Win32 beagle virus attack

Bonsoir,
Je suis arrivé, apres une lutte de 24 heures a executer ComboFix, et HijackThis, j'ai du installer sur une autre partition windows xp, et sur cette installation , j'ai pus executer elibagla-9875, cette action m'a permis ensuite de pouvoir installer kaspersky , une trial version, spyboot egalement sur l'ancienne istallation de windows; ces deux logitiels ont indiqués plusieurs problemes du a ce virus win32 win32.Beagle, ils ont pus corriger certains problemes , j'ai pus ensuite installer sp3 , je retrouve un fonctionnement quasi normal du fonctionnement de mon pc
voici les rapports de conmbofix et HijackThis
merci de me dire si mon Pc est encore infecté ou non


ComboFix 08-06-12.2 - user 06/14/2008 21:01:59.1 - NTFSx86
Microsoft Windows XP Edition familiale 5.1.2600.3.1256.1.1036.18.276 [GMT 2:00]
Endroit: C:\Documents and Settings\user\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red]AVERTISSEMENT - LA CONSOLE DE RةCUPةRATION N'EST PAS INSTALLةE SUR CETTE MACHINE !!/color
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\A2\real.txt
C:\Documents and Settings\user\real.txt
C:\WINDOWS\explorer.exe.tmp
C:\WINDOWS\system32\drivers\downld
C:\WINDOWS\system32\drivers\downld\14496937.exe
C:\WINDOWS\system32\drivers\downld\14553796.exe
C:\WINDOWS\system32\drivers\downld\14659296.exe
C:\WINDOWS\system32\drivers\downld\14673015.exe
C:\WINDOWS\system32\drivers\downld\14685593.exe
C:\WINDOWS\system32\drivers\downld\14695187.exe
C:\WINDOWS\system32\drivers\downld\607296.exe
C:\WINDOWS\system32\drivers\downld\625515.exe
C:\WINDOWS\system32\drivers\downld\67281.exe
C:\WINDOWS\system32\drivers\downld\70218.exe
C:\WINDOWS\system32\drivers\downld\71906.exe
C:\WINDOWS\system32\drivers\downld\72265.exe
C:\WINDOWS\system32\real.txt

