les pub reviennent (5/6)

ComboFix 08-03-03.12 - Utilisateur 2008-03-03 15:28:35.2 - NTFSx86

Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1573 [GMT 1:00]

Endroit: C:\Documents and Settings\Utilisateur\Bureau\ComboFix.exe

Command switches used :: C:\Documents and Settings\Utilisateur\Bureau\CFScript.txt

* Création d'un nouveau point de restauration

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]

FILE ::

C:\Program Files\ContextAdvisor\ContextAdvisor-2.dll

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Program Files\ContextAdvisor

C:\Program Files\ContextAdvisor\ContextAdvisor.dat

C:\Program Files\ContextAdvisor\pcre3.dll

C:\Program Files\ContextAdvisor\uninstall.exe

C:\Program Files\PlayMP3z

C:\Program Files\PlayMP3z\uninstall.exe

.

((((((((((((((((((((((((((((( Fichiers créés 2008-02-03 to 2008-03-03 ))))))))))))))))))))))))))))))))))))

.

2008-03-03 15:27 . 2004-08-19 15:09 400,896 --a------ C:\CF31748.exe

2008-03-03 13:06 . 2008-03-03 13:06 279 --a------ C:\Raccourci vers Disque local (C).lnk

2008-03-03 12:56 . 2008-03-03 12:56 <REP> d-------- C:\_OTMoveIt

2008-03-02 16:13 . 2008-03-02 16:13 <REP> d-------- C:\Documents and Settings\rafa\Application Data\ATI

2008-03-02 16:12 . 2008-02-14 00:08 <REP> d--h----- C:\Documents and Settings\rafa\Voisinage réseau

2008-03-02 16:12 . 2008-02-14 00:08 <REP> d--h----- C:\Documents and Settings\rafa\Voisinage d'impression

2008-03-02 16:12 . 2008-02-13 23:12 <REP> d--h----- C:\Documents and Settings\rafa\Modèles

2008-03-02 16:12 . 2008-03-02 16:12 <REP> dr------- C:\Documents and Settings\rafa\Mes documents

2008-03-02 16:12 . 2008-02-14 00:08 <REP> dr------- C:\Documents and Settings\rafa\Menu Démarrer

2008-03-02 16:12 . 2008-03-02 16:12 <REP> dr------- C:\Documents and Settings\rafa\Favoris

2008-03-02 16:12 . 2008-02-14 00:08 <REP> d-------- C:\Documents and Settings\rafa\Bureau

2008-03-02 15:37 . 2008-03-02 15:37 0 --a------ C:\WINDOWS\nsreg.dat

2008-03-02 14:12 . 2008-03-03 13:03 <REP> d-------- C:\Program Files\Navilog1

2008-03-02 13:32 . 2008-03-02 15:09 <REP> d-------- C:\Program Files\Spybot - Search & Destroy

2008-03-02 13:32 . 2008-03-02 15:09 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

2008-03-02 11:18 . 2008-03-02 11:18 <REP> d-------- C:\Documents and Settings\Utilisateur\Application Data\Media Player Classic

2008-03-02 11:16 . 2008-03-02 15:09 <REP> d-------- C:\Program Files\Combined Community Codec Pack

2008-03-02 10:44 . 2008-03-02 10:44 <REP> d-------- C:\Documents and Settings\Utilisateur\Application Data\BitDefender

2008-03-02 01:21 . 2008-03-02 01:21 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab

2008-03-02 01:19 . 2008-03-02 01:19 <REP> d-------- C:\Program Files\BitDefender

2008-03-02 01:19 . 2008-03-02 15:00 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender

2008-03-02 01:18 . 2008-03-02 01:18 <REP> d-------- C:\WINDOWS\system32\ActiveScan

2008-03-02 01:18 . 2008-03-02 01:18 30,590 --a------ C:\WINDOWS\system32\pavas.ico

2008-03-02 01:18 . 2008-03-02 01:18 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico

2008-03-02 01:18 . 2008-03-02 01:18 1,406 --a------ C:\WINDOWS\system32\Help.ico

2008-03-02 01:17 . 2008-03-02 15:12 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender

2008-03-02 00:41 . 2008-03-02 21:46 <REP> d-------- C:\WINDOWS\BDOSCAN8

2008-03-02 00:37 . 2008-03-02 00:38 <REP> d-------- C:\Documents and Settings\Utilisateur\.housecall6.6

2008-03-02 00:36 . 2008-03-02 00:36 <REP> d-------- C:\WINDOWS\Sun

2008-02-29 17:29 . 2008-02-29 17:29 <REP> d-------- C:\Program Files\Stardock

2008-02-29 17:29 . 2007-05-26 12:34 42,672 --------- C:\WINDOWS\system32\wbsys.dll

2008-02-28 12:59 . 2008-02-28 12:59 <REP> d-------- C:\Program Files\PhotoFiltre Studio

