Virus Ati3dua.dll Cheval de Troie BHO.O - Sécurité - Virus
TomsGuide.com : 700 000 inscrits répondent à toutes vos questions high-tech et informatique.
Pour obtenir de l'aide, inscrivez-vous gratuitement !
 

Ajouter une réponse



 Mot :   Pseudo :  
 
Bas de page
Auteur
 Sujet : Virus Ati3dua.dll Cheval de Troie BHO.O
 
frankytown
Profil : IDNaute
Plus d'informations
n°326697
03-08-2008 à 20:27:53

Bonjour....Récemment, j'ai installer l'anti-virus AVG 8.0. À chaque fois que j'ouvre le poste de travail, AVG m'averti que le fichier Ati3dua.dll constitue une menace. Avg n'arrive pas a le supprimé. J'Ai réalisé un log avec Combofix et Hijackthis mais je ne sais pas quoi faire maintenant.

Est-ce que vous pouvez m'aider ?

ComboFix 08-08-01.05 - Francois 2008-08-03 14:10:31.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1543 [GMT -4:00]
Endroit: D:\Documents and Settings\Francois\Bureau\123.exe

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.

((((((((((((((((((((((((((((( Fichiers créés 2008-07-03 to 2008-08-03 ))))))))))))))))))))))))))))))))))))
.

