Antivirus n est pas 1Application Win32 valide

Bonjour à tous,

Et bien voilà, je viens également d'etre contaminé par un virus (Baggle?) et , (HONTE A MOI!!), je n'avais pas d'anti virus au moment de l'infection.
J'ai donc evidemment immédiatement tenté d'installer un anti virus mais sans succès.
Soit l'installation n'allait pas jusqu'au bout (erreur de démarrage de service) , soit l'installation d'un autre antivirus allait jusqu'au bout mais il ne se lançait pas au démarrage du PC et envoulant le lancer manuellement, j'ai le message d'erreur " . .. N'est pas une application Win32 valide"
Ne voulant pas rester sur cet échec, j'ai tenté d'autres anti virus gratuits (AVG, Avast) comme payant (Kapersky, Nod32) mais avec toujours ce même message à la clé. ( pas une application Win 32 valide) :-(

En parcourant les conseils prodigués par vos précieux experts (notamment ce post qui semblait avoir le même problème que moi : http://www.commentcamarche.net/forum/affich 6660016 exe n est pas une application win32 valide#0) , combofix avait été conseillé afin de fournir un rapport

J'ai donc fait tourner combofix une fois, et le log indiquait que plusieurs fichiers infectés avaient été supprimés et je pensais donc que le virus était éradiqué (à tort)
J'ai alors retenté l'installation d'antivirus, mais .. . en vain !

J'ai alors relancé une deuxième exécution de combofix et, à mon grand désespoir, de nouveaux fichiers infectés etaient apparus ..

D'habitude, je parviens tjs à me débrouiller seul pour résoudre ce genre de problème mais cette fois-ci, je préfère faire appel a des gens experts en la matière :)
J'espère que vous pourrez m'aider

PS : Je vous joins le dernier log de Combofix (j'ai toujours le 1er log à votre disposition, si vous le voulez)
J'ai essayé de vous fournir un log de Hijackthis, mais pas de bol, là aussi , j'ai le message comme quoi ce n'est pas une application Win32 valide) :-(



