C:\Program Files\Fichiers communs\Nokia
2007-11-25 20:40 --------- d-----w C:\Program Files\Nokia
2007-11-25 20:40 --------- d-----w C:\Program Files\Fichiers communs\PCSuite
2007-11-25 20:39 --------- d-----w C:\Program Files\DIFX
2007-11-25 20:36 --------- d-----w C:\Program Files\PC Connectivity Solution
2007-11-25 20:36 --------- d-----w C:\Program Files\7-Zip
2007-11-25 20:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2007-11-25 14:03 --------- d-----w C:\Program Files\Panda Security
2007-11-25 13:11 --------- d-----w C:\Documents and Settings\Joly\Application Data\DivX
2007-11-25 13:07 --------- d-----w C:\Program Files\DivX
2007-11-25 10:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Azureus
2007-11-17 15:24 --------- d-----w C:\Program Files\QuickTime
2007-11-17 15:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-11 13:02 283,648 ----a-w C:\WINDOWS\uninst.exe
2007-11-11 10:48 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-11-08 16:12 --------- d-----w C:\Program Files\IncrediMail
2007-11-04 10:05 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
2007-11-03 18:25 --------- d-----w C:\Program Files\Microsoft ActiveSync
2007-11-03 17:54 --------- d-----w C:\Program Files\Fichiers communs\ODBC
2007-10-20 00:56 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-10-20 00:56 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-10-20 00:56 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-10-20 00:56 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2007-10-20 00:56 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-10-20 00:56 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-10-20 00:56 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-10-20 00:54 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-10-20 00:54 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-10-20 00:54 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-10-20 00:54 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-10-20 00:54 739,840 ----a-w C:\WINDOWS\system32\DivX.dll
2007-10-20 00:54 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-10-18 09:06 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-10-18 09:03 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-10-18 09:03 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-10-18 09:03 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-10-18 09:03 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-10-18 09:03 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-10-18 09:03 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-10-18 09:02 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2004-10-01 13:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{09ADA475-622F-45F7-A4DA-22D688460D19}]
2007-12-23 01:26 314624 --------- C:\WINDOWS\system32\wvwwv.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24]
"CanalPlayer"="C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe" []
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2005-08-05 14:01]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-20 23:38]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-19 15:10 C:\WINDOWS\system32\rundll32.exe]
"CanalPlayer"="C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe" []
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-10-11 14:53]
"SetIcon"="\Program Files\SMSC\Seticon.exe" [2004-04-28 13:02]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" []
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-19 01:18]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-08-12 19:06]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15:09]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\wvwwv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Docteur Club Internet.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Docteur Club Internet.lnk
backup=C:\WINDOWS\pss\Docteur Club Internet.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJCFD]
C:\Program Files\BroadJump\Client Foundation\CFD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RecoverFromReboot]
C:\WINDOWS\Temp\RecoverFromReboot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 19:24 32768 --a------ C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Workflow]
D:\install\Workflow.exe

R2 EAPPkt;Realtek EAPPkt Protocol;C:\WINDOWS\system32\DRIVERS\EAPPkt.sys [2005-04-01 09:42]
R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\wg111v2.sys [2005-04-21 12:33]
R3 SjyPkt;SjyPkt;C:\WINDOWS\System32\Drivers\SjyPkt.sys [2002-10-02 07:57]
S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys [2005-01-27 21:24]
S3 W8335XP;IEEE 802.11g Wireless Cardbus/PCI Adapter HW51;C:\WINDOWS\system32\DRIVERS\Mrv8000c.sys [2004-12-24 07:43]

.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-27 04:20:55
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\WINDOWS\system32\wvwwv.dll

PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2900.2180]
-> C:\WINDOWS\system32\wvwwv.dll
.
Completion time: 2007-12-27 4:22:28 - machine was rebooted