2008-08-03 14:00 . 2005-09-29 14:28 2,138,112 --a--c--- D:\WINDOWS\system32\dllcache\OLD96.tmp
2008-08-03 13:59 . 2008-08-03 14:01 <REP> d-------- D:\WINDOWS\LastGood
2008-08-02 22:32 . 2005-09-07 17:40 84,471 --a------ D:\WINDOWS\system32\drivers\AliEhci.sys
2008-08-02 22:32 . 2001-11-13 21:24 35,587 --a------ D:\WINDOWS\system32\rmusb20.EXE
2008-08-02 22:32 . 2005-09-07 17:41 32,118 --a------ D:\WINDOWS\system32\drivers\AliHub.sys
2008-08-02 22:32 . 2006-03-01 11:46 23,498 --a------ D:\WINDOWS\system32\Unusb20.exe
2008-08-02 22:32 . 2000-01-07 15:20 12,288 --a------ D:\WINDOWS\system32\PCIVP.SYS
2008-08-02 22:32 . 2005-09-07 17:41 9,658 --a------ D:\WINDOWS\system32\drivers\AliGP.sys
2008-08-02 22:32 . 2005-09-07 17:43 5,304 --a------ D:\WINDOWS\system32\drivers\AliRtHub.sys
2008-08-02 19:30 . 2008-08-03 11:41 <REP> d--h----- D:\$AVG8.VAULT$
2008-08-02 19:22 . 2008-08-03 12:31 <REP> d-------- D:\WINDOWS\system32\drivers\Avg
2008-08-02 19:22 . 2008-08-02 19:22 96,520 --a------ D:\WINDOWS\system32\drivers\avgldx86.sys
2008-08-02 19:22 . 2008-08-02 19:22 75,272 --a------ D:\WINDOWS\system32\drivers\avgtdix.sys
2008-08-02 19:22 . 2008-08-02 19:22 12,424 --a------ D:\WINDOWS\system32\drivers\avgrkx86.sys
2008-08-02 19:22 . 2008-08-02 19:22 10,520 --a------ D:\WINDOWS\system32\avgrsstx.dll
2008-08-02 19:21 . 2008-08-02 22:37 <REP> d-------- D:\Driver Download
2008-08-02 19:20 . 2008-08-02 19:20 <REP> d-------- D:\Program Files\AVG
2008-08-02 19:20 . 2008-08-02 19:20 <REP> d-------- D:\Documents and Settings\All Users\Application Data\avg8
2008-08-02 19:20 . 2008-08-02 19:20 45,568 --a------ D:\WINDOWS\system32\avgfwdx.dll
2008-08-02 19:20 . 2008-08-02 19:20 22,528 --a------ D:\WINDOWS\system32\drivers\avgfwdx.sys
2008-08-02 19:08 . 2008-08-02 19:08 <REP> d-------- D:\Program Files\Driver-Soft
2008-08-02 19:08 . 2007-09-02 20:56 1,686,016 --a------ D:\WINDOWS\system32\clinetsuitex6.ocx
2008-08-02 19:08 . 2004-06-14 14:56 427,864 --a------ D:\WINDOWS\system32\XceedZip.dll
2008-07-28 18:00 . 2008-07-28 18:00 54,156 --ah----- D:\WINDOWS\QTFont.qfn
2008-07-28 18:00 . 2008-07-28 18:00 1,409 --a------ D:\WINDOWS\QTFont.for
2008-07-27 15:30 . 2008-07-27 15:30 7,900 --a------ D:\WINDOWS\system32\d3d9caps.dat
2008-07-25 22:23 . 2008-07-25 22:25 <REP> d-------- D:\Documents and Settings\Francois\Application Data\Ulead Systems
2008-07-25 22:22 . 2008-07-25 22:22 <REP> d-------- D:\Program Files\Fichiers communs\InterVideo
2008-07-25 22:21 . 2008-07-25 22:21 <REP> d-------- D:\Program Files\Windows Media Components
2008-07-25 22:20 . 2008-07-29 22:45 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-07-25 17:09 . 2008-07-25 17:09 <REP> d-------- D:\Program Files\Nestopia RPlus!
2008-07-23 20:24 . 2008-07-23 20:24 <REP> d-------- D:\Documents and Settings\Francois\Application Data\ESET
2008-07-23 20:22 . 2008-07-23 20:28 <REP> d-------- D:\Documents and Settings\All Users\Application Data\ESET
2008-07-20 14:51 . 2008-07-20 14:51 <REP> d-------- D:\Program Files\SiSoftware
2008-07-20 13:34 . 2008-02-28 13:26 1,414,440 --a------ D:\WINDOWS\system32\ShellManager310E2D762.dll
2008-07-20 13:34 . 2008-02-28 13:01 774,144 --a------ D:\WINDOWS\system32\NEROINSTAEC43759.DB
2008-07-19 18:17 . 2008-07-20 14:52 <REP> d-------- D:\Documents and Settings\Francois\Application Data\DeepBurner
2008-07-13 15:26 . 2008-07-13 15:26 <REP> d-------- D:\Temp
2008-07-13 15:08 . 1998-07-22 00:00 102,160 --a------ D:\WINDOWS\system32\VB6KO.DLL
2008-07-13 15:08 . 2008-07-13 15:52 0 --a------ D:\WINDOWS\lgfwup.ini
2008-07-13 14:24 . 2008-07-13 14:24 <REP> d-------- D:\Documents and Settings\Francois\Application Data\Ashampoo
2008-07-13 14:24 . 2008-07-13 14:24 <REP> d-------- D:\Documents and Settings\All Users\Application Data\ashampoo
2008-07-13 14:23 . 2008-07-13 14:23 <REP> d-------- D:\Program Files\Ashampoo
2008-07-13 13:51 . 2008-07-13 13:51 <REP> d-------- D:\Documents and Settings\Francois\Application Data\Nero
2008-07-13 13:40 . 2008-07-20 13:36 <REP> d-------- D:\Program Files\Fichiers communs\Nero
2008-07-13 13:40 . 2008-07-20 13:36 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Nero
2008-07-06 14:02 . 2008-07-06 14:02 <REP> d-------- D:\Program Files\VCMU
2008-07-06 13:32 . 2008-07-06 13:33 <REP> d-------- D:\Program Files\Yahoo!
2008-07-06 13:32 . 2008-07-06 13:32 <REP> d-------- D:\Program Files\CCleaner
2008-07-06 13:31 . 2008-07-06 15:02 <REP> d-------- D:\Documents and Settings\Francois\Application Data\Skype
2008-07-04 18:27 . 2008-07-04 18:27 <REP> d-------- D:\Documents and Settings\All Users\Application Data\PCPitstop
2008-07-04 14:29 . 2008-07-04 14:29 <REP> d-------- D:\Program Files\Skype
2008-07-04 14:29 . 2008-07-04 14:29 <REP> d-------- D:\Program Files\Fichiers communs\Skype
2008-07-04 14:29 . 2008-07-04 14:29 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Skype
2008-07-04 14:28 . 2008-07-04 14:40 <REP> d-------- D:\Program Files\Spyware Doctor
2008-07-04 14:28 . 2008-07-04 14:28 <REP> d-------- D:\Documents and Settings\Francois\Application Data\PC Tools
2008-07-04 14:28 . 2007-12-10 14:53 81,288 --a------ D:\WINDOWS\system32\drivers\iksyssec.sys
2008-07-04 14:28 . 2007-12-10 14:53 66,952 --a------ D:\WINDOWS\system32\drivers\iksysflt.sys
2008-07-04 14:28 . 2008-02-01 12:55 42,376 --a------ D:\WINDOWS\system32\drivers\ikfilesec.sys
2008-07-04 14:28 . 2007-12-10 14:53 29,576 --a------ D:\WINDOWS\system32\drivers\kcom.sys
2008-07-03 17:58 . 2008-07-03 17:58 <REP> d-------- D:\Program Files\Xvid