ComboFix 08-06-20.4 - Tintino 2008-06-29 21:38:29.2 - [color=red][b]FAT32/b/colorx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1611 [GMT 2:00]
Endroit: C:\Documents and Settings\Tintino\Bureau\Domi.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Tintino\Application Data\m\data.oct
C:\Documents and Settings\Tintino\Application Data\m\list.oct
C:\Documents and Settings\Tintino\Application Data\m\shared
C:\Documents and Settings\Tintino\Application Data\m\shared\Digi].zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Digitalizer for Photoshop 1.24.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Digitalk Easy Recorder 1.4.1.2363.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Digitally Imported Radio 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DigitalMedia IPN Lightweight Label Printer 3.1.1.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DigitalVideo Converter 1.7.0.24.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DigitalWeb NetPatrol 2.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DigitalX Local Keylogger 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DigitByte MPEG Joiner 2.0.0381.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DigitByte Video Converter 3.0.3.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DigitByte WMA to WAV Converter 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DigitByte WMV To Wav Converter 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DigitClock 1.02.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Digiters DVD Cloner 3.6.6.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Digiters DVD to iPhone ConverterDigiters DVD to iPhone Converter 3.6.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Digiters DVD to iPod Converter + Video 3.6.6.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Digiters DVD to iPod Converter 3.6.6.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Digiters DVD to PSP Converter + Video to PSP Converter Suite 3.6.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Digiters DVD to PSP Converter 3.6.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Digiters DVD to Zune Converter 3.6.6.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Digiters Sound Recorder 3.6.6.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Digiters Video to iPhone Converter 3.6.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Digiters Video to iPod Converter 3.6.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Digiters Video to PSP Converter 3.6.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Digiters Video to Zune Converter 3.6.6.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DigitizeIt 1.5.8.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Digitizer 1.1.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Digitope Picture Converter 1.0.16.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DigiTv Full 1.0.6.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DigitWiz 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Digitzone PDF Text Converter 1.3.0.6.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Digitzone PDF to PNG Converter.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Digiview 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DigiWaiter DesktopClient 1.0.100.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DigiWaiter Server 1.31.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DigiWatch 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DigiWeather 1.2.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\digiXMAS Article Submiter 1.0.1.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\digiXMAS Submitter 3.2.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\digsby Build 13706 Beta.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Diino 4.1.1.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Diji Album Editor 7.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Diji Album Viewer 7.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dijkstra Algorithm 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DIKO Free 2.35.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Diko Matrix Creator 1.2.0.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Diktuon 2.0.1.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DILauncher 1.1.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dilbert 1.01.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dilbert Daily 1.0.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DILEMMA 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dilution Wizard 1.0 Beta.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DIManagerX 7.0.0.123 Final.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dimenes 1.5 RF.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dimension 4 5.0.35.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dimension Browser 5.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dimensional Analysis 4.2.2.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dimensions of Culture Software, Hofstede 2.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DimichSoft Advanced File Tracer 1.5.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DimichSoft Mail List Receiver 5.3.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DimichSoft SecurityDog 2.1.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DIMIN HotKeys for Winamp 0.5.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DIMIN HTML Directory Structure Creator 2.4.5.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DIMIN Image Viewer n5 5.2.1.111.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DIMIN irCommander 0.3.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DIMIN OSD 0.3.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DIMIN ShutCountDown 0.0.2.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DIMIN Smart Capturer 0.1.6.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DIMIN Viewer 5.2.5 Build 140.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dimlog 1.3.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dimon - Tinted Glasses 1.0.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DimSaver 2.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dimwit's Dictionary 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DIN Settings Calculator 1.1.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dina Programming Font 2.89.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DinamoMania Analog Clock 1.00.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Ding 1.05.005.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DiningPlus 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dinky AutoComplete Tool 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dinner Timer Lite 1.0.6.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dino Glade 1.3.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dino Glade Advanced 1.39.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dino Icons.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dino Island 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dino ScreenMate 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dinosaur Dystopia 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dinosaur Screensaver 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dinosaur Valley - Animated Screensaver 5.07.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dinosaur Valley - Animated Wallpaper 5.07.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dinosaurs 3D Screensaver 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dinosaurs Art SlideShow 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dinosaurs Toys Icons 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DINT 0.82.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Diogenes 3.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DionOnlineBackup 2.3.3..zip
C:\Documents and Settings\Tintino\Application Data\m\shared\diPacker 1.4.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DiProtector 1.2.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dipstick 3.1.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DipTrace 1.50.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DipTrace Free 1.50.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dir-To-List 1.51.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dir 2 File 1.2.2.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dir Info 2.2.40.73.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dir QuickView 1.61.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dir Utils 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dir2Clpbrd 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\dir2html 1.0.6.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DIR2HTML 1.1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\dir2html 2.7.41.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dir2HTML 3.32.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Dir2XML 0.1.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\dIRC 2.2.0.1.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DirCase 1.0.0.1.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DirCmp 1.0 Build 4.4.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DirCollector 1.0.1.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DirComp 2.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DirCompare 2.1.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DirDate 4.1.2.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\DirDup 1.0g.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Direcscape 1.1.0.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Direct Access 1.6.6.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Direct Audio CD 3.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Direct Audio Converter and CD Ripper 2.0.7.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Direct Audio Recorder 3.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Direct Click 1.0.0.114.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Direct Connect Hub 2.2.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Direct dial XP 4.0.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Direct Draw 1.zip
C:\Documents and Settings\Tintino\Application Data\m\shared\Direct e-mail 1.0.zip
C:\Documents and Settings\Tintino\Application Data\m\srvlist.oct
C:\WINDOWS\system32\drivers\downld
C:\Documents and Settings\Tintino\Application Data\m . . . . Echec de suppression
C:\WINDOWS\system32\drivers\hldrrr.exe . . . . Echec de suppression
C:\WINDOWS\system32\drivers\mdelk.exe . . . . Echec de suppression
C:\WINDOWS\system32\drivers\srosa.sys . . . . Echec de suppression

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-28 to 2008-06-29 ))))))))))))))))))))))))))))))))))))
.

