VIRUS PUB CID : ET AUTRES
Résolu/Fermé
A voir également:
- VIRUS PUB CID : ET AUTRES
- Bloqueur de pub youtube - Guide
- Youtube sans pub - Guide
- Netflix avec pub avis - Guide
- YT Siphon : une extension pour contourner la pub sur YouTube - Guide
- Stop pub gratuit - Télécharger - Divers Utilitaires
22 réponses
Bonsoir,
Avanta le smith frau fix, ja i fait un scan avec AVG. Ca a été fructueux.Mais j ai pas enregistré le rapport, desolé.
Je poursuit la procédure..
Avanta le smith frau fix, ja i fait un scan avec AVG. Ca a été fructueux.Mais j ai pas enregistré le rapport, desolé.
Je poursuit la procédure..
"Propri‚taire" - 2007-07-14 23:24:18 - ComboFix 07-07-14.6 - Service Pack 2 NTFS
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\PROPRI~1\Bureau.\internet explorer.lnk
C:\WINDOWS\system32\cfx32.ocx
((((((((((((((((((((((((( Files Created from 2007-06-14 to 2007-07-14 )))))))))))))))))))))))))))))))
2007-07-14 23:22 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-14 23:10 66,048 --a------ C:\WINDOWS\ieResetIcons.exe
2007-07-14 21:12 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-07-14 21:08 <REP> d-------- C:\VundoFix Backups
2007-07-14 20:18 <REP> d-------- C:\Program Files\Sophos
2007-07-12 17:21 <REP> d-------- C:\WINDOWS\ERUNT
2007-07-12 16:42 786,432 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\WINDOWS
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\Voisinage r‚seau
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\Voisinage d'impression
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\ModŠles
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\Mes documents
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\Menu D‚marrer
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\Favoris
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\Bureau
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\VERITAS
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\SampleView
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust
2007-07-11 23:13 <REP> d-------- C:\Program Files\Lavasoft
2007-07-09 22:43 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
2007-07-09 22:42 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2007-07-09 22:34 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
2007-07-09 22:27 <REP> d-------- C:\Program Files\CCleaner
2007-07-09 21:59 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-07-09 21:57 <REP> d-------- C:\Program Files\Navilog1
2007-07-09 20:39 <REP> d-------- C:\Program Files\íslam'da Evlilik ve Aile Hayatì 2.0
2007-07-09 17:31 <REP> d-------- C:\Vietcong
2007-07-05 13:15 <REP> d-------- C:\DOCUME~1\MASTER~1\Shared
2007-07-05 13:14 <REP> d-------- C:\DOCUME~1\MASTER~1\Incomplete
2007-07-05 13:14 <REP> d-------- C:\DOCUME~1\MASTER~1\APPLIC~1\LimeWire
2007-07-05 10:22 <REP> d-------- C:\Program Files\PKR
2007-07-04 19:55 <REP> d-------- C:\DOCUME~1\MASTER~1\APPLIC~1\Google
2007-07-04 19:48 <REP> d-------- C:\DOCUME~1\MASTER~1\Contacts
2007-07-04 19:43 <REP> d-------- C:\DOCUME~1\MASTER~1\APPLIC~1\Real
2007-07-04 19:43 <REP> d-------- C:\DOCUME~1\MASTER~1\APPLIC~1\PC Suite
2007-07-04 19:42 2,883,584 --ah----- C:\DOCUME~1\MASTER~1\NTUSER.DAT
2007-07-04 19:42 <REP> dra------ C:\DOCUME~1\MASTER~1\Mes documents
2007-07-04 19:42 <REP> dra------ C:\DOCUME~1\MASTER~1\Favoris
2007-07-04 19:42 <REP> d-a------ C:\DOCUME~1\MASTER~1\WINDOWS
2007-07-04 19:42 <REP> d-a------ C:\DOCUME~1\MASTER~1\Voisinage r‚seau
2007-07-04 19:42 <REP> d-a------ C:\DOCUME~1\MASTER~1\Voisinage d'impression
2007-07-04 19:42 <REP> d-a------ C:\DOCUME~1\MASTER~1\ModŠles
2007-07-04 19:42 <REP> d-a------ C:\DOCUME~1\MASTER~1\Menu D‚marrer
2007-07-04 19:42 <REP> d-a------ C:\DOCUME~1\MASTER~1\Bureau
2007-07-04 19:42 <REP> d-a------ C:\DOCUME~1\MASTER~1\APPLIC~1\VERITAS
2007-07-04 19:42 <REP> d-a------ C:\DOCUME~1\MASTER~1\APPLIC~1\Symantec
2007-07-04 19:42 <REP> d-a------ C:\DOCUME~1\MASTER~1\APPLIC~1\SampleView
2007-07-04 19:42 <REP> d-a------ C:\DOCUME~1\MASTER~1\APPLIC~1\InterTrust
2007-07-04 10:09 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
2007-07-04 10:09 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
2007-07-02 22:07 <REP> d-------- C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
2007-07-02 22:01 <REP> d-------- C:\Program Files\VideoLAN
2007-07-01 12:56 <REP> d-------- C:\DOCUME~1\LEB~1.G\Contacts
2007-07-01 11:14 <REP> d-------- C:\DOCUME~1\LEB~1.G\APPLIC~1\Google
2007-07-01 11:13 <REP> d-------- C:\DOCUME~1\LEB~1.G\APPLIC~1\Real
2007-07-01 11:13 <REP> d-------- C:\DOCUME~1\LEB~1.G\APPLIC~1\PC Suite
2007-07-01 11:12 1,572,864 --ah----- C:\DOCUME~1\LEB~1.G\NTUSER.DAT
2007-07-01 11:12 <REP> dra------ C:\DOCUME~1\LEB~1.G\Mes documents
2007-07-01 11:12 <REP> dra------ C:\DOCUME~1\LEB~1.G\Favoris
2007-07-01 11:12 <REP> d-a------ C:\DOCUME~1\LEB~1.G\WINDOWS
2007-07-01 11:12 <REP> d-a------ C:\DOCUME~1\LEB~1.G\Voisinage r‚seau
2007-07-01 11:12 <REP> d-a------ C:\DOCUME~1\LEB~1.G\Voisinage d'impression
2007-07-01 11:12 <REP> d-a------ C:\DOCUME~1\LEB~1.G\ModŠles
2007-07-01 11:12 <REP> d-a------ C:\DOCUME~1\LEB~1.G\Menu D‚marrer
2007-07-01 11:12 <REP> d-a------ C:\DOCUME~1\LEB~1.G\Bureau
2007-07-01 11:12 <REP> d-a------ C:\DOCUME~1\LEB~1.G\APPLIC~1\VERITAS
2007-07-01 11:12 <REP> d-a------ C:\DOCUME~1\LEB~1.G\APPLIC~1\Symantec
2007-07-01 11:12 <REP> d-a------ C:\DOCUME~1\LEB~1.G\APPLIC~1\SampleView
2007-07-01 11:12 <REP> d-a------ C:\DOCUME~1\LEB~1.G\APPLIC~1\InterTrust
2007-06-16 11:58 <REP> d-------- C:\Program Files\bibpileboob
2007-06-16 11:57 <REP> d-------- C:\Program Files\Windows Live
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-07-14 20:53:23 12 ----a-w C:\WINDOWS\bthservsdp.dat
2007-07-14 17:51:50 -------- d-----w C:\Program Files\Hijackthis Version Française
2007-07-12 19:52:52 -------- d-----w C:\DOCUME~1\PROPRI~1\APPLIC~1\bibpileboob
2007-07-12 15:05:41 -------- d-----w C:\Program Files\Common Files
2007-07-11 12:06:56 76,136 ----a-w C:\WINDOWS\system32\perfc00C.dat
2007-07-11 12:06:56 469,622 ----a-w C:\WINDOWS\system32\perfh00C.dat
2007-07-09 21:04:24 -------- d-----w C:\Program Files\LimeWire
2007-07-09 19:56:57 -------- d-----w C:\Program Files\MSN Messenger
2007-07-09 19:56:55 -------- d-----w C:\Program Files\Messenger Plus! Live
2007-07-09 18:39:54 -------- d-----w C:\Program Files\Ýslam'da Evlilik ve Aile Hayatý 2.0
2007-07-09 16:06:52 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-07-09 16:05:31 -------- d-----w C:\Program Files\GameSpy Arcade
2007-06-30 09:46:00 -------- d-----w C:\DOCUME~1\PROPRI~1\APPLIC~1\Screenshot Sender
2007-06-13 10:35:20 -------- d-----w C:\Program Files\DivX
2007-06-13 10:09:09 -------- d-----w C:\Program Files\FlashGet
2007-06-10 17:35:39 -------- d-----w C:\Program Files\adslTV
2007-06-07 18:37:14 71,749 ----a-w C:\WINDOWS\hcextoutput.dll
2007-06-07 18:37:14 267,845 ----a-w C:\WINDOWS\tsc.exe
2007-06-07 18:37:13 86,094 ----a-w C:\WINDOWS\BPMNT.dll
2007-06-07 18:37:13 1,101,904 ----a-w C:\WINDOWS\vsapi32.dll
2007-06-07 18:33:02 507,904 ----a-w C:\WINDOWS\TMUPDATE.DLL
2007-06-07 18:33:01 69,689 ----a-w C:\WINDOWS\UNZIP.DLL
2007-06-07 18:33:01 286,720 ----a-w C:\WINDOWS\PATCH.EXE
2007-06-05 19:50:20 128,000 ----a-w C:\WINDOWS\system32\Dsslji.dat
2007-06-04 13:18:48 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-06-04 13:17:02 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-06-04 13:14:56 6,272 ----a-w C:\WINDOWS\system32\drivers\AWRTPD.sys
2007-06-03 10:42:12 -------- d-----w C:\DOCUME~1\PROPRI~1\APPLIC~1\uTorrent
2007-06-01 10:19:48 -------- d-----w C:\Program Files\Windows Live Toolbar
2007-06-01 06:20:30 51,568 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-05-28 21:47:40 -------- d-----w C:\DOCUME~1\PROPRI~1\APPLIC~1\TaoUSign
2007-05-28 12:03:32 -------- d-----w C:\DOCUME~1\PROPRI~1\APPLIC~1\DataLayer
2007-05-28 12:01:35 -------- d-----w C:\Program Files\Nokia
2007-05-28 12:00:26 -------- d-----w C:\Program Files\Fichiers communs\PCSuite
2007-05-28 12:00:25 -------- d-----w C:\Program Files\Fichiers communs\Nokia
2007-05-27 11:07:20 -------- d-----w C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
2007-05-26 15:12:18 -------- d-----w C:\Program Files\Google
2007-05-26 10:05:42 -------- d-----w C:\Program Files\DAEMON Tools
2007-05-22 20:38:56 -------- d-----w C:\DOCUME~1\PROPRI~1\APPLIC~1\FlashGet
2007-05-16 15:13:53 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-05-15 10:17:48 -------- d-----w C:\Program Files\a-squared
2007-05-14 22:15:11 -------- d-----w C:\Program Files\Fichiers communs\Borland Shared
2007-05-14 22:15:10 -------- d-----w C:\Program Files\Logisturk
2007-05-14 20:49:08 -------- d-----w C:\Program Files\eMule
2007-04-25 14:22:35 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-04-16 20:44:20 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
2007-04-16 20:44:18 208,248 ----a-w C:\WINDOWS\system32\muweb.dll
2006-07-16 13:53:10 64,736 -c--a-w C:\DOCUME~1\PROPRI~1\APPLIC~1\GDIPFONTCACHEV1.DAT
1998-04-27 23:00:00 570,128 ----a-w C:\Program Files\Fichiers communs\DAO350.DLL
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
2006-10-26 10:28 440384 --a------ C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2001-03-03 03:02 37808 --a------ C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}]
C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{243B17DE-77C7-46BF-B94B-0B5F309A0E64}]
2002-07-17 19:00 163906 --a------ c:\Program Files\Microsoft Money\System\mnyside.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
2005-05-31 02:04 853672 --a------ C:\PROGRA~1\SPYBOT~1\SDHelper.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-03-14 03:43 501400 --a------ C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
2006-08-31 20:33 322368 --a------ C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
2007-01-19 23:56 2436160 -ra------ c:\program files\google\googletoolbar3.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
2007-06-18 12:48 325048 --a------ C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
2007-02-12 15:56 546672 --a------ C:\Program Files\Windows Live Toolbar\msntb.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KYE_Showicon"="C:\Program Files\USB Storage RW\shwicon.exe" [2002-10-25 23:33]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2002-08-22 16:10]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-01-15 19:28]
"Windows Media Connect 2"="C:\Program Files\Windows Media Connect 2\wmccfg.exe" [2006-10-18 22:58]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-19 17:10 C:\WINDOWS\system32\bthprops.cpl]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-06-04 20:42]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-06-24 13:22]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-12-10 16:57]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2005-12-13 08:49]
"ThisByteFilmInfo"="C:\Documents and Settings\All Users\Application Data\Wipe 4 this byte\cdromclose.exe" [2007-06-16 11:58]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIEW"="nview.dll,nViewLoadHook" []
"MoneyAgent"="c:\Program Files\Microsoft Money\System\mnyexpr.exe" [2002-07-17 19:00]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 17:09]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-18 12:48]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2005-11-30 16:56]
"Stop Comp"="C:\DOCUME~1\PROPRI~1\APPLIC~1\BIBPIL~1\pure tool.exe" []
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 10:59]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-06-01 08:21]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"IERESETATTRIB"=%SystemRoot%\system32\cmd.exe /d /q /c %SystemRoot%\system32\ieudinit.exe -ResetFileAttributes
"IERESETICONS"=%SystemRoot%\system32\cmd.exe /d /q /c %SystemRoot%\iereseticons.exe
"Installing-ie7"=C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\IE7-Setup.exe /passive /ieak-full:C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\IXP000.TMP
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
@=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-05-30 14:29]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1a85ea94-9982-11db-a8c4-0040ca4f12ce}]
AutoRun\command- G:\LaunchU3.exe
*Newly Created Service* - AVGASCLN
Contents of the 'Scheduled Tasks' folder
2007-07-14 21:00:00 C:\WINDOWS\tasks\A1C22C079185DC4B.job
2006-05-05 20:16:34 C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1138565234.job
2007-07-14 20:37:01 C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
**************************************************************************
catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-14 23:33:08
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
Completion time: 2007-07-14 23:35:20
C:\ComboFix-quarantined-files.txt ... 2007-07-14 23:34
--- E O F ---
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\PROPRI~1\Bureau.\internet explorer.lnk
C:\WINDOWS\system32\cfx32.ocx
((((((((((((((((((((((((( Files Created from 2007-06-14 to 2007-07-14 )))))))))))))))))))))))))))))))
2007-07-14 23:22 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-14 23:10 66,048 --a------ C:\WINDOWS\ieResetIcons.exe
2007-07-14 21:12 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-07-14 21:08 <REP> d-------- C:\VundoFix Backups
2007-07-14 20:18 <REP> d-------- C:\Program Files\Sophos
2007-07-12 17:21 <REP> d-------- C:\WINDOWS\ERUNT
2007-07-12 16:42 786,432 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\WINDOWS
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\Voisinage r‚seau
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\Voisinage d'impression
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\ModŠles
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\Mes documents
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\Menu D‚marrer
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\Favoris
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\Bureau
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\VERITAS
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\SampleView
2007-07-12 16:42 <REP> d-a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust
2007-07-11 23:13 <REP> d-------- C:\Program Files\Lavasoft
2007-07-09 22:43 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
2007-07-09 22:42 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2007-07-09 22:34 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
2007-07-09 22:27 <REP> d-------- C:\Program Files\CCleaner
2007-07-09 21:59 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-07-09 21:57 <REP> d-------- C:\Program Files\Navilog1
2007-07-09 20:39 <REP> d-------- C:\Program Files\íslam'da Evlilik ve Aile Hayatì 2.0
2007-07-09 17:31 <REP> d-------- C:\Vietcong
2007-07-05 13:15 <REP> d-------- C:\DOCUME~1\MASTER~1\Shared
2007-07-05 13:14 <REP> d-------- C:\DOCUME~1\MASTER~1\Incomplete
2007-07-05 13:14 <REP> d-------- C:\DOCUME~1\MASTER~1\APPLIC~1\LimeWire
2007-07-05 10:22 <REP> d-------- C:\Program Files\PKR
2007-07-04 19:55 <REP> d-------- C:\DOCUME~1\MASTER~1\APPLIC~1\Google
2007-07-04 19:48 <REP> d-------- C:\DOCUME~1\MASTER~1\Contacts
2007-07-04 19:43 <REP> d-------- C:\DOCUME~1\MASTER~1\APPLIC~1\Real
2007-07-04 19:43 <REP> d-------- C:\DOCUME~1\MASTER~1\APPLIC~1\PC Suite
2007-07-04 19:42 2,883,584 --ah----- C:\DOCUME~1\MASTER~1\NTUSER.DAT
2007-07-04 19:42 <REP> dra------ C:\DOCUME~1\MASTER~1\Mes documents
2007-07-04 19:42 <REP> dra------ C:\DOCUME~1\MASTER~1\Favoris
2007-07-04 19:42 <REP> d-a------ C:\DOCUME~1\MASTER~1\WINDOWS
2007-07-04 19:42 <REP> d-a------ C:\DOCUME~1\MASTER~1\Voisinage r‚seau
2007-07-04 19:42 <REP> d-a------ C:\DOCUME~1\MASTER~1\Voisinage d'impression
2007-07-04 19:42 <REP> d-a------ C:\DOCUME~1\MASTER~1\ModŠles
2007-07-04 19:42 <REP> d-a------ C:\DOCUME~1\MASTER~1\Menu D‚marrer
2007-07-04 19:42 <REP> d-a------ C:\DOCUME~1\MASTER~1\Bureau
2007-07-04 19:42 <REP> d-a------ C:\DOCUME~1\MASTER~1\APPLIC~1\VERITAS
2007-07-04 19:42 <REP> d-a------ C:\DOCUME~1\MASTER~1\APPLIC~1\Symantec
2007-07-04 19:42 <REP> d-a------ C:\DOCUME~1\MASTER~1\APPLIC~1\SampleView
2007-07-04 19:42 <REP> d-a------ C:\DOCUME~1\MASTER~1\APPLIC~1\InterTrust
2007-07-04 10:09 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
2007-07-04 10:09 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
2007-07-02 22:07 <REP> d-------- C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
2007-07-02 22:01 <REP> d-------- C:\Program Files\VideoLAN
2007-07-01 12:56 <REP> d-------- C:\DOCUME~1\LEB~1.G\Contacts
2007-07-01 11:14 <REP> d-------- C:\DOCUME~1\LEB~1.G\APPLIC~1\Google
2007-07-01 11:13 <REP> d-------- C:\DOCUME~1\LEB~1.G\APPLIC~1\Real
2007-07-01 11:13 <REP> d-------- C:\DOCUME~1\LEB~1.G\APPLIC~1\PC Suite
2007-07-01 11:12 1,572,864 --ah----- C:\DOCUME~1\LEB~1.G\NTUSER.DAT
2007-07-01 11:12 <REP> dra------ C:\DOCUME~1\LEB~1.G\Mes documents
2007-07-01 11:12 <REP> dra------ C:\DOCUME~1\LEB~1.G\Favoris
2007-07-01 11:12 <REP> d-a------ C:\DOCUME~1\LEB~1.G\WINDOWS
2007-07-01 11:12 <REP> d-a------ C:\DOCUME~1\LEB~1.G\Voisinage r‚seau
2007-07-01 11:12 <REP> d-a------ C:\DOCUME~1\LEB~1.G\Voisinage d'impression
2007-07-01 11:12 <REP> d-a------ C:\DOCUME~1\LEB~1.G\ModŠles
2007-07-01 11:12 <REP> d-a------ C:\DOCUME~1\LEB~1.G\Menu D‚marrer
2007-07-01 11:12 <REP> d-a------ C:\DOCUME~1\LEB~1.G\Bureau
2007-07-01 11:12 <REP> d-a------ C:\DOCUME~1\LEB~1.G\APPLIC~1\VERITAS
2007-07-01 11:12 <REP> d-a------ C:\DOCUME~1\LEB~1.G\APPLIC~1\Symantec
2007-07-01 11:12 <REP> d-a------ C:\DOCUME~1\LEB~1.G\APPLIC~1\SampleView
2007-07-01 11:12 <REP> d-a------ C:\DOCUME~1\LEB~1.G\APPLIC~1\InterTrust
2007-06-16 11:58 <REP> d-------- C:\Program Files\bibpileboob
2007-06-16 11:57 <REP> d-------- C:\Program Files\Windows Live
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-07-14 20:53:23 12 ----a-w C:\WINDOWS\bthservsdp.dat
2007-07-14 17:51:50 -------- d-----w C:\Program Files\Hijackthis Version Française
2007-07-12 19:52:52 -------- d-----w C:\DOCUME~1\PROPRI~1\APPLIC~1\bibpileboob
2007-07-12 15:05:41 -------- d-----w C:\Program Files\Common Files
2007-07-11 12:06:56 76,136 ----a-w C:\WINDOWS\system32\perfc00C.dat
2007-07-11 12:06:56 469,622 ----a-w C:\WINDOWS\system32\perfh00C.dat
2007-07-09 21:04:24 -------- d-----w C:\Program Files\LimeWire
2007-07-09 19:56:57 -------- d-----w C:\Program Files\MSN Messenger
2007-07-09 19:56:55 -------- d-----w C:\Program Files\Messenger Plus! Live
2007-07-09 18:39:54 -------- d-----w C:\Program Files\Ýslam'da Evlilik ve Aile Hayatý 2.0
2007-07-09 16:06:52 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-07-09 16:05:31 -------- d-----w C:\Program Files\GameSpy Arcade
2007-06-30 09:46:00 -------- d-----w C:\DOCUME~1\PROPRI~1\APPLIC~1\Screenshot Sender
2007-06-13 10:35:20 -------- d-----w C:\Program Files\DivX
2007-06-13 10:09:09 -------- d-----w C:\Program Files\FlashGet
2007-06-10 17:35:39 -------- d-----w C:\Program Files\adslTV
2007-06-07 18:37:14 71,749 ----a-w C:\WINDOWS\hcextoutput.dll
2007-06-07 18:37:14 267,845 ----a-w C:\WINDOWS\tsc.exe
2007-06-07 18:37:13 86,094 ----a-w C:\WINDOWS\BPMNT.dll
2007-06-07 18:37:13 1,101,904 ----a-w C:\WINDOWS\vsapi32.dll
2007-06-07 18:33:02 507,904 ----a-w C:\WINDOWS\TMUPDATE.DLL
2007-06-07 18:33:01 69,689 ----a-w C:\WINDOWS\UNZIP.DLL
2007-06-07 18:33:01 286,720 ----a-w C:\WINDOWS\PATCH.EXE
2007-06-05 19:50:20 128,000 ----a-w C:\WINDOWS\system32\Dsslji.dat
2007-06-04 13:18:48 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-06-04 13:17:02 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-06-04 13:14:56 6,272 ----a-w C:\WINDOWS\system32\drivers\AWRTPD.sys
2007-06-03 10:42:12 -------- d-----w C:\DOCUME~1\PROPRI~1\APPLIC~1\uTorrent
2007-06-01 10:19:48 -------- d-----w C:\Program Files\Windows Live Toolbar
2007-06-01 06:20:30 51,568 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-05-28 21:47:40 -------- d-----w C:\DOCUME~1\PROPRI~1\APPLIC~1\TaoUSign
2007-05-28 12:03:32 -------- d-----w C:\DOCUME~1\PROPRI~1\APPLIC~1\DataLayer
2007-05-28 12:01:35 -------- d-----w C:\Program Files\Nokia
2007-05-28 12:00:26 -------- d-----w C:\Program Files\Fichiers communs\PCSuite
2007-05-28 12:00:25 -------- d-----w C:\Program Files\Fichiers communs\Nokia
2007-05-27 11:07:20 -------- d-----w C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
2007-05-26 15:12:18 -------- d-----w C:\Program Files\Google
2007-05-26 10:05:42 -------- d-----w C:\Program Files\DAEMON Tools
2007-05-22 20:38:56 -------- d-----w C:\DOCUME~1\PROPRI~1\APPLIC~1\FlashGet
2007-05-16 15:13:53 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-05-15 10:17:48 -------- d-----w C:\Program Files\a-squared
2007-05-14 22:15:11 -------- d-----w C:\Program Files\Fichiers communs\Borland Shared
2007-05-14 22:15:10 -------- d-----w C:\Program Files\Logisturk
2007-05-14 20:49:08 -------- d-----w C:\Program Files\eMule
2007-04-25 14:22:35 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-04-16 20:44:20 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
2007-04-16 20:44:18 208,248 ----a-w C:\WINDOWS\system32\muweb.dll
2006-07-16 13:53:10 64,736 -c--a-w C:\DOCUME~1\PROPRI~1\APPLIC~1\GDIPFONTCACHEV1.DAT
1998-04-27 23:00:00 570,128 ----a-w C:\Program Files\Fichiers communs\DAO350.DLL
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
2006-10-26 10:28 440384 --a------ C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2001-03-03 03:02 37808 --a------ C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}]