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-03 17:39 --------- d-----w D:\Documents and Settings\Francois\Application Data\Azureus
2008-08-03 02:41 --------- d-----w D:\Program Files\Mozilla Thunderbird
2008-08-03 02:20 --------- d--h--w D:\Program Files\InstallShield Installation Information
2008-08-03 01:38 --------- d-----w D:\Program Files\Fichiers communs\Symantec Shared
2008-08-03 00:26 --------- d-----w D:\Documents and Settings\All Users\Application Data\X10 Settings
2008-08-02 23:23 --------- d-----w D:\Program Files\Microsoft Silverlight
2008-08-02 22:14 --------- d-----w D:\Documents and Settings\All Users\Application Data\Google Updater
2008-08-01 17:04 --------- d-----w D:\Program Files\BudgetExpress 3
2008-08-01 17:04 --------- d-----w D:\Documents and Settings\Francois\Application Data\BudgetExpress 3
2008-08-01 12:06 --------- d-----w D:\Documents and Settings\Francois\Application Data\U3
2008-07-30 05:33 --------- d-----w D:\Program Files\Google
2008-07-30 02:55 --------- d-----w D:\Program Files\ESET
2008-07-30 02:27 --------- d-----w D:\Program Files\Fichiers communs\Adobe
2008-07-24 23:30 --------- d-----w D:\Program Files\mIRC
2008-07-24 00:11 --------- d-----w D:\Program Files\eMule
2008-07-23 21:30 --------- d-----w D:\Documents and Settings\All Users\Application Data\WLInstaller
2008-07-17 22:11 --------- d-----w D:\Program Files\Fichiers communs\Wise Installation Wizard
2008-07-17 01:02 --------- d-----w D:\Documents and Settings\Francois\Application Data\StarOffice8
2008-07-15 22:35 112,128 ----a-w D:\WINDOWS\system32\ati3dua.dll
2008-07-04 20:20 --------- d---a-w D:\Documents and Settings\All Users\Application Data\TEMP
2008-07-02 21:03 --------- d-----w D:\Program Files\Azureus
2008-07-01 21:57 --------- d-----w D:\Program Files\Picasa2
2007-06-07 04:03 23,552 ----a-w D:\Program Files\mozilla firefox\plugins\DrvMgt.dll
2007-12-27 15:48 32,768 --sha-w D:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
2007-12-27 15:48 32,768 --sha-w D:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
2007-05-31 21:47 32,768 --sha-w D:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012007053120070601\index.dat
2007-12-27 15:48 81,920 --sha-w D:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.

------- Sigcheck -------

2006-11-11 10:02 359808 8d8949936913b041c6a0e184fbf1030b D:\WINDOWS\system32\drivers\tcpip.sys