2008-02-28 12:59 . 2008-02-28 12:59 45 ---h----- C:\WINDOWS\dsez2077.dat

2008-02-26 23:52 . 2008-02-26 23:52 <REP> d-------- C:\Documents and Settings\Utilisateur\AVTmpDir

2008-02-26 23:29 . 2008-02-26 23:29 385 --a------ C:\temp.dat

2008-02-26 22:46 . 2008-02-29 19:46 5,120 --a------ C:\graph.grf

2008-02-26 22:39 . 2008-02-29 19:43 <REP> d-------- C:\Program Files\AV WebCam Morpher

2008-02-26 17:28 . 2008-02-26 17:28 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition

2008-02-23 23:00 . 2008-02-23 23:00 <REP> d-------- C:\Program Files\FBrowsingAdvisor

2008-02-23 23:00 . 2008-02-23 23:00 <REP> d-------- C:\Program Files\FBrowserAdvisor

2008-02-23 23:00 . 2006-04-14 23:05 9,952 --a------ C:\regxpcom.exe

2008-02-23 19:38 . 2008-02-25 12:32 <REP> d-------- C:\Documents and Settings\Utilisateur\Application Data\LimeWire

2008-02-23 19:37 . 2008-02-23 19:37 <REP> d-------- C:\Program Files\Java

2008-02-23 19:37 . 2007-12-14 01:59 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl

2008-02-23 19:36 . 2008-02-29 16:30 <REP> d-------- C:\Program Files\LimeWire

2008-02-23 19:36 . 2008-02-23 19:36 <REP> d-------- C:\Program Files\Fichiers communs\Java

2008-02-23 00:12 . 2008-02-23 00:44 <REP> d-------- C:\Program Files\Changer XP

2008-02-22 20:33 . 2008-02-24 20:47 1 --a------ C:\WINDOWS\system32\client.sid

2008-02-22 13:43 . 2003-06-19 01:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll

2008-02-22 13:43 . 2008-02-22 13:43 385 --a------ C:\WINDOWS\ODBC.INI

2008-02-22 13:42 . 2008-02-22 13:42 <REP> d-------- C:\Program Files\Microsoft Works

2008-02-22 13:41 . 2008-02-22 13:42 <REP> d-------- C:\WINDOWS\SHELLNEW

2008-02-22 13:40 . 2008-02-22 13:40 <REP> d-------- C:\Program Files\Microsoft.NET

2008-02-20 20:46 . 2008-02-20 20:46 <REP> d-------- C:\Program Files\MSXML 4.0

2008-02-20 03:06 . 2007-03-02 17:55 198,144 --------- C:\WINDOWS\system32\_psisdecd.dll

2008-02-20 02:58 . 2008-02-20 03:06 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink

2008-02-20 02:58 . 2007-03-02 17:55 82,432 --a------ C:\WINDOWS\system32\msxml4r.dll

2008-02-20 02:58 . 2007-03-02 17:55 44,544 --a------ C:\WINDOWS\system32\msxml4a.dll

2008-02-20 02:56 . 2008-02-20 02:56 <REP> d-------- C:\WINDOWS\MaxTV

2008-02-20 02:56 . 2008-02-20 02:56 <REP> d-------- C:\Program Files\DMV

2008-02-20 02:55 . 2008-02-20 03:04 <REP> d-------- C:\Program Files\PeerTV

2008-02-20 02:47 . 2008-02-20 02:47 <REP> d-------- C:\Documents and Settings\Utilisateur\Application Data\FDRLab

2008-02-15 00:16 . 2008-02-15 00:16 <REP> d-------- C:\Program Files\CCleaner

2008-02-14 11:32 . 2008-02-22 23:08 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe

2008-02-14 11:32 . 2008-02-14 11:32 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe

2008-02-14 11:32 . 2008-02-22 23:10 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys

2008-02-14 10:00 . 2008-02-14 10:00 <REP> d-------- C:\Program Files\Antipub

2008-02-14 01:11 . 2008-03-03 11:30 116 --a------ C:\WINDOWS\NeroDigital.ini

2008-02-14 01:05 . 2008-02-14 01:05 280 --ah----- C:\sqmdata01.sqm

2008-02-14 01:05 . 2008-02-14 01:05 244 --ah----- C:\sqmnoopt01.sqm

2008-02-14 01:04 . 2008-02-14 01:04 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!

2008-02-13 22:59 . 2008-02-13 22:59 <REP> d-------- C:\WINDOWS\system32\windows media

2008-02-13 22:59 . 2008-02-13 22:59 <REP> d--h----- C:\WINDOWS\msdownld.tmp

2008-02-13 22:59 . 2008-02-13 22:59 <REP> d-------- C:\Program Files\Windows Media Components

2008-02-13 22:58 . 2008-02-13 22:58 <REP> d-------- C:\WINDOWS\system32\URTTemp

2008-02-13 22:57 . 2008-02-13 22:57 <REP> d-------- C:\Program Files\Fichiers communs\CyberLink

2008-02-13 22:57 . 2008-02-13 23:04 <REP> d-------- C:\Program Files\Fichiers communs\ATI

2008-02-13 22:57 . 2005-11-20 04:15 146,048 --a------ C:\WINDOWS\system32\drivers\atinavt2.sys

2008-02-13 22:57 . 2005-11-20 04:15 106,496 --a------ C:\WINDOWS\system32\atinppt2.ax

2008-02-13 22:57 . 2004-10-13 17:04 64,352 --a------ C:\WINDOWS\system32\drivers\ativmc20.cod

2008-02-13 22:56 . 2008-02-13 23:02 <REP> d-------- C:\Program Files\ATI Technologies

2008-02-13 22:56 . 2005-10-13 06:15 1,114,674 -ra------ C:\WINDOWS\system32\drivers\ativcaxx.cpa

2008-02-13 22:56 . 2005-11-10 21:05 520,192 --------- C:\WINDOWS\system32\ati2sgag.exe

2008-02-13 22:56 . 2005-11-11 07:33 307,200 -ra------ C:\WINDOWS\system32\atiiiexx.dll

2008-02-13 22:56 . 2005-11-08 23:48 112,456 -ra------ C:\WINDOWS\system32\atiicdxx.dat

2008-02-13 22:56 . 2005-06-08 22:45 58,560 -ra------ C:\WINDOWS\system32\drivers\ativckxx.vp

2008-02-13 22:56 . 2005-11-11 07:54 25,056 -ra------ C:\WINDOWS\system32\drivers\ativvpxx.vp

2008-02-13 22:56 . 2005-08-24 20:25 6,020 -ra------ C:\WINDOWS\system32\atifglpf.xml

2008-02-13 22:56 . 2005-10-13 06:15 929 -ra------ C:\WINDOWS\system32\drivers\ativcaxx.vp

2008-02-13 22:53 . 2008-02-20 02:57 <REP> d--h----- C:\Program Files\InstallShield Installation Information

2008-02-13 22:53 . 2008-02-13 22:53 <REP> d-------- C:\Program Files\ASUS

2008-02-13 22:53 . 2004-02-27 00:00 962,612 --a------ C:\WINDOWS\system32\mfc42d.dll

2008-02-13 22:53 . 2004-02-17 00:00 434,252 --a------ C:\WINDOWS\system32\MSVCRTD.DLL

2008-02-13 22:53 . 2006-01-10 09:50 24,576 -ra------ C:\WINDOWS\system32\AsIO.dll

2008-02-13 22:53 . 2006-10-18 20:12 12,664 -ra------ C:\WINDOWS\system32\drivers\AsIO.sys

2008-02-13 22:53 . 2006-10-19 03:11 12,096 --a------ C:\WINDOWS\system32\drivers\AsInsHelp64.sys

2008-02-13 22:53 . 2006-10-19 03:11 10,304 --a------ C:\WINDOWS\system32\drivers\AsInsHelp32.sys

2008-02-13 22:50 . 2008-02-13 22:50 <REP> d-------- C:\Program Files\DIFX

2008-02-13 22:49 . 2008-02-13 22:50 <REP> d-------- C:\Program Files\C-Media 6501 Sound

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-03-03 14:22 --------- d-----w C:\Program Files\eMule

2008-02-29 20:56 --------- d-----w C:\Program Files\adslTV

2008-02-26 16:29 --------- d-----w C:\Program Files\Windows Live

2008-02-26 13:15 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\ArcSoft

2008-02-25 20:33 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI MMC

2008-02-22 15:26 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default

2008-02-13 23:10 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\vlc

2008-02-13 22:57 --------- d-----w C:\Program Files\EA GAMES

2008-02-13 22:55 --------- d-----w C:\Program Files\Fichiers communs\Nero

2008-02-13 22:54 --------- d-----w C:\Program Files\Fichiers communs\Ahead

2008-02-13 22:54 --------- d-----w C:\Program Files\Ahead

2008-02-13 22:47 --------- d-----w C:\Program Files\RocketDock

2008-02-13 22:44 --------- d-----w C:\Program Files\Messenger Plus! Live

2008-02-13 22:44 --------- d-----w C:\Program Files\Alwil Software

2008-02-13 22:42 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller

2008-02-13 22:39 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

2008-02-13 22:36 --------- d-----w C:\Program Files\Fichiers communs\ArcSoft

2008-02-13 22:35 --------- d-----w C:\Program Files\Hercules

2008-02-13 22:34 --------- d-----w C:\Program Files\Windows Media Connect 2

2008-02-13 22:16 --------- d-----w C:\Program Files\microsoft frontpage

2008-02-13 22:15 --------- d-----w C:\Program Files\Services en ligne

2008-02-13 22:11 --------- d-----w C:\Program Files\Google

2008-02-13 22:08 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\ATI

2008-02-13 22:05 --------- d-----w C:\Program Files\GameShadow

2008-02-13 22:03 --------- d-----w C:\Program Files\Fichiers communs\ATI Technologies

2008-02-13 22:01 --------- d-----w C:\Program Files\ATI Multimedia

2008-02-13 22:00 --------- d-----w C:\Program Files\TitanTV

2008-02-13 21:57 --------- d-----w C:\Program Files\Fichiers communs\InstallShield

2007-12-07 02:08 824,832 ----a-w C:\WINDOWS\system32\wininet.dll

2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll

2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe

2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr

.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{87E68009-29A8-D669-F7C2-B31D08635C50}]

C:\Program Files\ContextAdvisor\ContextAdvisor-2.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:09 15360]

"ATI Launchpad"="C:\Program Files\ATI Multimedia\main\launchpd.exe" [2005-11-04 21:31 102400]

"ATI DeviceDetect"="C:\Program Files\ATI Multimedia\main\ATIDtct.EXE" [2005-11-04 21:27 57344]

"ATI Remote Control"="C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe" [2005-10-12 21:08 1622016]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-19 00:27 68856]

"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]

"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-09-02 13:58 495616]

"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:21 1694208]

"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2007-05-13 15:57 5308416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"C6501Sound"="c6501.cpl" []

"AsusStartupHelp"="C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe" [2006-11-14 07:25 363008]

"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 14:43 45056]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 03:42 144784]

"UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15:09 15360]

C:\Documents and Settings\Utilisateur\Menu D‚marrer\Programmes\D‚marrage\

Anti-Pub.lnk - C:\Program Files\Antipub\antipub.exe [2003-03-23 20:38:22 674304]

MaxTV.lnk - C:\Program Files\DMV\MaxTV\MaxTV.exe [2007-03-08 01:57:54 8089184]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"UIHost"="C:\\WINDOWS\\system32\\logonui.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=

"C:\\Program Files\\adslTV\\adsltv.exe"=

"C:\\Program Files\\eMule\\emule.exe"=

"C:\\Program Files\\PeerTV\\PeerCast.exe"=

R2 WebCamHelper;WebCamHelper;C:\PROGRA~1\AVWEBC~1\WebCamHelper.sys [2007-07-06 15:58]

R3 cm102u32;C-Media CM6501 Like Sound Interface;C:\WINDOWS\system32\drivers\c6501.sys [2006-09-05 10:04]

R3 ovt530;Webcam Classic;C:\WINDOWS\system32\Drivers\ov530vid.sys [2005-03-15 17:04]

.

**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-03-03 15:29:31

Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès

Les fichiers cachés: 0

**************************************************************************

.

Temps d'accomplissement: 2008-03-03 15:29:47

ComboFix-quarantined-files.txt 2008-03-03 14:29:45

ComboFix2.txt 2008-03-03 12:05:37

.

2008-02-29 16:03:10 --- E O F ---

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:30:59, on 03/03/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\ATI Multimedia\main\ATIDtct.EXE

C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

C:\Program Files\RocketDock\RocketDock.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Antipub\antipub.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\WINDOWS\explorer.exe

C:\Documents and Settings\Utilisateur\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll

O2 - BHO: ContextAdvisor - {87E68009-29A8-D669-F7C2-B31D08635C50} - C:\Program Files\ContextAdvisor\ContextAdvisor-2.dll (file missing)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"

O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"

O4 - HKCU\..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\ATIDtct.EXE

O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe

O4 - Startup: MaxTV.lnk = C:\Program Files\DMV\MaxTV\MaxTV.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\dtv\EXPLBAR.DLL

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--

End of file - 7932 bytes

les pub reviennent

Participer! →

land3 →

Le 3 mars à 13:02 #

cyrildu08 →

Le 3 mars à 13:03 #

land3 →

Le 3 mars à 13:15 #

cyrildu08 →

Le 3 mars à 15:30 #

land3 →

Le 3 mars à 15:39 #

cyrildu08 →

Le 3 mars à 15:42 #

land3 →

Le 3 mars à 15:51 #

cchris →

Le 3 mars à 16:57 #

land3 →

Le 3 mars à 17:06 #

cyrildu08 →

Le 3 mars à 17:09 #

Participer! →

Ces discussions pourraient vous intéresser également:

Sujets Connexes

Arakien & WéWé

Du nouveau ?

Forums

Navigation

Publicité

Connectés

Recherche

Concours

Partenaires

	les pub reviennent
	» Liste des Forums » Virus, troyens, etc... » Discussion