C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{243B17DE-77C7-46BF-B94B-0B5F309A0E64}]
2002-07-17 19:00 163906 --a------ c:\Program Files\Microsoft Money\System\mnyside.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
2005-05-31 02:04 853672 --a------ C:\PROGRA~1\SPYBOT~1\SDHelper.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-03-14 03:43 501400 --a------ C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
2006-08-31 20:33 322368 --a------ C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
2007-01-19 23:56 2436160 -ra------ c:\program files\google\googletoolbar3.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
2007-06-18 12:48 325048 --a------ C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
2007-02-12 15:56 546672 --a------ C:\Program Files\Windows Live Toolbar\msntb.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KYE_Showicon"="C:\Program Files\USB Storage RW\shwicon.exe" [2002-10-25 23:33]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2002-08-22 16:10]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-01-15 19:28]
"Windows Media Connect 2"="C:\Program Files\Windows Media Connect 2\wmccfg.exe" [2006-10-18 22:58]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-19 17:10 C:\WINDOWS\system32\bthprops.cpl]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-06-04 20:42]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-06-24 13:22]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-12-10 16:57]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2005-12-13 08:49]
"ThisByteFilmInfo"="C:\Documents and Settings\All Users\Application Data\Wipe 4 this byte\cdromclose.exe" [2007-06-16 11:58]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIEW"="nview.dll,nViewLoadHook" []
"MoneyAgent"="c:\Program Files\Microsoft Money\System\mnyexpr.exe" [2002-07-17 19:00]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 17:09]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-18 12:48]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2005-11-30 16:56]
"Stop Comp"="C:\DOCUME~1\PROPRI~1\APPLIC~1\BIBPIL~1\pure tool.exe" []
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 10:59]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-06-01 08:21]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"IERESETATTRIB"=%SystemRoot%\system32\cmd.exe /d /q /c %SystemRoot%\system32\ieudinit.exe -ResetFileAttributes
"IERESETICONS"=%SystemRoot%\system32\cmd.exe /d /q /c %SystemRoot%\iereseticons.exe
"Installing-ie7"=C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\IE7-Setup.exe /passive /ieak-full:C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\IXP000.TMP
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
@=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-05-30 14:29]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1a85ea94-9982-11db-a8c4-0040ca4f12ce}]
AutoRun\command- G:\LaunchU3.exe
*Newly Created Service* - AVGASCLN
Contents of the 'Scheduled Tasks' folder
2007-07-14 21:00:00 C:\WINDOWS\tasks\A1C22C079185DC4B.job
2006-05-05 20:16:34 C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1138565234.job
2007-07-14 20:37:01 C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
**************************************************************************
catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-14 23:33:08
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
Completion time: 2007-07-14 23:35:20
C:\ComboFix-quarantined-files.txt ... 2007-07-14 23:34
--- E O F ---