2006-11-18 19:59 1035264 7ba68df484b550c1f75dd80ae1d7ef67 D:\WINDOWS\explorer.exe
.
((((((((((((((((((((((((((((( snapshot@2008-08-02_23.01.50.10 )))))))))))))))))))))))))))))))))))))))))
.
+ 2004-08-04 03:10:08 53,248 ----a-w D:\WINDOWS\LastGood\system32\dllcache\1394bus.sys
+ 2001-08-18 02:06:48 11,264 ----a-w D:\WINDOWS\LastGood\system32\dllcache\1394vdbg.sys
+ 2001-08-18 01:28:00 762,780 ----a-w D:\WINDOWS\LastGood\system32\dllcache\3cwmcru.sys
+ 2001-08-23 21:46:44 689,216 ----a-w D:\WINDOWS\LastGood\system32\dllcache\3dfxvs.dll
+ 2001-08-18 00:48:32 148,352 ----a-w D:\WINDOWS\LastGood\system32\dllcache\3dfxvsm.sys
+ 2004-08-04 03:00:04 12,288 ----a-w D:\WINDOWS\LastGood\system32\dllcache\4mmdat.sys
+ 2004-08-04 03:10:12 48,128 ----a-w D:\WINDOWS\LastGood\system32\dllcache\61883.sys
+ 2001-08-23 21:46:44 38,400 ----a-w D:\WINDOWS\LastGood\system32\dllcache\8514a.dll
+ 2001-08-23 21:46:58 462,848 ----a-w D:\WINDOWS\LastGood\system32\dllcache\a3dapi.dll
+ 2001-08-18 01:52:00 23,552 ----a-w D:\WINDOWS\LastGood\system32\dllcache\abp480n5.sys
+ 2004-08-04 02:32:22 231,552 ----a-w D:\WINDOWS\LastGood\system32\dllcache\ac97ali.sys
+ 2001-08-18 00:20:04 96,256 ----a-w D:\WINDOWS\LastGood\system32\dllcache\ac97intc.sys
+ 2001-08-18 00:20:16 297,728 ----a-w D:\WINDOWS\LastGood\system32\dllcache\ac97sis.sys
+ 2004-08-04 02:32:32 84,480 ----a-w D:\WINDOWS\LastGood\system32\dllcache\ac97via.sys
+ 2001-08-23 21:46:58 61,952 ----a-w D:\WINDOWS\LastGood\system32\dllcache\acerscad.dll
+ 2001-08-18 01:53:02 7,424 ----a-w D:\WINDOWS\LastGood\system32\dllcache\adicvls.sys
+ 2001-08-18 00:11:18 20,160 ----a-w D:\WINDOWS\LastGood\system32\dllcache\adm8511.sys
+ 2001-08-18 00:19:10 584,448 ----a-w D:\WINDOWS\LastGood\system32\dllcache\adm8810.sys
+ 2001-08-18 00:19:14 553,984 ----a-w D:\WINDOWS\LastGood\system32\dllcache\adm8820.sys
+ 2001-08-18 00:19:14 747,392 ----a-w D:\WINDOWS\LastGood\system32\dllcache\adm8830.sys
+ 2004-08-19 17:09:19 29,696 ----a-w D:\WINDOWS\LastGood\system32\dllcache\admexs.dll
+ 2003-03-24 19:52:04 20,540 ----a-w D:\WINDOWS\LastGood\system32\dllcache\admin.dll
+ 2003-03-24 19:52:04 16,439 ----a-w D:\WINDOWS\LastGood\system32\dllcache\admin.exe
+ 2004-08-04 02:32:24 10,880 ----a-w D:\WINDOWS\LastGood\system32\dllcache\admjoy.sys
+ 2004-08-19 17:09:19 43,520 ----a-w D:\WINDOWS\LastGood\system32\dllcache\admwprox.dll
+ 2002-09-06 20:59:59 6,144 ----a-w D:\WINDOWS\LastGood\system32\dllcache\admxprox.dll
+ 2001-08-18 00:11:16 46,112 ----a-w D:\WINDOWS\LastGood\system32\dllcache\adptsf50.sys
+ 2001-08-18 02:07:32 101,888 ----a-w D:\WINDOWS\LastGood\system32\dllcache\adpu160m.sys
+ 2002-09-06 20:59:59 50,176 ----a-w D:\WINDOWS\LastGood\system32\dllcache\adrot.dll
+ 2004-08-19 17:09:19 290,816 ----a-w D:\WINDOWS\LastGood\system32\dllcache\adsiis51.dll
+ 2004-08-19 20:09:20 4,255 ----a-w D:\WINDOWS\LastGood\system32\dllcache\adv01nt5.dll
+ 2004-08-19 20:09:20 3,967 ----a-w D:\WINDOWS\LastGood\system32\dllcache\adv02nt5.dll
+ 2004-08-19 20:09:20 3,615 ----a-w D:\WINDOWS\LastGood\system32\dllcache\adv05nt5.dll
+ 2004-08-19 20:09:20 3,647 ----a-w D:\WINDOWS\LastGood\system32\dllcache\adv07nt5.dll
+ 2004-08-19 20:09:20 3,135 ----a-w D:\WINDOWS\LastGood\system32\dllcache\adv08nt5.dll
+ 2004-08-19 20:09:20 3,711 ----a-w D:\WINDOWS\LastGood\system32\dllcache\adv09nt5.dll
+ 2004-08-19 20:09:20 3,775 ----a-w D:\WINDOWS\LastGood\system32\dllcache\adv11nt5.dll
+ 2004-08-04 03:07:42 42,368 ----a-w D:\WINDOWS\LastGood\system32\dllcache\agp440.sys
+ 2004-08-04 03:07:44 44,928 ----a-w D:\WINDOWS\LastGood\system32\dllcache\agpcpq.sys
+ 2001-08-18 01:52:02 12,800 ----a-w D:\WINDOWS\LastGood\system32\dllcache\aha154x.sys
+ 2001-08-18 02:07:36 55,168 ----a-w D:\WINDOWS\LastGood\system32\dllcache\aic78u2.sys
+ 2001-08-18 02:07:38 56,960 ----a-w D:\WINDOWS\LastGood\system32\dllcache\aic78xx.sys
+ 2001-08-18 01:49:02 26,624 ----a-w D:\WINDOWS\LastGood\system32\dllcache\alifir.sys
+ 2004-08-04 03:07:42 42,752 ----a-w D:\WINDOWS\LastGood\system32\dllcache\alim1541.sys
+ 2001-08-18 00:11:20 16,969 ----a-w D:\WINDOWS\LastGood\system32\dllcache\amb8002.sys
+ 2004-08-04 03:07:44 43,008 ----a-w D:\WINDOWS\LastGood\system32\dllcache\amdagp.sys
+ 2001-08-18 01:52:04 12,032 ----a-w D:\WINDOWS\LastGood\system32\dllcache\amsint.sys
+ 2004-08-04 02:31:20 36,224 ----a-w D:\WINDOWS\LastGood\system32\dllcache\an983.sys
+ 2001-08-18 01:47:22 6,272 ----a-w D:\WINDOWS\LastGood\system32\dllcache\apmbatt.sys
+ 2004-08-19 17:09:19 110,080 ----a-w D:\WINDOWS\LastGood\system32\dllcache\appconf.dll
+ 2004-08-19 17:09:19 334,336 ----a-w D:\WINDOWS\LastGood\system32\dllcache\aqueue.dll
+ 2001-08-18 01:52:00 26,496 ----a-w D:\WINDOWS\LastGood\system32\dllcache\asc.sys
+ 2001-08-18 01:52:04 22,400 ----a-w D:\WINDOWS\LastGood\system32\dllcache\asc3350p.sys
+ 2001-08-18 01:51:58 14,848 ----a-w D:\WINDOWS\LastGood\system32\dllcache\asc3550.sys
+ 2006-12-13 12:52:44 377,344 ----a-w D:\WINDOWS\LastGood\system32\dllcache\asp51.dll
+ 2001-08-18 00:12:34 97,354 ----a-w D:\WINDOWS\LastGood\system32\dllcache\aspndis3.sys
+ 2002-09-06 20:59:59 10,240 ----a-w D:\WINDOWS\LastGood\system32\dllcache\aspperf.dll
+ 2002-09-06 20:59:59 29,184 ----a-w D:\WINDOWS\LastGood\system32\dllcache\asptxn.dll
+ 2001-08-23 21:46:44 96,128 ----a-w D:\WINDOWS\LastGood\system32\dllcache\ati.dll
+ 2001-08-23 20:59:32 77,824 ----a-w D:\WINDOWS\LastGood\system32\dllcache\ati.sys
+ 2004-08-04 02:29:30 56,623 ----a-w D:\WINDOWS\LastGood\system32\dllcache\ati1btxx.sys
+ 2003-03-24 19:52:04 20,540 ----a-w D:\WINDOWS\LastGood\system32\dllcache\author.dll
+ 2003-03-24 19:52:04 16,439 ----a-w D:\WINDOWS\LastGood\system32\dllcache\author.exe
+ 2003-03-24 19:52:04 188,480 ----a-w D:\WINDOWS\LastGood\system32\dllcache\cfgwiz.exe
+ 2004-08-19 17:09:21 47,104 ----a-w D:\WINDOWS\LastGood\system32\dllcache\coadmin.dll
+ 2001-08-23 21:46:58 5,632 ----a-w D:\WINDOWS\LastGood\system32\dllcache\EXCH_adsiisex.dll
+ 2001-08-23 21:46:58 45,056 ----a-w D:\WINDOWS\LastGood\system32\dllcache\EXCH_aqadmin.dll
+ 2004-05-13 04:39:48 184,435 ----a-w D:\WINDOWS\LastGood\system32\dllcache\fp4amsft.dll
+ 2003-03-24 19:52:04 82,035 ----a-w D:\WINDOWS\LastGood\system32\dllcache\fp4anscp.dll
+ 2003-03-24 19:52:04 147,513 ----a-w D:\WINDOWS\LastGood\system32\dllcache\fp4apws.dll
+ 2003-03-24 19:52:04 49,210 ----a-w D:\WINDOWS\LastGood\system32\dllcache\fp4areg.dll
+ 2003-03-24 19:52:04 102,509 ----a-w D:\WINDOWS\LastGood\system32\dllcache\fp4atxt.dll
+ 2003-03-24 19:52:04 41,020 ----a-w D:\WINDOWS\LastGood\system32\dllcache\fp4avnb.dll
+ 2003-03-24 19:52:04 32,826 ----a-w D:\WINDOWS\LastGood\system32\dllcache\fp4avss.dll
+ 2003-03-24 19:52:04 49,212 ----a-w D:\WINDOWS\LastGood\system32\dllcache\fp4awebs.dll
+ 2004-05-13 04:39:48 876,653 ----a-w D:\WINDOWS\LastGood\system32\dllcache\fp4awel.dll
+ 2002-05-14 17:08:54 14,608 ----a-w D:\WINDOWS\LastGood\system32\dllcache\fp98sadm.exe
+ 2002-05-14 17:08:54 109,328 ----a-w D:\WINDOWS\LastGood\system32\dllcache\fp98swin.exe
+ 2003-03-24 19:52:04 188,494 ----a-w D:\WINDOWS\LastGood\system32\dllcache\fpcount.exe
+ 2003-03-24 19:52:04 20,541 ----a-w D:\WINDOWS\LastGood\system32\dllcache\fpexedll.dll
+ 2004-05-13 04:39:48 598,071 ----a-w D:\WINDOWS\LastGood\system32\dllcache\fpmmc.dll
+ 2003-04-15 00:29:34 217,088 ----a-w D:\WINDOWS\LastGood\system32\dllcache\fpmmcsat.dll
+ 2003-03-24 19:52:04 20,538 ----a-w D:\WINDOWS\LastGood\system32\dllcache\fpremadm.exe
+ 2002-09-06 20:59:59 6,144 ----a-w D:\WINDOWS\LastGood\system32\dllcache\ftpsapi2.dll
+ 2004-08-19 17:09:27 68,608 ----a-w D:\WINDOWS\LastGood\system32\dllcache\iisext51.dll
+ 2004-08-19 17:09:27 64,512 ----a-w D:\WINDOWS\LastGood\system32\dllcache\iismap.dll
+ 2002-09-06 20:59:59 14,848 ----a-w D:\WINDOWS\LastGood\system32\dllcache\iisreset.exe
+ 2002-09-06 20:59:59 5,632 ----a-w D:\WINDOWS\LastGood\system32\dllcache\iisrstap.dll
+ 2004-08-19 17:09:55 31,232 ----a-w D:\WINDOWS\LastGood\system32\dllcache\iisrstas.exe
+ 2004-08-19 17:09:27 133,632 ----a-w D:\WINDOWS\LastGood\system32\dllcache\iisrtl.dll
+ 2002-09-06 20:59:59 173,056 ----a-w D:\WINDOWS\LastGood\system32\dllcache\iisui.dll
+ 2004-08-19 17:09:29 842,240 ----a-w D:\WINDOWS\LastGood\system32\dllcache\inetmgr.dll
+ 2002-09-06 20:59:59 7,680 ----a-w D:\WINDOWS\LastGood\system32\dllcache\inetmgr.exe
+ 2002-09-06 20:59:59 19,968 ----a-w D:\WINDOWS\LastGood\system32\dllcache\inetsloc.dll
+ 2004-08-19 17:09:29 13,312 ----a-w D:\WINDOWS\LastGood\system32\dllcache\infoadmn.dll
+ 2004-08-19 17:09:31 68,608 ----a-w D:\WINDOWS\LastGood\system32\dllcache\isatq.dll
+ 2005-09-29 18:28:35 2,138,112 ----a-w D:\WINDOWS\LastGood\system32\dllcache\ntkrnlmp.exe
+ 2001-08-23 21:46:46 66,048 ----a-w D:\WINDOWS\LastGood\system32\dllcache\s3legacy.dll
+ 2003-03-24 19:52:04 20,536 ----a-w D:\WINDOWS\LastGood\system32\dllcache\shtml.dll
+ 2003-03-24 19:52:04 16,437 ----a-w D:\WINDOWS\LastGood\system32\dllcache\shtml.exe
+ 2004-08-19 17:09:41 189,440 ----a-w D:\WINDOWS\LastGood\system32\dllcache\smtpadm.dll
+ 2004-08-19 17:09:43 2,134,528 ----a-w D:\WINDOWS\LastGood\system32\dllcache\smtpsnap.dll
+ 2004-08-19 17:09:45 8,192 ----a-w D:\WINDOWS\LastGood\system32\dllcache\staxmem.dll
+ 2003-03-24 19:52:04 32,827 ----a-w D:\WINDOWS\LastGood\system32\dllcache\tcptest.exe
+ 2003-04-15 00:29:34 16,384 ----a-w D:\WINDOWS\LastGood\system32\dllcache\tcptsat.dll
+ 2002-09-06 20:59:59 7,168 ----a-w D:\WINDOWS\LastGood\system32\dllcache\wamregps.dll
- 2008-08-03 02:40:02 63,266 ----a-w D:\WINDOWS\system32\perfc009.dat
+ 2008-08-03 18:02:34 63,266 ----a-w D:\WINDOWS\system32\perfc009.dat
- 2008-08-03 02:40:02 76,778 ----a-w D:\WINDOWS\system32\perfc00C.dat
+ 2008-08-03 18:02:34 76,778 ----a-w D:\WINDOWS\system32\perfc00C.dat
- 2008-08-03 02:40:02 403,664 ----a-w D:\WINDOWS\system32\perfh009.dat
+ 2008-08-03 18:02:34 403,664 ----a-w D:\WINDOWS\system32\perfh009.dat
- 2008-08-03 02:40:02 470,706 ----a-w D:\WINDOWS\system32\perfh00C.dat
+ 2008-08-03 18:02:34 470,706 ----a-w D:\WINDOWS\system32\perfh00C.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0475CE54-CBE1-41FB-B806-1A4B0D5BEED1}]
2008-07-15 18:35 112128 --a------ D:\WINDOWS\system32\ati3dua.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [2004-08-19 13:09 15360]
"ATI Remote Control"="D:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe" [2006-04-05 22:03 1622016]
"MsnMsgr"="D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acrobat Assistant 8.0"="D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 23:24 620152]
"Adobe Reader Speed Launcher"="D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 04:06 40048]
"StartCCC"="D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]
"SunJavaUpdateSched"="D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"AVG8_TRAY"="D:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-08-02 19:22 1177368]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSimpleStartMenu"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 0 (0x0)
"LockTaskbar"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoResolveSearch"= 0 (0x0)
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMFUprogramsList"= 0 (0x0)
"NoUserNameInStartMenu"= 0 (0x0)
"MaxRecentDocs"= 15 (0xf)
"NoInstrumentation"= 0 (0x0)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
"DisallowCpl"= 1 (0x1)

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
path=D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk
backup=D:\WINDOWS\pss\Outil de mise à jour Google.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^Francois^Menu Démarrer^Programmes^Démarrage^IcoSauve.lnk]
path=D:\Documents and Settings\Francois\Menu Démarrer\Programmes\Démarrage\IcoSauve.lnk
backup=D:\WINDOWS\pss\IcoSauve.lnkStartup

[HKLM\~\startupfolder\D:^Documents and Settings^Francois^Menu Démarrer^Programmes^Démarrage^MagicDisc.lnk]
path=D:\Documents and Settings\Francois\Menu Démarrer\Programmes\Démarrage\MagicDisc.lnk
backup=D:\WINDOWS\pss\MagicDisc.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2007-04-03 18:29 165784 D:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
--a------ 2008-04-16 19:37 29744 D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
--a------ 2004-08-03 19:31 208952 D:\WINDOWS\ime\imjp8_1\imjpmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 11:34 5724184 D:\Program Files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
--a------ 2004-08-03 19:31 59392 D:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
--a------ 2007-05-28 16:59 95800 D:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
--a------ 2004-08-03 19:32 455168 D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
--a------ 2004-08-03 19:32 455168 D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
--a------ 2008-02-25 21:23 443968 D:\Program Files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
--a------ 2007-04-09 08:23 200704 D:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-01-31 23:13 385024 D:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2008-02-12 20:10 21898024 D:\Program Files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
--a------ 2008-05-06 04:42 202088 D:\Program Files\TomTom HOME 2\HOMERunner.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"D:\\Program Files\\Azureus\\Azureus.exe"=
"D:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"D:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"D:\\Program Files\\Google\\Google SketchUp 6\\SketchUp.exe"=
"D:\\Program Files\\eMule\\emule.exe"=
"D:\\Program Files\\mIRC\\mirc.exe"=
"D:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"D:\\WINDOWS\\system32\\dpvsetup.exe"=
"D:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional Affaires XII.SP2\\RpcAgentSrv.exe"=
"D:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional Affaires XII.SP2\\WNt500x86\\RpcSandraSrv.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"D:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"13139:TCP"= 13139:TCP:NortonAV
"18705:TCP"= 18705:TCP:NortonAV
"15417:TCP"= 15417:TCP:NortonAV
"18022:TCP"= 18022:TCP:NortonAV
"16048:TCP"= 16048:TCP:NortonAV
"16835:TCP"= 16835:TCP:NortonAV
"18134:TCP"= 18134:TCP:NortonAV
"12787:TCP"= 12787:TCP:NortonAV
"13872:TCP"= 13872:TCP:NortonAV
"18774:TCP"= 18774:TCP:NortonAV
"16023:TCP"= 16023:TCP:NortonAV
"18124:TCP"= 18124:TCP:NortonAV
"13397:TCP"= 13397:TCP:NortonAV
"13936:TCP"= 13936:TCP:NortonAV
"17304:TCP"= 17304:TCP:NortonAV
"18386:TCP"= 18386:TCP:NortonAV
"13627:TCP"= 13627:TCP:NortonAV
"15558:TCP"= 15558:TCP:NortonAV
"18556:TCP"= 18556:TCP:NortonAV
"15100:TCP"= 15100:TCP:NortonAV
"14976:TCP"= 14976:TCP:NortonAV
"14728:TCP"= 14728:TCP:NortonAV
"17765:TCP"= 17765:TCP:NortonAV
"16627:TCP"= 16627:TCP:NortonAV
"14489:TCP"= 14489:TCP:NortonAV
"17949:TCP"= 17949:TCP:NortonAV
"14533:TCP"= 14533:TCP:NortonAV
"12849:TCP"= 12849:TCP:NortonAV
"15025:TCP"= 15025:TCP:NortonAV
"14312:TCP"= 14312:TCP:NortonAV