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-14 to 2008-06-14 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier cr‚‚ dans cet espace de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-14 19:59 --------- d-----w C:\Program Files\MSN Messenger
2008-06-14 19:08 --------- d-----w C:\Documents and Settings\user\Application Data\OpenOffice.org2
2008-06-14 19:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-06-14 19:05 5,641,248 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-14 19:05 47,248 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-06-14 19:05 458,784 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-06-14 19:05 4,744 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-06-14 19:00 --------- d-----w C:\Documents and Settings\user\Application Data\Free Download Manager
2008-06-14 18:57 96,966 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-06-14 18:57 88,774 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-06-14 18:39 --------- d-----w C:\Program Files\Kaspersky Lab
2008-06-14 18:32 --------- d-----w C:\Program Files\Secunia
2008-06-14 12:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-14 12:08 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-06-14 04:16 --------- d-----w C:\Program Files\SuperCopier2
2008-06-14 04:15 --------- d-----w C:\Program Files\MP3 WAV Converter
2008-06-14 04:13 --------- d-----w C:\Program Files\BearFlix
2008-06-13 10:25 --------- d-----w C:\Program Files\Lavasoft
2008-06-13 10:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-13 10:24 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-06-12 21:18 78,415 ----a-w C:\WINDOWS\system32\drivers\klif.cab
2008-06-12 21:15 --------- d-----w C:\Documents and Settings\A3\Application Data\OpenOffice.org2
2008-06-12 11:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-06-12 10:34 --------- d-----w C:\Program Files\McAfee
2008-06-12 06:01 74,752 ----a-w C:\WINDOWS\ST6UNST.EXE
2008-06-12 06:01 290,816 ------w C:\WINDOWS\Setup1.exe
2008-06-11 18:52 --------- d-----w C:\Documents and Settings\user\Application Data\Skype
2008-06-11 14:03 --------- d-----w C:\Documents and Settings\user\Application Data\skypePM
2008-06-11 12:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-06-11 06:57 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-06-11 06:53 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-06-11 06:52 --------- d-----w C:\Program Files\Skype
2008-06-11 06:52 --------- d-----w C:\Program Files\Fichiers communs\Skype
2008-06-11 06:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype
2008-06-10 13:40 --------- d-----w C:\Program Files\eMule
2008-06-10 13:38 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-10 10:56 --------- d-----w C:\Program Files\Windows Live
2008-06-10 10:50 --------- d-----w C:\Program Files\SatelliteTVforPC
2008-06-09 19:40 --------- d-----w C:\Program Files\Apple Software Update
2008-06-09 19:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-06-09 16:29 --------- d-----w C:\Documents and Settings\user\Application Data\AdobeUM
2008-06-09 06:49 --------- d-----w C:\Program Files\Nod32
2008-06-08 22:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-08 12:42 --------- d-----w C:\Documents and Settings\A2\Application Data\Apple Computer
2008-06-06 20:11 --------- d-----w C:\Program Files\@Last Software
2008-06-06 20:07 --------- d-----w C:\Program Files\Google
2008-06-01 23:38 --------- d-----w C:\Program Files\Eduserv
2008-05-31 13:12 --------- d-----w C:\Program Files\nLite
2008-05-30 12:03 1,483 ----a-w C:\Program Files\uninstal.log
2008-05-30 11:32 --------- d-----w C:\Program Files\VideoLAN
2008-05-30 06:24 1,248 ----a-w C:\vlxjaw3o.sys
2008-05-24 19:51 --------- d-----w C:\Program Files\Automate unDRM
2008-05-23 21:04 --------- d-----w C:\Documents and Settings\A2\Application Data\vlc
2008-05-18 01:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-05-18 01:38 --------- d-----w C:\Program Files\TP
2008-05-17 18:21 --------- d-----w C:\Program Files\Ligos
2008-05-17 18:17 36,734 ----a-w C:\WINDOWS\system32\OggDSuninst.exe
2008-05-17 18:17 --------- d-----w C:\Program Files\NimoCodec Pack
2008-05-17 18:17 --------- d-----w C:\Program Files\ffdshow
2008-05-17 18:15 --------- d-----w C:\Program Files\AC3Filter
2008-05-17 11:21 --------- d-----w C:\Documents and Settings\A1\Application Data\Ulead Systems
2008-05-17 07:54 --------- d-----w C:\Documents and Settings\A2\Application Data\Ulead Systems
2008-05-17 07:17 --------- d-----w C:\Documents and Settings\A3\Application Data\Ulead Systems
2008-05-16 17:40 --------- d-----w C:\Program Files\QuickTime
2008-05-16 17:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-05-16 09:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-05-14 16:31 --------- d-----w C:\Program Files\UIU
2008-05-13 21:03 --------- d-----w C:\Documents and Settings\user\Application Data\Apple Computer
2008-05-13 20:48 --------- d-----w C:\Documents and Settings\user\Application Data\Ulead Systems
2008-05-13 20:33 --------- d-----w C:\Program Files\Intel
2008-05-13 20:30 --------- d-----w C:\Program Files\SmartSound Software
2008-05-13 20:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
2008-05-13 20:28 --------- d-----w C:\Program Files\Windows Media Components
2008-05-13 20:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield
2008-05-13 20:27 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-05-13 17:55 --------- d-----w C:\Documents and Settings\user\Application Data\BSplayer Pro
2008-05-13 17:50 --------- d-----w C:\Program Files\FLVPlayer
2008-05-11 08:26 --------- d-----w C:\Documents and Settings\A2\Application Data\DivX
2008-05-08 14:02 203,136 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:11 1,294,336 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-05 22:09 --------- d-----w C:\Program Files\Macromedia
2008-05-01 09:18 --------- d-----w C:\Program Files\beausoft
2008-05-01 09:12 --------- d-----w C:\Program Files\Cracklock
2008-04-30 21:34 --------- d-----w C:\Program Files\Fichiers communs\xing shared
2008-04-30 21:34 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-04-30 21:33 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-04-30 21:33 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-04-30 21:33 --------- d-----w C:\Program Files\Real
2008-04-30 15:41 --------- d-----w C:\Program Files\ImTOO
2008-04-29 21:38 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-04-29 16:35 --------- d-----w C:\Program Files\YesMessenger
2008-04-29 09:20 15,648 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2008-04-29 09:19 15,648 ----a-w C:\WINDOWS\system32\drivers\Awrtrd.sys
2008-04-29 09:19 12,960 ----a-w C:\WINDOWS\system32\drivers\Awrtpd.sys
2008-04-27 16:22 --------- d-----w C:\Program Files\DivX
2008-04-27 08:26 --------- d-----w C:\Program Files\Java
2008-04-27 08:22 --------- d-----w C:\Program Files\CAPCOM
2008-04-27 06:01 --------- d-----w C:\Program Files\Ubisoft
2008-04-25 16:22 206,088 ----a-w C:\WINDOWS\system32\klogon.dll
2008-04-25 16:21 26,964 ----a-w C:\WINDOWS\system32\drivers\klopp.dat
.
[code]<pre>
----a-w 22,918,720 2007-07-21 16:16:37 C:\Program Files\eMule\Incoming\antivirus\(kav) kaspersky anti virus 7.0.0.125 fr + licence key\kav7.0.0.125fr .exe
</pre>/code