2008-06-29 18:34 . 2008-06-29 18:34 <REP> d-------- C:\Program Files\Trend Micro
2008-06-29 16:19 . 2008-06-29 16:19 <REP> d-------- C:\Program Files\CCleaner
2008-06-29 15:59 . 2008-06-29 15:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-06-29 15:47 . 2008-06-29 15:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-28 23:22 . 2008-06-28 23:22 <REP> d-------- C:\Documents and Settings\Tintino\Application Data\CyberLink
2008-06-28 23:22 . 2008-06-28 23:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-06-28 11:29 . 2008-06-28 11:29 <REP> d-------- C:\Program Files\DJ Mix Pro
2008-06-28 00:51 . 2008-06-28 00:51 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-06-28 00:26 . 2008-06-28 00:26 <REP> d--h----- C:\Documents and Settings\Tintino\Application Data\m
2008-06-28 00:15 . 2008-06-28 00:15 <REP> d-------- C:\Documents and Settings\Tintino\Application Data\MSNInstaller
2008-06-28 00:00 . 2008-06-28 00:00 <REP> d-------- C:\Documents and Settings\Tintino\Application Data\AVGTOOLBAR
2008-06-28 00:00 . 2008-06-28 00:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-06-27 22:56 . 2008-06-27 22:56 34,143 --a------ C:\WINDOWS\system32\drivers\MiniIcpt.sys
2008-06-27 22:56 . 2008-06-27 22:56 29,730 --a------ C:\WINDOWS\system32\drivers\HookCentre.sys
2008-06-11 20:52 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 20:52 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-04 10:30 . 2008-06-04 10:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-04 10:30 . 2007-10-19 20:16 65,536 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-06-04 10:30 . 2007-10-19 20:16 49,152 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-06-04 10:29 . 2008-06-04 10:29 <REP> d-------- C:\Program Files\QuickTime Alternative
2008-06-04 10:13 . 2008-06-22 14:11 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-04 10:13 . 2008-06-04 10:13 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-03 23:01 . 2008-06-03 23:01 <REP> d-------- C:\Documents and Settings\Tintino\iWizz
2008-06-03 22:59 . 2008-06-03 22:59 <REP> d-------- C:\Program Files\iWizz
2008-06-02 22:58 . 2008-06-02 22:58 <REP> d-------- C:\Documents and Settings\Tintino\Application Data\.trackballs
2008-05-29 21:46 . 2008-05-29 21:46 <REP> d-------- C:\Program Files\NewsLeecher
2008-05-29 20:37 . 2008-05-29 20:37 <REP> d-------- C:\Documents and Settings\Tintino\Downloads
2008-05-29 20:37 . 2008-05-29 20:37 <REP> d-------- C:\Documents and Settings\Tintino\Application Data\NewsLeecher

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-29 15:03 70,656 ----a-w C:\WINDOWS\system32\dllcache\sysinfo.exe
2008-06-29 15:03 15,360 ----a-w C:\WINDOWS\system32\dllcache\register.exe
2008-06-27 18:16 98,304 ----a-w C:\WINDOWS\DUMP47d6.tmp
2008-05-26 20:26 4,608 ----a-w C:\WINDOWS\system32\w95inf32.dll
2008-05-26 20:26 2,272 ----a-w C:\WINDOWS\system32\w95inf16.dll
2008-05-26 20:26 --------- d-----w C:\Program Files\Auralog
2008-05-25 19:58 --------- d-----w C:\Documents and Settings\Flo\Application Data\U3
2008-05-25 17:13 --------- d-----w C:\Documents and Settings\Flo\Application Data\IEPro
2008-05-17 09:30 --------- d-----w C:\Documents and Settings\Flo\Application Data\Thunderbird
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\RMCast.sys
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
2008-05-07 04:55 1,294,336 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 04:55 1,294,336 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2008-04-23 20:16 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-04-22 07:41 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-04-22 07:41 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-04-22 07:39 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-04-20 05:07 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
.

((((((((((((((((((((((((((((( snapshot@2008-06-29_18.14.27.68 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-29 16:10:34 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-29 19:49:46 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-29 19:49:56 16,384 ----a-w C:\WINDOWS\Temp\Perflib_Perfdata_13c.dat
+ 2008-06-29 19:50:38 16,384 ----a-w C:\WINDOWS\Temp\Perflib_Perfdata_a20.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 05:00 15360]
"POP Peeper"="C:\Program Files\POP Peeper\POPPeeper.exe" [2008-03-12 00:09 1429504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 13:34 64512]
"preload"="C:\Windows\RUNXMLPL.exe" [2005-05-19 17:09 32768]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-27 02:10 700416]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 20:51 53248]
"AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 14:50 88204 C:\WINDOWS\AGRSMMSG.exe]
"ntiMUI"="C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 17:15 45056]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 05:00 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 05:00 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 05:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 05:00 455168]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-07-20 20:58 7581696]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-07-20 20:58 86016]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 17:56 16261632 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 19:04 2879488 C:\WINDOWS\SkyTel.exe]
"LaunchAp"="C:\Program Files\Launch Manager\LaunchAp.exe" [2005-07-25 13:36 32768]
"LManager"="C:\Program Files\Launch Manager\HotkeyApp.exe" [2006-04-19 15:08 69632]
"CtrlVol"="C:\Program Files\Launch Manager\CtrlVol.exe" [2003-09-16 14:28 20480]
"LMgrOSD"="C:\Program Files\Launch Manager\OSDCtrl.exe" [2005-07-25 10:45 241664]
"Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe" [2006-04-20 09:23 86016]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-03-17 15:00 345088]
"ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-03-30 18:47 421888]
"Boot"="C:\Acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 22:12 579584]
"Acer ePresentation HPD"="C:\Acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-03-31 16:39 204800]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 14:40 413696]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2006-06-23 10:39 225280]
"LogitechCameraAssistant"="C:\Program Files\Acer\OrbiCam\CameraAssistant.exe" [2006-06-26 15:47 331776]
"LogitechVideo[inspector]"="C:\Program Files\Acer\OrbiCam\InstallHelper.exe" [2006-06-26 15:55 73728]
"LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe" [2004-11-01 18:22 262144]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 05:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
"EnableLUA"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [2004-11-23 16:51 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\BINARIES\\HelpCtr.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\CounterPath\\X-Lite\\x-lite.exe"=
"C:\\WINDOWS\\System32\\muzapp.exe"=
"C:\\Documents and Settings\\Tintino\\Application Data\\m\\flec006.exe"=

R1 Hotkey;Hotkey;C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 11:27]
R2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2005-04-22 16:57]
R2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2005-04-22 16:57]
R3 lv321av;Logitech USB PC Camera (VC0321);C:\WINDOWS\system32\DRIVERS\lv321av.sys [2006-06-19 12:20]
R3 LVPrcMon;Logitech LVPrcMon Driver;C:\WINDOWS\system32\drivers\LVPrcMon.sys [2006-06-23 10:40]
S1 Wbutton;Wbutton;C:\WINDOWS\system32\drivers\Wbutton.sys []
S3 GDMnIcpt;GDMnIcpt;C:\WINDOWS\system32\drivers\MiniIcpt.sys [2008-06-27 22:56]
S3 HookCentre;HookCentre;C:\WINDOWS\system32\drivers\HookCentre.sys [2008-06-27 22:56]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]
S4 AVKService;AVK Service;C:\Program Files\G DATA InternetSecurity\AVK\AVKService.exe []
S4 AVKWCtl;Gardien d'AVK;C:\Program Files\G DATA InternetSecurity\AVK\AVKWCtl.exe []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b8399962-559d-11dc-92d8-0018de78e39a}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a

*Newly Created Service* - SROSA
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-29 21:50:43
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Balayage processus cach‚s ...

C:\Documents and Settings\Tintino\Application Data\m\flec006.exe [2980] 0x8969E6B8

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"drvsyskit"="C:\\WINDOWS\\system32\\drivers\\hldrrr.exe"
"mule_st_key"="C:\\Documents and Settings\\Tintino\\Application Data\\m\\flec006.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\srosa]
"ImagePath"="\??\C:\WINDOWS\system32\drivers\srosa.sys"
.
------------------------ Other Running Processes ------------------------
.
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\EVTENG.EXE
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\LOGITECH\LVMVFM\LVPRCSRV.EXE
C:\ACER\EMPOWERING TECHNOLOGY\EPERFORMANCE\MEMCHECK.EXE
C:\WINDOWS\EHOME\EHRECVR.EXE
C:\WINDOWS\EHOME\EHSCHED.EXE
C:\WINDOWS\SYSTEM32\NVSVC32.EXE
C:\PROGRAM FILES\SYMANTEC\LIVEUPDATE\ALUSCHEDULERSVC.EXE
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\REGSRVC.EXE
C:\WINDOWS\SYSTEM32\WBEM\WMIAPSRV.EXE
C:\ACER\EMPOWERING TECHNOLOGY\ELOCK\SERVICE\ELOCKSERV.EXE
C:\WINDOWS\EHOME\MCRDSVC.EXE
C:\WINDOWS\SYSTEM32\DLLHOST.EXE
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\WINDOWS\EHOME\EHMSAS.EXE
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\WINDOWS\SYSTEM32\IMAPI.EXE
.
**************************************************************************
.
Temps d'accomplissement: 2008-06-29 21:54:50 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-29 19:54:38

Pre-Run: 43,296,522,240 octets libres
Post-Run: 42,111,664,128 octets libres

329 --- E O F --- 2008-06-21 11:01:09