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 AvgRkx86;avgrkx86.sys;D:\WINDOWS\system32\Drivers\avgrkx86.sys [2008-08-02 19:22]
R0 staanyfn;staanyfn;D:\WINDOWS\system32\drivers\iippglvt.dat []
R0 uliagpkx;ULi AGP Bus Filter Driver;D:\WINDOWS\system32\DRIVERS\agpkx.sys [2005-05-03 17:31]
R1 AvgLdx86;AVG AVI Loader Driver x86;D:\WINDOWS\system32\Drivers\avgldx86.sys [2008-08-02 19:22]
R2 ALIEHCD;ULi PCI to USB Enhanced Host Controller;D:\WINDOWS\system32\Drivers\ALIEHCI.sys [2005-09-07 17:40]
R2 avg8wd;AVG8 WatchDog;D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-02 19:22]
R2 avgfws8;AVG8 Firewall;D:\PROGRA~1\AVG\AVG8\avgfws8.exe [2008-08-02 19:22]
R2 AvgTdiX;AVG8 Network Redirector;D:\WINDOWS\system32\Drivers\avgtdix.sys [2008-08-02 19:22]
R2 SandraAgentSrv;SiSoftware Deployment Agent Service;D:\Program Files\SiSoftware\SiSoftware Sandra Professional Affaires XII.SP2\RpcAgentSrv.exe [2008-04-07 19:26]
R3 aliroothub;USB 2.0 Root Hub;D:\WINDOWS\system32\DRIVERS\AliRtHub.sys [2005-09-07 17:43]
R3 Avgfwdx;Avgfwdx;D:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-08-02 19:20]
R3 ULI5261XP;ULi M526X Ethernet NT Driver;D:\WINDOWS\system32\DRIVERS\ULILAN51.SYS [2005-03-22 20:36]
S3 AIDA32Driver;AIDA32Driver;D:\Program Files\AIDA32 - Personal System Information\aida32.sys [2004-02-23 04:07]
S3 ALI5261;Pilote NT de base Ethernet ALi;D:\WINDOWS\system32\DRIVERS\ALI5261.SYS [2001-08-17 20:11]
S3 Avgfwfd;AVG network filter service;D:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-08-02 19:20]
S3 cm102u32;C-Media CM6501 Like Sound Interface;D:\WINDOWS\system32\drivers\c6501.sys [2006-07-11 14:05]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-04-16 19:37]
S3 motccgp;Motorola USB Composite Device Driver;D:\WINDOWS\system32\DRIVERS\motccgp.sys [2007-06-18 16:19]
S3 motccgpfl;MotCcgpFlService;D:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2007-01-22 20:33]
S3 MotDev;Motorola Inc. USB Device;D:\WINDOWS\system32\DRIVERS\motodrv.sys [2007-05-07 16:11]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c4eaaf90-f9e6-11dc-9afa-00138fc8baaa}]
\Shell\AutoRun\command - D:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs

*Newly Created Service* - CATCHME
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'

2008-07-30 D:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- D:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57]

2008-08-03 D:\WINDOWS\Tasks\User_Feed_Synchronization-{21BB7821-61AD-416D-9C80-04976C8724DB}.job
- D:\WINDOWS\system32\msfeedssync.exe [2006-12-13 08:46]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - D:\Documents and Settings\Francois\Application Data\Mozilla\Firefox\Profiles\qaia1n87.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.com
FF -: plugin - D:\Program Files\Google\Google Updater\2.2.1172.2021\npCIDetect11.dll
FF -: plugin - D:\Program Files\Microsoft Silverlight\2.0.30523.8\npctrl.1.0.30109.0.dll
FF -: plugin - D:\Program Files\Microsoft Silverlight\2.0.30523.8\npctrl.dll
FF -: plugin - D:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
FF -: plugin - D:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF -: plugin - D:\Program Files\Mozilla Firefox\plugins\npmidas.dll
FF -: plugin - D:\Program Files\Mozilla Firefox\plugins\npskilljamloader.dll
FF -: plugin - D:\Program Files\Mozilla Firefox\plugins\npssp32.dll
FF -: plugin - D:\Program Files\Yahoo!\Common\npyaxmpb.dll


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-03 14:13:10
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\staanyfn]
"ImagePath"="system32\drivers\iippglvt.dat"
.
Temps d'accomplissement: 2008-08-03 14:14:56
ComboFix-quarantined-files.txt 2008-08-03 18:14:04
ComboFix2.txt 2008-08-03 17:21:42
ComboFix3.txt 2008-08-03 03:02:49

Pre-Run: 21,468,540,928 octets libres
Post-Run: 21,458,673,664 octets libres

409



Logfile of HijackThis v1.99.1
Scan saved at 14:27:19, on 2008-08-03
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
D:\PROGRA~1\AVG\AVG8\avgfws8.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
D:\WINDOWS\system32\rundll32.exe
D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
D:\Program Files\SiSoftware\SiSoftware Sandra Professional Affaires XII.SP2\RpcAgentSrv.exe
D:\WINDOWS\system32\svchost.exe
D:\PROGRA~1\AVG\AVG8\avgam.exe
D:\PROGRA~1\AVG\AVG8\avgrsx.exe
D:\PROGRA~1\AVG\AVG8\avgnsx.exe
D:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\explorer.exe
D:\WINDOWS\system32\notepad.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Mozilla Thunderbird\thunderbird.exe
D:\Program Files\AVG\AVG8\avgtray.exe
D:\WINDOWS\explorer.exe
D:\Documents and Settings\Francois\Bureau\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {0475CE54-CBE1-41FB-B806-1A4B0D5BEED1} - D:\WINDOWS\system32\ati3dua.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] D:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ATI Remote Control] D:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Synchronizer.lnk = D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O10 - Unknown file in Winsock LSP: d:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [TABS] Tabbed Browsing
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/opt [...] tstop2.dll
O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - (no file)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - D:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - D:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - D:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - D:\Program Files\SiSoftware\SiSoftware Sandra Professional Affaires XII.SP2\RpcAgentSrv.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - D:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - D:\Program Files\Spyware Doctor\pctsSvc.exe

merci a l'avance pour votre aide !

Liens spon sorisés

Inscrivez-vous ou connectez-vous pour masquer ceci.


Aller à :
Ajouter une réponse
  FORUM Infos-du-Net » Sécurité - Virus » Virus Ati3dua.dll Cheval de Troie BHO.O
 

Plan du forum
Forum MesDiscussions.Net, Version 2007.1.2
© 2000-2007 No1Dev
Page générée en 0.204 secondes
Liens
Produits relatifs