((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
04/25/2008 06:22 PM 62728 --a------ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [04/13/2008 07:34 PM 15360]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 11:43 AM 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [03/07/2005 09:33 PM 53248 C:\WINDOWS\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [10/31/2005 10:15 PM 163840 C:\WINDOWS\system32\VTTrayp.exe]
"SoundMan"="SOUNDMAN.EXE" [03/01/2006 10:22 AM 577536 C:\WINDOWS\soundman.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM 144784]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [06/25/2003 12:24 PM 49152]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [10/23/2003 08:51 PM 233472]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe" [07/28/2003 03:43 PM 188416]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [10/22/2006 02:22 PM 7700480]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [10/22/2006 02:22 PM 86016]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [04/30/2008 11:33 PM 185896]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [03/28/2008 11:37 PM 413696]
"PremierOpinion"="C:\Program Files\PremierOpinion\pmropn.exe" [ ]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [04/25/2008 06:21 PM 201992]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [04/13/2008 07:34 PM 15360]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [06/11/2008 03:29 PM 5674352]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PremierOpinion]
C:\Program Files\PremierOpinion\pmls.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.JPGL"= jpgl.dll
"msacm.divxa32"= DivXa32.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Metacafe.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Metacafe.lnk
backup=C:\WINDOWS\pss\Metacafe.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^user^Menu Démarrer^Programmes^Démarrage^Metacafe.lnk]
path=C:\Documents and Settings\user\Menu Démarrer\Programmes\Démarrage\Metacafe.lnk
backup=C:\WINDOWS\pss\Metacafe.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
C:\Program Files\AdVantage\AdVantage.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amva]
C:\WINDOWS\system32\amvo.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearFlix]
C:\Program Files\BearFlix\BearFlix.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flash Media]
C:\WINDOWS\system32\% %% %^%^% ^^%% %^^^ ^ ^%%^% ^^% ^.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
--a------ 08/21/2006 01:24 AM 2068527 C:\Program Files\Free Download Manager\fdm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 04/13/2008 07:34 PM 1695232 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a--c--- 10/22/2006 02:22 PM 1622016 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PremierOpinion]
C:\Program Files\PremierOpinion\pmropn.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\runner1]
C:\WINDOWS\mrofinu1423.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=
"C:\\Program Files\\eMule\\eMule.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [01/29/2008 06:29 PM]
R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [02/23/2006 05:38 AM]
R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys [02/23/2006 05:39 AM]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\WINDOWS\system32\DRIVERS\klfltdev.sys [03/13/2008 07:02 PM]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [03/25/2008 08:07 PM]
S3 DCamUSBNW802;Mustek Wcam 300;C:\WINDOWS\system32\DRIVERS\pcam.sys [07/24/2001 08:50 PM]
S3 PSI;PSI;C:\WINDOWS\system32\DRIVERS\psi_mf.sys [04/23/2008 01:56 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{66442c35-2104-11dd-99fb-0019213a951c}]
\Shell\??\command - D:\taipingtianguov1.1.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL taipingtianguov1.1.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b4afdfaf-da4f-11dc-ad0c-806d6172696f}]
\Shell\AutoRun\command - H:\x.com
\Shell\explore\Command - H:\x.com
\Shell\open\Command - H:\x.com

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-06-09 19:40:58 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-14 21:07:42
Windows 5.1.2600 Service Pack 3 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succٹs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Secunia\PSI (RC2)\psi.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.bin
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Temps d'accomplissement: 06/14/2008 21:10:48 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-14 19:10:43

Pre-Run: 2,503,217,152 octets libres
Post-Run: 2,682,966,016 octets libres

267 --- E O F --- 2008-06-14 15:42:20




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:08:16, on 14-06-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Secunia\PSI (RC2)\psi.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PremierOpinion] C:\Program Files\PremierOpinion\pmropn.exe -boot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Startup: Secunia PSI (RC2).lnk = C:\Program Files\Secunia\PSI (RC2)\psi.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: PremierOpinion - C:\Program Files\PremierOpinion\pmls.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe